Privacy and Security

Privacy Statement

To see a description of our privacy statement, please click here. We recognize the importance of protecting the privacy of personally-identifying information that may be submitted to us when you visit our website. The information we receive depends on what you do when you visit our site. This is how we handle the information we learn about you from your visit to our website.

If you visit our site to read or download information on our web pages such as press releases and checking and savings account information: We collect and store only the following information about you: name of the domain from which you access the Internet (for example, aol.com, if you are connecting from an America Online account, or a similar domain corresponding to your Internet Service Provider “ISP”); date and time you access our website; pages you may have visited on our site; and Internet address of the website from where you came to visit our website.  We use the information we collect to measure the number of visitors to the different pages and sections of our site, and to help us make our site more useful to visitors.

If you visit our website to use interactive banking tools such as financial calculators and self-tests: You may be asked for personal information in order to complete the requested analysis or evaluation. This information is NOT retained.

If you identify yourself by sending an e-mail or filling forms such as applications, check reorder forms, contact forms and guest registers: You may be asked for personally-identifying information in order to process your e-mail, form or application.  This information may be retained by us and our business partners for processing and to facilitate decisions.  Information you submit to us is treated no differently than any information you might provide in a written format such as a brochure application, reorder slip to order checks, or a letter.

We Want To Be Very Clear We protect and safeguard the privacy of users of our on-line services, just as we do throughout the rest of our business.  We will use personal information to identify you, to communicate with you, and to help us answer your questions.

We will NOT sell personally-identifying information to a third party for the purpose of solicitation or provide personal information to a third party for its own use.  Sometimes we send our customers information about our products and services.  If you do not wish to receive this information, or if you believe that your personal information is incorrect please contact us.  We will investigate the situation and if appropriate update our records. If you have any questions that are not answered in this section please contact us.


Security Statement

Our website brings together a combination of industry-approved security technologies to protect data for the bank and for you, our customer.  It features a VeriSign-issued Digital ID for the bank’s Internet Service Provider hosting our website, Secure Sockets Layer (SSL) protocol for data encryption, and a router and firewall to regulate the inflow and outflow of server traffic.

Secure Data Transfer

Once a server session is established on an https secure page, the user and the server are in a secured environment. Because the server has been certified as a 128-bit secure server by VeriSign, data traveling between the user and the server is encrypted with Secure Sockets Layer (SSL) protocol.  With SSL, data that travels between the bank and customer is encrypted and can only be decrypted with the public and private key pair.  In short, the bank’s server issues a public key to the end user’s browser and creates a temporary private key.  These two keys are the only combination possible for that session.  When the session is complete, the keys expire and the whole process starts over when a new end user makes a server session.

Router and Firewall

Secure forms must filter through a router and firewall before they are permitted to reach the server.  A router, a piece of hardware, works in conjunction with the firewall, a piece of software, to block and direct traffic coming to the server.  The configuration begins by disallowing ALL traffic and then opens holes only when necessary to process acceptable data requests, such as retrieving web pages or sending customer requests to the bank.  Using the above technologies, your Internet loan application and check reorder transactions are secure.


