Privacy Policy
Our policies and procedures are designed to protect personal information about our clients and their customers. This Privacy Policy (“Policy”) will help you understand how we collect, use, share and protect any personal information.
In general, we collect and process personal information necessary to issue financial service products (e.g., name, address, telephone number, payment information), to assist you if you need to file a claim or obtain a benefit (for example, your health information), or to provide information on our products or special offers. We also are required to collect and process certain personal information to meet legal and regulatory requirements (for example, to verify identity). While we share information with credit unions, our affiliates, service providers, and other businesses that we work with to provide our products and services (“Business Partners”), we do not sell your personal information, and we prohibit any sale of the personal information we share with our Business Partners. As described in more detail below, you may have rights with respect to the information we collect about you.
When does this Policy apply?
This Policy applies when we process personal information about our customers, our potential customers, applicants for jobs with Movemint, and visitors to our website(s). Whenever we collect personal information, we make decisions about how and why we process that personal information and, because of this, we are responsible for making sure it is used in accordance with applicable data protection and privacy laws.
What types of personal information do we collect, where do we get it from, and why?
We typically collect personal information directly from you or from our Business Partners. We also may collect personal information about you through your interactions with our information technology resources, such as our website(s). In addition, we may create records of personal information about you in the course of providing services or products to you, either directly or through our Business Partners. We also may collect personal information about you from third parties, including government agencies and third parties who provide services to us. In all cases, we collect personal information about you in accordance with the principles outlined in this Policy and applicable law.
Additional information for California residents
Please note: California privacy law does not apply to personal information we receive, generate, or obtain in connection with providing financial products or services to you for personal or household uses. For more information on how we collect and use your personal information when providing financial services, please see the Privacy Rights under Financial Privacy Laws section below. Other exceptions and limitations may also apply as permitted by law.
The personal information we collect about you includes information within the categories below. These categories are defined by California law and represent the categories of personal information that we have collected about California residents, and how they have been shared, over the past 12 months. We do not necessarily collect all information listed in a particular category, nor do we collect all categories of information for all individuals.
We have shared information in each of the following categories with our affiliates and service providers for our business purposes within the last 12 months. At times, our service providers may use the information we share to assess and improve the products and services they provide to us, including using data to train and improve AI models. We may receive requests for information from regulatory authorities, auditors, and/or our legal advisors. If requested from such parties, we would share your personal information as appropriate.
We do not sell your personal information. As described further below, to the extent we share personal information for “cross-contextual behavioral advertising,” you have the right to opt out under California law.
Who do we share your personal information with, and why?
We may disclose your personal information to our affiliated companies, when required by law, or with our service providers for the purposes described in this Policy and in accordance with our financial privacy notices. We may also share information, including your personal information, to third parties as necessary to provide the products and services you request, such as underwriting your risk or assisting you in completing a transaction.
The third parties we may share your personal information with include:
-
credit unions or strategic partners;
-
nonaffiliated service providers;
-
regulatory authorities;
-
our auditors and legal advisors;
-
relevant industry self-regulatory bodies; and
-
others, where permitted by law.
We do not sell your personal information, and we have contracts with our service providers to prohibit any sale of your personal information and to provide written assurances regarding the security and privacy protections they have in place to protect your personal information. At times, our service providers may use the information we share to assess and improve the products and services they provide to us, including using data to train and improve AI models. We may share your personal information with your credit union and other nonaffiliated financial companies in order to offer you products and services that may interest you.
We may share your information with our corporate affiliates (companies related by common ownership or control) where permitted by law and as further described in our financial privacy notices. We share your information with affiliates so they can provide services to us and where necessary to provide you with services, products, or information you have requested or expressed an interest in.
In the event there is a change in the corporate structure of Movemint, such as, but not limited to, merger, consolidation, sale, liquidation, or transfer of substantial assets, Movemint may, in its sole discretion, transfer, sell or assign personal information we have about you to one or more affiliated or unaffiliated third parties.
Your information may only be transferred to another country for processing as permitted and in compliance with applicable law.
Where do we keep your personal information and how long do we keep it?
We store personal information about you on computer systems operated by us or our service providers. Due to being a highly regulated company, we keep various records that contain personal information in accordance with applicable state and federal regulations, or pursuant to contractual obligations. In general, we aim to keep personal information only for as long as necessary and only for the reason(s) we collected it.
