Privacy Policy

Effective December 30, 2022

United Security Bank California Privacy Notice

Information for California Residents

We collect Personal Data from Consumers and comply with the California Privacy Rights Act (“CPRA”). In addition to our general Privacy Notice available at https://www.unitedsecuritybank.com/privacy-policy, this California Privacy Notice applies to California residents (“Consumers,” “you,” or “your”).

For the purposes of this California Privacy Notice, “Personal Data” means information that is linked or reasonably linkable to a particular individual or household. However, the following categories of information are not Personal Data:

  • Publicly available information;
  • Deidentified or aggregated data; or
  • Information otherwise excluded from the scope of the CPRA.

This Privacy Notice provides the following information to California Consumers:

  • Categories of Personal Data we collect;
  • Purposes for which we use Personal Data;
  • Categories of Personal Data we disclose to third parties;
  • Categories of third parties to which we disclose Personal Data; and
  • How Consumers can exercise their rights under the CPRA:
    • The rights to access, correct, or delete Personal Data;
    • The right to obtain a portable copy of Personal Data;
    • The right to limit the use of sensitive personal data in certain circumstances; and
    • The rights to opt out of the sharing of Personal Data for behavioral advertising, sales of personal data, or certain profiling.

Categories of Non-Sensitive Personal Data

The table below outlines the non-sensitive categories of Personal Data United Security Bank collects about Consumers and whether and how they are disclosed to third parties.

We collect Non-Sensitive Personal Data from the following sources:

  • Directly from our users
  • From our business partners
Category of Personal Data: Identifiers
Examples Identifiers may contain the following: name, data of birth, and government-issued identifier (e.g., driver’s license, Social Security number), IP address, Country, State, City.
Purpose(s) Complying with statutory obligations, verify identities, and to provide financial services or employment opportunities as requested by individuals.
Targeted Advertising We do not engage in targeted advertising or share Personal Information for targeted advertising purposes.
Sale We do not sell Personal Information to anyone.
Sharing This data may be shared with Processors.
Retention Period Between five and ten years after the record made or a resulting account's closure, the extent required by applicable law or for purposes of preventing fraud. In some instances in which no transaction, service or relationship resulted, information may be retained for 2 years. Internet only activity not related to a transaction or customer are retained for 26 months.
Category of Personal Data: Personal Characteristics
Examples Personal Characteristics may contain the following: Address, phone number, customer access ID, e-mail address.
Purpose(s) Complying with statutory obligations, verify identities, and to provide financial services or employment opportunities as requested by individuals.
Targeted Advertising We do not engage in targeted advertising or share Personal Information for targeted advertising purposes.
Sale We do not sell Personal Information to anyone.
Sharing This data may be shared with Processors.
Retention Period Between five and ten years after the record made or a resulting account's closure, the extent required by applicable law or for purposes of preventing fraud. In some instances in which no transaction, service or relationship resulted, information may be retained for 2 years. Internet only activity not related to a transaction or customer are retained for 26 months.
Category of Personal Data: Commercial Information
Examples Commercial Information may contain the following: personal property purchases and transaction information.
Purpose(s) Complying with statutory obligations, verify identities, and to provide financial services or employment opportunities as requested by individuals.
Targeted Advertising We do not engage in targeted advertising or share Personal Information for targeted advertising purposes.
Sale We do not sell Personal Information to anyone.
Sharing This data may be shared with Processors.
Retention Period Between five and ten years after the record made or a resulting account's closure, the extent required by applicable law or for purposes of preventing fraud. In some instances in which no transaction, service or relationship resulted, information may be retained for 2 years.
Category of Personal Data: Internet/Electronic Activity
Examples Internet/Electronic Activity may contain the following: browser name, device ID, device op system.
Purpose(s) Complying with statutory obligations, authenticate identities to prevent fraud, and to provide financial services as requested.
Targeted Advertising We do not engage in targeted advertising or share Personal Information for targeted advertising purposes.
Sale We do not sell Personal Information to anyone.
Sharing This data may be shared with Processors.
Retention Period 26 months.
Category of Personal Data: Sensory Information
Examples Sensory Information may contain the following: video or digital images during transactions or when otherwise on premises.
Purpose(s) Complying with statutory obligations, verify identities, security measures, and to provide financial services or employment opportunities as requested by individuals.
Targeted Advertising We do not engage in targeted advertising or share Personal Information for targeted advertising purposes.
Sale We do not sell Personal Information to anyone.
Sharing This data may be shared with Processors.
Retention Period 2 years unless law enforcement requests a longer period.
Category of Personal Data: Professional Information
Examples Professional Information may contain the following: work history. employer, prior employer, source of income. licenses or certifications.
Purpose(s) Complying with statutory obligations, verify identities, and to provide financial services or employment opportunities as requested by individuals.
Targeted Advertising We do not engage in targeted advertising or share Personal Information for targeted advertising purposes.
Sale We do not sell Personal Information to anyone.
Sharing This data may be shared with Processor.
Retention Period Between five and ten years after the record made or a resulting account's closure, the extent required by applicable law or for purposes of preventing fraud. In some instances in which no transaction, service or relationship resulted, information may be retained for 2 years.
Category of Personal Data: Educational Information
Examples Educational Information may contain the following: student records, certifications and directory information.
Purpose(s) Complying with statutory obligations, and to provide employment opportunities as requested by individuals.
Targeted Advertising We do not engage in targeted advertising or share Personal Information for targeted advertising purposes.
Sale We do not sell Personal Information to anyone.
Sharing This data may be shared with Processors.
Retention Period Two years after the record was made unless employment results, and then for two years after the employment relationship ends.

