Heritage Federal Credit Union Privacy Policy

1. Purpose

Heritage Federal Credit Union (Heritage) recognizes its responsibility to protect the privacy of 

each member’s nonpublic personal information. Heritage is committed to providing financial 

products and services that will enable our members to meet their financial needs and goals 

while at the same time protecting the members’ personal information. The purpose of this 

policy is to set forth the guidelines under which such information may be shared with third 

parties. It is the intent of Heritage to abide by all applicable laws and regulations governing 

the privacy of nonpublic personal information including Regulation P (12 CFR 1016) which 

was issued to implement the provisions of the Gramm-Leach-Bliley Act and the Right to 

Financial Privacy Act.

2. Definitions

Affiliate means any company related by common ownership or control. They can be financial 

or nonfinancial companies.

Non-affiliate means any company not related by common ownership or control. They can be 

financial and non-financial companies. 

Consumer means an individual who obtains or has obtained a financial product or service from 

the credit union that is to be used primarily for personal, family, or household purposes, or that 

individual's legal representative.

Joint Marketing means a formal agreement between non-affiliated financial companies that 

together with the credit union market financial products or services. 

Nonpublic personal information means personally identifiable financial information; and any 

list, description, or other grouping of consumers (and publicly available information pertaining 

to them) that is derived using any personally identifiable financial information that is not 

publicly available.

Personally identifiable financial information means any information a consumer provides to 

the credit union to obtain financial products or services from the credit union or as a result 

from any transaction.

3. Guidelines

To ensure that members can rely on the quality of products and services we make available, 

our credit union stands behind the following privacy guidelines:

• The credit union will only collect personal information necessary to conduct our business. 

We collect this information about members from applications and other forms, when verifying information provided on applications and other forms, information about member transactions with us, our affiliates or others, and information we receive from consumer reporting agencies. 

• The credit union discloses nonpublic personal information about its members and former members to companies that offer financial products and services, including insurance products and brokerage companies. The credit union also discloses nonpublic information to other nonaffiliated third parties as permitted by law. 

• The credit union will partner only with businesses that follow strict confidentiality requirements. The businesses we select will offer products designed to enhance our members’ economic well-being. Under no circumstances will we authorize those firms to charge a member’s account without receiving their express consent, and we will not sell member information to telemarketing firms.

 • If the credit union’s privacy disclosure allows for opt-out, members that prefer that we not disclose nonpublic personal information about them to nonaffiliated third parties may opt out of these disclosures, and direct us not to make those disclosures to nonaffiliated third parties.

  • The right to opt out does not apply if Heritage provides nonpublic information to a nonaffiliated third party to perform joint marketing services on our behalf if we: provide the initial privacy notice; and enter into a contractual agreement with the third party that prohibits them from disclosing or using the information for any reason other than to carry out the marketing purpose for which the information was disclosed.

 • The right to opt out does not apply if Heritage’s disclosure of nonpublic personal information is necessary to effect, administer or endorse a transaction that a consumer requests or authorizes; to comply with Federal, state, or local laws, rules and other applicable legal requirements; to comply with a properly authorized civil, criminal, or regulatory investigation, or subpoena or summons by Federal, state, or local authorities; or to respond to an outside firm or a federal examiner (NCUA) for the purpose of completing an official audit or regulatory examination of the credit union. 

 4. Confidentiality and Security Safeguards 

Heritage will protect the personal information of its members. This credit union will maintain commercially reasonable technical, physical, and administrative security controls to ensure that member information in our files and computers is protected. We limit employee access to confidential member financial information to those employees with a business reason for knowing such information.  

If nonpublic personal information is shared with vendors for a business purpose, contracts and agreements between the vendors and the credit union should include language that the vendor will safeguard such information. Heritage does not permit these vendors to sell to other third parties, the information we provide to them.  

 Because no policy can address every possible contingency and circumstances, Heritage management shall use its good faith business judgment in administering this privacy policy,  and expects that all officers, volunteers, and employees will use good faith in their actions to protect the privacy of credit union members.

 5. Disclosure of Privacy Policy 

Heritage will disclose its privacy policies as required by law, in a conspicuous form that the members may keep. The disclosure will be provided at the time we establish a member relationship and delivered to our members thereafter as required by regulation.

  6. Policy Review 

This policy shall be reviewed at least every 24 months, and may be amended by a majority of the Board whenever appropriate.