Finvera Bank
FDIC Insured · Member FDIC
This Privacy Policy describes how Finvera Bank collects, uses, shares, and protects personal information in connection with our banking services.
Effective Date
January 1, 2024
Last Updated
February 11, 2024
Version
3.2
Understanding our commitment to your privacy
Finvera Bank ("Finvera," "we," "us," or "our") is committed to protecting the privacy and security of personal information. This Privacy Policy applies to information collected through our websites, mobile applications, branches, and other channels through which you interact with our services.
As a financial institution, we are subject to strict regulatory requirements governing the collection, use, and protection of customer information. This policy is designed to comply with applicable privacy laws, including the Gramm-Leach-Bliley Act (GLBA), California Consumer Privacy Act (CCPA), General Data Protection Regulation (GDPR) where applicable, and other federal and state privacy regulations.
By using our services, you consent to the data practices described in this policy. If you do not agree with this Privacy Policy, you should not access or use our services.
This Privacy Policy applies to all customers, former customers, and website visitors. It covers information collected online and offline, including information obtained through account applications, transactions, customer service interactions, and third-party sources.
Categories of personal information we obtain
We collect personal identifiers necessary to establish and maintain your account, verify your identity, and comply with federal banking regulations including Know Your Customer (KYC) and Anti-Money Laundering (AML) requirements.
Financial data is collected to process transactions, maintain your accounts, and provide banking services.
We automatically collect certain technical information when you use our digital services to improve functionality, security, and user experience.
With your explicit consent, we may collect biometric data for enhanced security and identity verification purposes.
We may obtain information about you from third parties, including:
Purposes for which we process your personal data
We use the information we collect for the following purposes:
Lawful grounds for collecting and using your information
We process your personal information based on the following legal grounds:
Processing is necessary to fulfill our contractual obligations to you, including account management, transaction processing, and service provision under your account agreement.
Processing is required to comply with federal and state banking regulations, including AML, KYC, tax reporting requirements, and responses to lawful government requests.
Processing is necessary for our legitimate business interests, such as fraud prevention, risk management, product development, and network security, balanced against your privacy rights.
Where required by law, we obtain your explicit consent for certain processing activities, such as marketing communications, biometric data collection, and sharing information with third parties for non-essential purposes.
How and when we share your information with third parties
Finvera Bank does not sell your personal information to third parties for monetary consideration. We do not share your information with unaffiliated third parties for their own marketing purposes without your explicit consent.
We share information with third-party service providers who perform services on our behalf, including payment processors, data analytics providers, IT service providers, customer support platforms, and marketing vendors. These providers are contractually obligated to protect your information and use it only for authorized purposes.
Information may be shared among Finvera Bank affiliates and subsidiaries to provide joint products and services, prevent fraud, and improve customer experience. All affiliates adhere to privacy standards consistent with this policy.
We disclose information when required by law, including responses to subpoenas, court orders, and regulatory inquiries. We also report suspicious activity to FinCEN and other appropriate authorities as required under the Bank Secrecy Act.
We report account information to credit bureaus to help maintain accurate credit reporting. We may also obtain credit reports when you apply for products or services requiring creditworthiness assessment.
In the event of a merger, acquisition, reorganization, or sale of assets, your information may be transferred to the acquiring entity, subject to the same privacy protections outlined in this policy.
Technical and organizational measures to protect your information
Finvera Bank employs industry-standard security measures to protect your personal information from unauthorized access, disclosure, alteration, and destruction. Our security program includes:
While we implement robust security measures, you also play a critical role in protecting your information:
In the event of a data breach involving your personal information, we will notify you and relevant regulatory authorities as required by applicable law. Notification will be provided without unreasonable delay and will include information about the nature of the breach, affected information, and steps you should take to protect yourself.
How long we keep your personal information
We retain personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, comply with legal and regulatory requirements, resolve disputes, and enforce our agreements.
Information related to active accounts is retained for the duration of the customer relationship and for a minimum of seven years after account closure, as required by federal banking regulations and the Bank Secrecy Act.
Transaction records, including wire transfers, ACH transactions, and check images, are retained for a minimum of seven years to comply with regulatory requirements and support potential audits or investigations.
Credit applications and associated documentation are retained for at least 25 months following the creditor's notification of action taken, in compliance with the Equal Credit Opportunity Act (ECOA).
Non-essential marketing and analytics data is retained only as long as necessary for the specific purpose and is subject to periodic review and deletion.
Retention periods may be extended when information is subject to legal holds, ongoing investigations, litigation, or other legal proceedings. In such cases, information will be retained until the matter is resolved and applicable retention requirements are met.