Categories of Sensitive Personal Data

The table below outlines the categories of Sensitive Personal Data United Security Bank collects about Consumers and whether they are shared with third parties. United Security Bank obtains affirmative consent from Consumers to process the Sensitive Personal Data, in compliance with applicable law.

We collect Sensitive Personal Data from the following sources:

  • Directly from our users
Category of Sensitive Personal Data: Government ID Data
Examples Government ID Data may contain the following: Driver's license information, military identification information or passport.
Purpose(s) Complying with statutory obligations, verify identities, and to provide financial services or employment opportunities as requested by individuals.
Targeted Advertising We do not engage in targeted advertising or share Personal Information for targeted advertising purposes.
Sale We do not sell Personal Information to anyone.
Sharing This data may be shared with Processors.
Retention Period For customers, between five and ten years after the record made or a resulting account's closure, the extent required by applicable law or for purposes of preventing fraud For job applicants and employees - Two years after the record was made unless employment results, and then for two years after the employment relationship ends. In some instances in which no transaction or service resulted, information may be retained for 2 years.
Category of Sensitive Personal Data: Sensitive Category Data
Examples Sensitive Category Data may contain the following: Social Security, Driver's License, Passport and/or State ID Card number, genetic data.
Purpose(s) Complying with statutory obligations, verify identities, and to provide financial services or determine eligibility for employment opportunities as requested by individuals.
Targeted Advertising We do not engage in targeted advertising or share Personal Information for targeted advertising purposes.
Sale We do not sell Personal Information to anyone.
Sharing This data may be shared with Processors.
Retention Period For customers, between five and ten years after the record made or a resulting account's closure, the extent required by applicable law or for purposes of preventing fraud For job applicants and employees - Two years after the record was made unless employment results, and then for two years after the employment relationship ends. In some instances in which no transaction or service resulted, information may be retained for 2 years.
Category of Sensitive Personal Data: Financial Data
Examples Financial Data may contain the following: financial history, bank account information, information from credit reference agencies and fraud prevention agencies.
Purpose(s) Complying with statutory obligations, verify identities, and to provide financial services as requested by individuals.
Targeted Advertising We do not engage in targeted advertising or share Personal Information for targeted advertising purposes.
Sale We do not sell Personal Information to anyone.
Sharing This data may be shared with Processors.
Retention Period For customers, between five and ten years after the record made or a resulting account's closure, the extent required by applicable law or for purposes of preventing fraud For job applicants and employees - Two years after the record was made unless employment results, and then for two years after the employment relationship ends. In some instances in which no transaction or service resulted, information may be retained for 2 years.
Category of Sensitive Personal Data: Biometric Data
Examples Biometric Data may contain the following: fingerprint or facial scan features may be used to authenticate user in accessing bank online products, fingerprints for employee background check, urine collected by third party for employee drug testing.
Purpose(s) Complying with statutory obligations, verify identities, and to provide financial services or determine eligibility for employment opportunities as requested by individuals.
Targeted Advertising We do not engage in targeted advertising or share Personal Information for targeted advertising purposes.
Sale We do not sell Personal Information to anyone.
Sharing This data is not shared with third parties.
Retention Period Not collected, controlled or retained by the bank. Subject to vendor's retention schedule.

