Online Privacy, Security & Accessibility
Website Accessibility Statement
Citadel is committed to enhancing our site and increasing accessibility and usability for all of our members. Our accessibility efforts are based on the World Wide Web Consortium’s (W3C) Web Content Accessibility Guidelines 2.0 Level AA (WCAG 2.0 AA). Our website will be tested on a periodic basis with assistive technology such as screen readers and screen magnifiers, and with users with disabilities who use these technologies..
Please be aware that our efforts are ongoing. If you encounter an accessibility issue, please Contact Us. We will make all reasonable efforts to make each page of our website accessible for you.
Online Privacy & Security Policy
Citadel Credit Union understands the importance of protecting your privacy. This online privacy and security policy describes how Citadel collects, uses, shares, and protects information when you visit or use www.citadelbanking.com.
Types of Information We Collect
When you visit and browse the Website or Apps, we are able to collect information that could be reasonably used to indirectly identify you individually, such as your physical location, the device you are using and the Internet Service Provider (ISP) you are using. We can also record the date, time, and pages visited while you are at our site and the type of web browser and operating system you use. We do this to determine how individuals use the Website and services so that we can enhance a user’s experience and make the Website and services more useful for customers.
When you request information or make an application for services, we collect personally identifiable information that you provide to us directly, such as by completing an online form, application, field, or survey. Personally identifiable information means information that directly identifies you or can be used to directly identify you. Examples may include your name, mailing address, phone number, email address, date of birth, social security number, driver’s license number, and account numbers. We will retain your personal information for as long as your account is active or as needed to provide you services. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
In addition to the personal information described above, we also collect anonymous demographic information, which is not unique to you, such as your zip code, region, preferences, interests, and favorites. When you use our online or mobile banking services, you also may be required to enter information we believe is necessary to safely process your transaction, such as your digital banking Login ID and password.
How We Collect Information
- IP Address – Your IP Address is a number automatically assigned to the device you’re using by your Internet Service Provider (ISP). An IP address is identified and logged automatically in our server log files whenever a user visits the Website, along with the time of the visit and the page(s) that were visited. Collection of IP addresses is standard practice on the internet and is done automatically by many websites. We use IP addresses for purposes such as calculating site usage levels, helping diagnose server problems, to personalize/tailor your experience while engaging with us online and offline, for compliance and security purposes, for advertising and administering the Website. The Controls & Alerts App periodically collects, transmits, and uses geolocation information to enable features that prevent fraudulent card use and to send alerts, but only if the End User expressly authorizes the collection of such information. Geolocation information can be monitored on a continuous basis in the background only while the App is being used or not at all, depending on the End User’s selection. End Users can change their location permissions at any time in their device settings.
- Aggregated Data – Aggregated Data is data that we may create or compile from various sources, including but not limited to, accounts and transactions. We use this information, which does not identify individual account holders, for our business purposes, which may include offering products or services, research, marketing, or analyzing market trends and other purposes consistent with applicable laws.
- Do Not Track Signals (“DNT”) – Do Not Track Signals refer to an HTTP header used by Internet web browsers to request a web application disable its tracking or cross-site user tracking. When DNT is enabled, a user’s web browser adds a header to content requests indicating that the user does not want to be tracked. California law requires us to disclose how we respond to web browser DNT signals. We do not respond to or take any action with respect to a DNT configuration set in your internet browser, and therefore, do not disable tracking.
- Social Security Numbers – As required by law, in the normal course of business, Citadel collects Social Security numbers in establishing, maintaining, and servicing member accounts. We implement reasonable measures to protect the confidentiality of Social Security numbers, to prohibit unlawful disclosure of Social Security numbers, and to limit access to Social Security numbers.
Mobile App Permissions
|Permissions||Why We Collect This Information|
|Location||We may need this information for regulatory and security purposes, or to provide certain location-based services (i.e. to location a Citadel branch or ATM).|
|Phone||We may need this information to permit one-touch dialing within our app. Citadel will not access your phone log and to read your phone status and identity.|
|Camera / Photos / Media||The Citadel app requests access, with your consent, to capture and populate information to permit access and to process certain transactions (i.e. facial recognition log-on, mobile deposits).|
|Wearables||The Citadel app requests access, with your consent to wearables to permit access to account balances.|
|Device and App History||
We may use this information to:
|Storage||We may need this information to modify or delete SD card contents or to read the contents of your shared storage.|
|Contacts||We may need this information to access your contacts to process certain transactions (i.e. person to person payments).|
|Other||We may need this information to:
Read the full Citadel's Privacy & Security Policy