We retain your personal information for the purposes stated in this Policy. Our organization uses the following criteria to determine retention periods:
-
time required to fulfill business purposes and the terms of your contracts, including servicing your accounts, creating better products, and improving our products
-
time required to comply with applicable laws and regulations
-
time needed to protect our rights and legal interests, including preventing fraud and responding to any complaints or claims made by you or on your behalf
How is personal information secured?
We maintain physical, technological, and administrative safeguards to protect your personal information and prevent unauthorized or accidental use, access, or loss. We limit access to personal information about you to those who have a business need for such access. Individuals who process personal information on our Business Partner’s behalf generally may do so only in an authorized manner and are required to keep your information confidential. We have policies in place that regulate how our employees and contractors handle information about you. We limit access to our premises and to our computer networks and take steps to safeguard against unauthorized access to such premises and networks. We have procedures in place to manage any suspected data security incident and will notify you consistent with applicable legal requirements.
What are cookies and how do we use them?
When you visit our website(s), we use so-called “cookies” to make our website(s) more user-friendly, effective, and secure. A cookie is a small piece of data sent from a website and stored in a file on your browser. A cookie is useful for having the browser remember specific information across several pages or between visits to a website. In addition to cookies, we use scripting, which is code run on the website to collect information such as actions you’ve completed on our website or items you click on. We also use “pixels,” which are transparent image files sent from the website to your browser to help us record items like IP address and time.
Using cookies allows us to enhance your experience in interacting with our website, such as by helping recognize your browser the next time you visit and loading previously viewed pages faster. We use cookies to offer you the best possible experience on our website.
We also use cookies, scripting, pixels, and other tracking mechanisms to collect browsing information to improve your overall experience. We use this information to track website usage and compile statistics. This helps us improve the website, so you will find it more useful and informative, and enable customized promotions you may be interested in. We may use the combination of data we collect, such as browsing information and email address, to join known devices together and provide personalized experiences on the device you are currently using. Impression data from cookies, scripting, pixels or other tracking mechanisms, which indicates who has seen advertisements about our products and services on our website or third-party websites, may be used to improve our marketing practices. If you are a current customer, have logged into your account, obtain a policy from our website or provide your email address, we may use analytics software to link data we collect, such as use of our website, opening emails we send you or contacting our customer service center via phone, back to you.
We may use browsing information we collect (including IP address, email address and data received from Google Analytics) to match with information received from third parties (including behavioral information and device identifiers) and policyholder information to learn more about an individual or a group. These actions help us analyze interactions with our website, improve marketing efforts, inform our strategic approach, and improve your experience. We also may use this information to directly market our products and services, to the extent permitted by law. We may use third parties to perform these and other activities.
We also enable cookies to be placed or accessed on your device by third-party advertising networks. These kinds of persistent cookies remember the websites you visit, and that information is shared with other parties, such as advertisers. We may use third-party advertising networks to help us deliver tailored online ads to you. To learn more about opting-out of this type of interest-based advertising, please visit the Network Advertising Alliance (NAI) Consumer opt-out website.
Global Privacy Control and Do Not Track
We have implemented a cookie preference center to ensure your cookie preferences are honored. We have tools in place to better detect and honor requests made using the Global Privacy Control (“GPC”) signal as requests to opt-out of the sharing of personal information to the extent required by applicable law. We endeavor to honor these requests with respect to any personal information connected to the GPC opt-out request based on the information made available by GPC. We may not be able to tie a GPC request to all personal information we have about you. If you wish to exercise your rights under applicable state privacy laws, we recommend submitting your cookie preferences via our cookie preference center and/or by submitting a request using one of the methods outlined in the Submitting Privacy Requests section of the policy below. We do not currently support the capability to respond to web browser “do not track” signals.
Google Analytics
We use a tool called Google Analytics to collect information about use of our website. This tool uses persistent cookies which allow us to measure behavioral information about interactions with our website navigation, applications and forms, as well as errors or disruptions, so we can improve your experience. We may also use this data to create remarketing lists. For site visitors that have opted into Google’s Ad Personalization, we use Google Signals data to retarget and enhance advertising efforts, collect demographic and interest data as defined by your respective personal Google account and to understand how a user reengages with us from multiple devices. Visitors can opt-out of Personalized ads on Google using Google’s Ad Settings.