How to exercise control over your personal information
Depending on your jurisdiction, you may have certain rights regarding your personal information:
You have the right to request access to the personal information we hold about you. We will provide a copy of your information in a structured, commonly used format within 30 days of your request.
You may request correction of inaccurate or incomplete personal information. We will review and update your information as appropriate, subject to verification of your identity.
You may request deletion of your personal information, subject to legal and regulatory retention requirements. We cannot delete information required for compliance with banking regulations.
You have the right to opt out of marketing communications, data sharing with affiliates for marketing purposes, and certain automated decision-making processes.
Where technically feasible, you may request a copy of your personal information in a portable format that can be transmitted to another financial institution.
You may request restrictions on how we process your personal information in certain circumstances, such as while disputing the accuracy of your information.
To exercise any of these rights, please contact our Privacy Office using the contact information provided at the end of this policy. We will respond to your request within the timeframe required by applicable law, typically 30-45 days.
Verification Required: To protect your privacy and security, we will verify your identity before processing requests. You may be asked to provide additional information to confirm your identity.
California residents have additional rights under the California Consumer Privacy Act (CCPA):
California residents may submit requests by calling 1-800-FINVERA or emailing privacy@finvera-.com.
We use cookies, web beacons, and similar tracking technologies to enhance your online experience, analyze website usage, and deliver personalized content. Cookies are small text files stored on your device that help us recognize you and remember your preferences.
Necessary for website functionality, security, and fraud prevention. These cookies cannot be disabled as they are required for core banking operations.
Help us understand how visitors interact with our website by collecting anonymous usage data. This information helps us improve website performance and user experience.
Enable enhanced functionality and personalization, such as remembering your preferences, language settings, and recently viewed products.
Used to deliver relevant advertisements and track campaign effectiveness. These cookies may track your browsing activity across different websites.
You can manage your cookie preferences through your browser settings. Most browsers allow you to:
Please note that disabling cookies may affect the functionality of our website and limit your ability to use certain features, including online banking services.
Some browsers support "Do Not Track" (DNT) signals. Our website does not currently respond to DNT signals, as there is no industry-wide standard for how to interpret and respond to these signals. We will continue to monitor developments in this area.
Our policy regarding minors under 13
Finvera Bank does not knowingly collect personal information from children under the age of 13 without parental consent. Our services are intended for adults and emancipated minors who are legally able to enter into binding contracts.
Accounts opened for minors under 18 require a parent or legal guardian as a joint account holder. In such cases:
If we become aware that we have collected personal information from a child under 13 without proper parental consent, we will take steps to delete such information promptly. Parents or guardians who believe we may have inadvertently collected information from a child under 13 should contact our Privacy Office immediately.
How we handle cross-border data transfers
Finvera Bank is headquartered in the United States. Your personal information may be transferred to, stored, and processed in the United States or other countries where our service providers operate. These countries may have data protection laws that differ from those in your country of residence.
For customers in the European Economic Area, we ensure that international transfers of personal data comply with GDPR requirements through:
When transferring personal information internationally, we implement appropriate safeguards to ensure your information receives adequate protection, including contractual obligations on recipients, encryption during transmission, and ongoing monitoring of transfer mechanisms.
You have the right to obtain information about the safeguards we use for international data transfers. You may also object to certain transfers or request that your data be stored only in specific jurisdictions, subject to operational and legal limitations.
How we communicate changes to this Privacy Policy
We reserve the right to update this Privacy Policy periodically to reflect changes in our practices, services, legal requirements, or technological developments. When we make material changes, we will notify you through one or more of the following methods:
We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information. The "Last Updated" date at the top of this policy indicates when it was most recently revised.
Continued use of our services after policy updates constitutes acceptance of the revised terms. If you do not agree with changes to the Privacy Policy, you should discontinue use of our services and contact us to close your accounts.
How to reach us with privacy questions or concerns
If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact our Privacy Office:
Mailing Address
Finvera Bank - Privacy Office
Attn: Chief Privacy Officer
1000 Financial Plaza
Seattle, WA 98101
You also have the right to file a complaint with relevant regulatory authorities:
Consumer Financial Protection Bureau
www.consumerfinance.govFederal Trade Commission
www.ftc.govState Attorney General
Contact your state's Attorney General office for state-specific privacy complaints
We are committed to responding to all privacy inquiries and requests promptly. You can expect a response within 30 days of receipt, or 45 days for complex requests. If we require additional time, we will notify you of the extension and the reason for the delay.