Use of Personal Data

We use Personal Data for the purposes described in our general Privacy Notice (see https://www.unitedsecuritybank.com/privacy-policy). Personal Data may also be used or disclosed as otherwise permitted or required by applicable law.

Disclosing Personal Data

We share Personal Data with the following categories of third parties:

  • Processors: We use processors to securely handle Personal Data on our behalf and only on our instructions. These companies may not use your Personal Data for their own purposes.

See the tables above for more details about how different categories of Personal Data are shared.

We do not sell Personal Data to anyone.

Exercising Your Personal Data Rights

California Consumers have the following rights under the CPRA:

  • The rights to access, correct, or delete Personal Data;
  • The right to obtain a portable copy of Personal Data;
  • The right to limit the use of Sensitive Personal Data in certain circumstances; and
  • The rights to opt out of the sharing of Personal Data for behavioral advertising, sales of personal data, or certain profiling.

If you are a California Consumer, you can submit a request to exercise your personal data rights under the CPRA by visiting our online portal at https://www.unitedsecuritybank.com/personal-information-rights-request or calling our toll-free number at 1-888-683-6030, or sending an email to privacy@unitedsecuritybank.com with the subject line ‘Privacy Rights Request". To submit an opt-out request, you may United Security Bank only provides an opt-out for cookies usage during a visitation on the bank's website. This option is available at "www.unitedsecuritybank.com". The bank does not collect or use information for any use except to provide the products and services requested, and never sells your information.. To protect your privacy, we may need to authenticate your identity before we respond to your rights request. We will use commercially reasonable efforts to verify your identity for this purpose. Any information you provide to authenticate your identity will only be used to process your rights request. Please be aware that we do not accept or process rights requests through other means (e.g., via fax or social media).

After submitting your request online, you will receive a follow-up email, which may include a link you must click on in order to verify your identity. If you do not click on that link, we may be unable to complete your request due to lack of verification. It is important that you provide a valid email address in order for us to be able to process your request.

We will respond to your rights request within 45 days, though in certain cases we may inform you that we will need up to another 45 days to act on your request. If we suspect fraudulent or malicious activity on or from your account, we will delay taking action on your request until we can appropriately verify your identity and the request as authentic. Also note that each of the rights are subject to certain exceptions.

We reserve the right to decline to process, or charge a reasonable fee for, requests from a Consumer that are manifestly unfounded, excessive, or repetitive.

Limiting the Use of Sensitive Personal Data

The CPRA provides a right to limit some uses of Sensitive Personal Data. In particular, you may direct companies not to use Sensitive Personal Data except as necessary to provide goods or services you have requested.

You may submit a request to limit the use of your sensitive Personal Data by submitting a rights request as described above.

Authorized Agent Requests

The CPRA allows you to designate an authorized agent to make a rights request on your behalf. Your authorized agent may submit such a request by following the same method described above. We may require verification of your authorized agent in addition to the information for verification above for Consumers and households.

Contact Us

If you have any questions or concerns regarding this California Privacy Notice, contact us at privacy@unitedsecuritybank.com.