In compliance with National Credit Union Administration Rules and Regulations Part 716, Alloya Corporate Federal Credit Union (Alloya) delivers this notice regarding our privacy policies to our member credit unions.
What Information Do We Collect? Why?
When you visit an Alloya website or public data server, the IP address and/or hostname and domain name of the computer or network you are using is logged in site logs, firewall logs, and/or network- and host-based intrusion detection systems. This is done as an audit requirement of the National Credit Union Administration. Logging this information allows us to create a forensic trail in the event of a security breach suspected of compromising financial or consumer information and is done for the protection of member credit unions and their members. This is an industry standard best practice. We may automatically collect information about your computer configuration. This may include your browser type, version, and operating system. Technically, your IP address or ISP domain name could reveal or be associated with your personal identity. We review this information only in the aggregate to improve site performance, and specifically to address security concerns. This information is not disclosed to any party outside of Alloya without prior non-disclosure agreements in place and is kept highly confidential.
We collect information about products, services and education opportunities you are interested in from various sources. This is necessary to meet your request and we retain it to serve you better in the future. If you use a feature that requires you to submit information, we collect your name, email address, telephone and fax numbers, and mailing address; should you choose to provide us with this information. One of our staff may contact you to discuss the information requested. If you do not wish us to retain your contact information or to contact you, please let us know.
With Whom Do We Share Information?
We do not share your email address or any other information collected on public web and data servers with third parties without non-disclosure agreements in place.
Certain Legal Disclosures
We may need to disclose user information in certain exceptional circumstances. This may be needed to protect against illegal hackers, to protect our legal rights or to address actual or threatened illegal or harmful conduct. Disclosure may also be required by legal process, such as a search warrant, subpoena or court order.
What Data Security is Used?
Alloya offers secure Internet banking services; by their nature these services result in the transaction of non-public consumer information. We use administrative, physical and technical precautions to help protect the confidentiality, security and integrity of personal and corporate information stored on our computer systems. Our publicly accessible data servers are protected by firewalls and intrusion systems employing extensive security practices and are subject to regular federal and internal audits. While no computer system is completely secure, we believe the measures implemented in our systems reduce the likelihood of security problems to a level appropriate to the type of data involved.
How Long Do We Retain User Data?
The retention and destruction of non-public consumer data is subject to applicable federal, state, and local statutory law. Alloya makes every effort to comply with and go beyond the intent of the law. We may alter this practice according to legal and business requirements. For example, we may lengthen the retention period for some data if needed to comply with law or voluntary codes of conduct. Unless otherwise prohibited, we may shorten the retention period for some types of data, if needed, to free up storage space.
Marketing data, which can be gathered freely in the public domain, is retained indefinitely.
Your Consent to This Policy
Alloya Corporate FCU - Headquarters
184 Shuman Boulevard, Suite 400
Naperville, IL 60563
If you believe Alloya or one of its subsidiaries has contacted you in error, please contact us immediately to prevent further unsolicited correspondence and accept our apologies.