You can opt out of Google Analytics without affecting how you visit our website. For more information on opting out of Google Analytics tracking, visit this Google page.
What are my rights?
You may have various rights with respect to your personal information depending on where you live, the information we have about you, and the context in which it was obtained. These rights are defined under a variety of privacy laws and regulations, each of which may or may not apply to our relationship with you or your personal information.
We may choose to extend these rights to you even if we are not required to under applicable law.
Privacy Rights under Financial Privacy Laws
In general, to the extent we received, obtained, or generated information about you in connection with providing you with a financial service or product within the United States, your rights with respect to that information are governed by financial privacy laws, including the Gramm-Leach-Bliley Act (GLBA). We provide financial privacy notices to our consumers and customers as required by law, and these notices address your rights with respect to this information. For more information about these rights, including your right to opt-out of sharing your information with third parties, please contact us to request our financial privacy notices.
Privacy Rights under the California Consumer Privacy Act (CCPA)
For residents of California, to the extent we have collected information about you that is not governed by financial privacy laws, you may have rights to your personal information as described below:
Right to know
You may be entitled to request that we disclose to you personal information we have collected about you, the categories of sources from which we collected the information, the purposes of collecting the information, the categories of third parties with whom we have shared the information, and the categories of personal information that we have shared with third parties for a business purpose. In some instances, you may have the right to receive the information about you in a portable and readily usable format. Before providing any of this information, we must be able to verify your identity.
Right to opt-out of sale
We currently do not sell personal information to third parties, and therefore do not offer this option. We may disclose personal information about you to our Business Partners as permitted by law. Please see the Who do we share your personal information with, and why? portion of this policy for more information.
Right to opt-out of share
You may be entitled to request we do not share your personal information for cross-contextual advertising, which is data sharing that exists to provide more targeted advertising across websites and over time. You may also set your browser or device with an opt-out preference signal, such as the GPC, to signal your request to opt out of the sharing of personal information. We honor these requests with respect to any personal information connected to preference signal based on the information made available by the preference signal protocol. We may not be able to tie a browser or device-based preference signal request to all personal information we have about you. If you wish to exercise your rights under applicable state privacy laws, we recommend submitting a request using one of the methods outlined in the Submitting Privacy Requests section of the policy below.
Right to limit the use of sensitive personal information
You may be entitled to request we limit the use of your sensitive personal information. This sensitive personal information is defined in California law, and you will find a more detailed description of what type of information this entails under the Additional Information for California Residents section above. If you make this request, we will not use your sensitive personal information for purposes other than those necessary to provide you with the goods or services you requested from us, to aid in protecting and securing your personal information and our systems, to verify or maintain the quality or safety of our services and systems, or as otherwise permitted under regulations or required by law.
Right to correct
You have the right to correct certain personal information. There are many types of correction requests, and our service areas are ready to assist you with your request.
Right to deletion
Subject to certain conditions, you may be entitled to request that we delete personal information about you. Before deleting information, we must be able to verify your identity. We will not delete personal information about you when the information is required to fulfill a legal obligation, is necessary to exercise or defend legal claims, or where we are required or permitted to retain the information by law. For example, we cannot delete information about you where required to be retained for regulatory purposes.
We do not discriminate against you if you choose to exercise these rights. Please see the Submit personal information requests under the CCPA section below for how to exercise these rights.
How do I submit privacy requests?
You can exercise your privacy rights by submitting requests to us to exercise those rights and by taking other steps that will limit how information about you is collected, used, and shared.
Submit personal information requests under the CCPA
Please submit a support ticket via the client portal for assistance exercising privacy rights under the CCPA. Tickets can be submitted at community.cunexus.com/support/submit-a-ticket/
For some personal information requests, we may need to verify your identity before fulfilling your request. To verify your identity, we will collect information from you, including, to the extent applicable, your name, government identification number, date of birth, contact information, your account information, answers to security questions, or other personal identifying information. We will match this information against information we have previously collected about you or against information available from consumer reports to verify your identity and to respond to your request. Information collected for purposes of verifying your request will only be used for verification and to respond to your personal information request.
