Well developed yucca plants sprouting over a plain with mountains in the background

Privacy Policy

Application Privacy Policy

Within the Visa infrastructure, data is securely stored and transmitted using
standard industry practices that adhere to PCI-DSS security standards.
Specifically, Visa adheres to the following principles:

  • Data in transit is encrypted.
    • For transmission of sensitive data within internal networks, the channel
      is encrypted.
    • For external transmissions, the data and channel are both encrypted.
  • Sensitive data at rest is encrypted. Data at rest (stored in the database) is
    protected through the following controls:

    • Production systems are protected using a Visa zone security
      architecture that ensures bank data at rest is in restricted zones that are
      segmented from other zones, and that Visa corporate networks are
      segmented by firewalls and not accessible from the Internet.
    • Firewall restrictions include: IP, application, and data type.1/14/20
    • Procedures are in place for strict logical access to data; access to
      production data is on an individual and by-request basis, restricted to
      promote separation of duties, and inclusive of annual access
      certifications.
    • IDS/IPS are in place with the zone architecture to prevent common
      application attacks.
  • PI are collected, received, used, processed, stored and/or disclosed in
    accordance with the requirements defined by the Key Controls, the
    European General Data Protection Regulation (GDPR), California Consumer
    Protection Act (CCPA), the Gramm Leach-Bliley Act (GLBA), the Payment
    Card Industry Data Security Standards (PCI-DSS), the Personal Information
    Policy and Records, and Information Management Policy.
  • Visa engages a qualified security assessor (QSA) annually to validate Visa’s
    compliance with PCI-DSS.
    In order to provide services to cardholders, we collect and store the following
    information on our secure infrastructure:
  • Mobile account information
    • Username
    • Password
  • Device information
    • Manufacturer
    • Model
    • Operating system
    • Unique device identifiers
    • IP addresses
  • Cardholder information
    • First Name
    • Last Name
    • Email Addresses
    • Phone Numbers
  • Card details
    • Card number1/14/20
    • Card Expiration Date
    • Billing Address
    • Card Nickname
    • CVV2 (collected for validation purposes but not stored)

 

  • Why do we store the above-referenced data?
    • For security purposes, we store device information and monitor
      activity.
    • For analytical and reporting purposes, we store information about
      mobile application usage and participation in card services.
    • For customer service and troubleshooting purposes, we store detailed
      information about system events.
  • No sensitive information is stored on the mobile device. However, the
    following may be securely stored on the device:

    • Payment tokens may be stored in a secure cryptography protected
      white box.
    • Long-lived user tokens used for fingerprint authentication.
  • In cases where data must be passed to external systems/parties to support
    a service, cardholders must opt-in to the service via the app.
FACTS WHAT DOES CNB BANK DO WITH YOUR PERSONAL INFORMATION?
Why? Financial companies choose how they share your personal information. Federal law gives consumers the right to limit some but not all sharing. Federal law also requires us to tell you how we collect, share, and protect your personal information. Please read this notice carefully to understand what we do.
What? The types of personal information we collect and share depend on the product or service you have with us. This information can include:
  • Social Security number and income
  • Account balances and payment history
  • Credit history and credit scores
When you are no longer our customer, we continue to share your information as described in this notice.
How? All financial companies need to share customers' personal information to run their everyday business. In the section below, we list the reasons financial companies can share their customers' personal information; the reasons CNB BANK choose to share; and whether you can limit this sharing.
Reasons we can share your personal information Does CNB BANK share? Can you limit this sharing?
For our everyday business purposes-such as to process your transactions, maintain your account(s), respond to court orders and legal investigations, or report to credit bureaus Yes No
For our marketing purposes-to offer our products and services to you No We don't share
For joint marketing with other financial companies No We don't share
For our affiliates' everyday business purposes-information about your transactions and experiences No We don't share
For our affiliates' everyday business purposes-information about your creditworthiness No We don't share
For nonaffiliates to market to you No We don't share
Who we are
Who is providing this notice? CNB BANK
What we do
How does CNB BANK protect my personal information? To protect your personal information from unauthorized access and use, we use security measures that comply with federal law. These measures include computer safeguards and secured files and buildings.
How does CNB BANK collect my personal information? We collect your personal information, for example, when you
  • Open an account or use your credit or debit card
  • Deposit Money or give us your contact information
  • Apply for a loan
We also collect your personal information from others, such as credit bureaus, affiliates, or other companies.
Why can't I limit all sharing? Federal law gives you the right to limit only
  • Sharing for affiliates' everyday business purposes - information about your creditworthiness
  • Affiliates from using your information to market to you
  • Sharing for nonaffiliates to market to you
State laws and individual companies may give you additional rights to limit sharing.
Definitions
Affiliates Companies related by common ownership or control. They can be financial and nonfinancial companies.
  • CNB BANK has no affliates.
Nonaffiliates Companies not related by common ownership or control. They can be financial and nonfinancial companies.
  • CNB BANK does not share with nonaffiliates so they can market to you.
Joint marketing A formal agreement between nonaffiliated financial companies that together market financial products or services to you.
  • CNB BANK doesn't jointly market.
Other Important Information

For Alaska, Illinois, Maryland and North Dakota Customers. We will not share personal information with nonaffiliates either for them to market to you or for joint marketing – without your authorization.
For California Customers. We will not share personal information with nonaffiliates either for them to market to you or for joint marketing – without your authorization. We will also limit our sharing of personal information about you with our affiliates to comply with all California privacy laws that apply to us.
For Massachusetts, Mississippi and New Jersey Customers. We will not share personal information from deposit or share relationships with nonaffiliates either for them to market to you or for joint marketing – without your authorization.

Chat with a representative