If you maintain an account with us, we may require you to login to that account as part of submitting your request. If we are unable to verify your identity as part of your request, we will not be able to satisfy your request. For deletion requests, you will be required to submit a verifiable request for deletion and then to confirm separately that you want personal information about you deleted.
If you would like to appoint an authorized agent to make a request on your behalf, and that agent is not already authorized to access your account in your profile, we require you to verify your identity with us directly before we provide any requested information to your approved agent.
Unsubscribe from promotional emails
If you no longer wish to receive marketing or promotional emails from us, please click the unsubscribe or manage subscriptions link included in the footer of every promotional email we send.
Limit the use of cookies
You can disable your browser from accepting third-party cookies and delete cookies that have previously been placed on your device. Disabling and deleting cookies is unique to each browser and device you use. Disabling and deleting cookies on one device will restrict the ability to tie that device to other devices you use. Instructions for deleting and disabling cookies are available from the providers of most widely used internet browsers. Parts of our website may not function properly if you disable cookies. To provide you with the best possible experience while visiting our website, please enable cookies within your browser. We are working to make sure your preferences are understood across our brand where possible. Choosing to reject cookies for your device will delete cookies in the selected category and will block scripts that create cookies. The choice you make impacts cookies and related technologies like pixels and beacons that we control on our website. To fully recognize your choices, you may need to address cookies and digital tracking choices in your own settings as well. For example, if you are logged into social media or other third-party accounts (e.g. Google; Facebook), or there are other tracking means beyond our control, you may need to adjust your settings on your device, browser, and social media accounts.
Opt-out of third-party advertising tracking
Several network advertising industry groups provide tools for consumers to opt-out of interest-based advertising. The Network Advertising Initiative (“NAI”) provides one such tool for opting out of this kind of advertising from its members, which may be accessed by visiting the Network Advertising Alliance (NAI) Consumer opt-out website. A similar tool is also available through the Digital Advertising Alliance’s (“DAA”) consumer choice tool, which may be accessed by visiting the DAA's YourAdChoices website. As noted above, visitors to our website can opt-out of Personalized Ads on Google by using Google’s Ad Settings. For more information on opting out of Google Analytics tracking, visit this Google page. You can also disable ad personalization and tracking within the settings of your device, browser, and social media accounts.
Opt-out of sharing with our financial joint marketing partners
If you prefer we do not share your personal information for joint marketing purposes with your credit union or any other nonaffiliated financial company, you may, to the extent applicable, exercise your right to opt-out of such sharing. Please submit a support ticket via the client portal at community.cunexus.com/support/submit-a-ticket/
Opt-out of sharing with affiliates for marketing
If you prefer we do not share your personal information for marketing purposes with our affiliated companies (companies related by common ownership or control to Movemint), you may, to the extent applicable, exercise your right to opt-out of such sharing. Please submit a support ticket via the client portal at community.cunexus.com/support/submit-a-ticket/
Mobile Marketing
If you enroll in a Movemint mobile program, we will require opt-in consent to receive notifications via text message. If you do opt in, we will collect your mobile phone number to send you text notifications. We will send you notifications only according to the terms and conditions of the mobile program you join. The mobile phone number you register with the program will not be used or shared for any other purpose. Each time you opt in to a program, we will collect your mobile phone number separately. You may opt out of receiving these notifications at any time, and choosing to do so will not affect your ability to participate in Movemint offerings.
Children and Minors
We do not knowingly collect personal information directly from individuals under 17 years of age. Our services are not intended for individuals under 17 years of age. No one under 17 years of age should submit or post personal information through our services. We may collect personal information regarding individuals under 17 years of age from their parents or legal guardians, but only as necessary to provide our products and services.
Linking to Third Parties
When you leave this website and go to another linked website, we are not responsible for the content or availability of the linked website. Please be advised that if you enter into a transaction on the third-party website, we do not represent either the third party or you. Further, the privacy and security policies of the linked website may differ from those practiced by us.
Changes to this Policy
We reserve the right to change this Privacy Policy at any time in our sole discretion. If we make changes, we will post the revised policy here, so that you can see what information we gather, how we might use that information, and in what circumstances we may disclose it. By continuing to use our services after notice is provided, you accept and agree to this Privacy Policy as modified.