First Federal Bank Personal Banking App Privacy Policy

Last Updated: 2-2022

FFBW Personal Banking App (the “App”)—powered by Fiserv—helps you control your credit and/or
debit cards through your mobile device, making it easy to manage your finances on the go.
The App allows you to:
• Get real-time balances for your accounts.
• Manage your money.
• View your transactions and statements.
• Make transfers.
• Pay your bills and manage billers.
• Deposit a check.
• Receive alerts.
• Manage cards.
This Privacy Policy, in combination with other relevant privacy notices that we provide—
Example: pursuant to financial privacy laws—is to inform you of the policies and practices regarding the collection, use and disclosure of any personal information that we and our service
providers collect from or about users in connection with the App’s website, and mobile application (the “Services”).
THE TYPES OF INFORMATION WE COLLECT IN THE APP
Through your use of the Services, we may collect personal information from you in the following ways:
(a) Personal Information You Provide to Us
• We may collect personal information from you, such as your first and last name, address, email, telephone number, and social security number when you create an account.
• We will collect the financial and transaction information necessary to provide you with the Services, including account numbers, payment card expiration date, payment card
identification, verification numbers, and transaction and payment history.
• If you provide feedback or contact us via email, we will collect your name and email address, as well as any other content included in the email, in order to send you a reply.
We also collect other types of personal information that you provide voluntarily, such as any information requested by us if you contact us via email regarding support for the
Services.
(b) Personal Information Collected from Third Parties—We may collect certain information from identity verification services and consumer reporting agencies, including credit bureaus, in
order to provide some of our Services.
(c) Personal Information Collected Via Technology—We and our service providers may automatically log information about you, your computer or mobile device, and your interaction
over time with our Services, our communications, and other online services, such as:
• Device data, such as your computer or mobile device’s operating system type and version, manufacturer and model, browser type, screen resolution, RAM and disk size, CPU usage,
device type (example: phone, tablet), IP address, unique identifiers, language settings, mobile device carrier, radio/network information (example: Wi-Fi, LTE, 3G), and general
location information such as city, state, or geographic area.
• Online activity data, such as pages or screens you viewed, how long you spent on a page or screen, the website you visited before browsing to the Service, navigation paths
between pages or screens, information about your activity on a page or screen, access times, and duration of access.
• Cookies, which are text files that websites store on a visitor’s device to uniquely identify the visitor’s browser or to store information or settings in the browser for the purpose of
helping you navigate between pages efficiently, remembering your preferences, enabling functionality, and helping us understand user activity and patterns.
• Local storage technologies, like HTML5 and Flash, that provide cookie-equivalent functionality but can store larger amounts of data, including on your device outside of your
browser in connection with specific applications.
• Web beacons, also known as pixel tags or clear GIFs, which are used to demonstrate that a webpage or email was accessed or opened, or that certain content was viewed or clicked.
• Location Information. If you have enabled location services on your phone and agree to the collection of your location when prompted by the Services, we will collect location data when you use the Services even when the app is closed or not in use; for example, to provide our fraud detection services. If you do not want us to collect this information, you may decline the collection of your location when prompted or adjust the location services settings on your device.
HOW WE USE YOUR INFORMATION COLLECTED IN THE APP
(a) General Use—In general, we use your personal information collected through your use of the Services to respond to your requests as submitted through the Services, to provide you the
Services you request, and to help serve you better. We use your personal information, in connection with the App, in the following ways:
• Facilitate the creation of, and secure and maintain your account;
• Identify you as a legitimate user in our system;
• Provide improved administration of the Services;
• Provide the Services you request;
• Improve the quality of experience when you interact with the Services;
• Send you administrative email notifications, such as security or support and maintenance advisories; and
• Send surveys, offers, and other promotional materials related to the Services.
(b) Compliance and protection—We may use your personal information to:
• Comply with applicable laws, lawful requests and legal process, such as to respond to subpoenas or requests from government authorities;
• Protect our, your or others’ rights, privacy, safety or property (including by making and defending legal claims);
• Audit our internal processes for compliance with legal and contractual requirements and internal policies;
• Enforce the terms and conditions that govern the Service; and
• Prevent, identify, investigate and deter fraudulent, harmful, unauthorized, unethical, or illegal activity, including cyberattacks and identity theft.
(c) Creation of Non-Identifiable Data—The App may create de-identified information records from personal information by excluding certain information (such as your name) that makes the
information personally identifiable to you. We may use this information in a form that does not personally identify you to analyze request patterns and usage patterns to enhance our products
and services. We reserve the right to use and disclose non-identifiable information to third parties in our discretion.
DISCLOSURE OF YOUR PERSONAL INFORMATION
We disclose your personal information collected through your use of the Services as described below.
(a) In Accordance with Our Other Privacy Notices—Other than as described in this Privacy Policy in connection with the App, this Privacy Policy does not apply to the processing of your
information by us or third parties with whom we share information.
(b) Third Party Service Providers—We may share your personal information with third party or affiliated service providers that perform services for or on behalf of us in providing the App, for
the purposes described in this Privacy Policy, including: to provide you with the Services; to conduct quality assurance testing; to facilitate the creation of accounts; to optimize the
performance of the Services; to provide technical support; and/or to provide other services to the App.
(c) Authorities and Others—Regardless of any choices you make regarding your personal information, The App may disclose your personal information to law enforcement, government
authorities, and private parties, for the compliance and protection services described above.
LINKS TO OTHER SITES
The App may contain links to third party websites. When you click on a link to any other website or location, you will leave the App and go to another site, and another entity may collect personal and/or anonymous information from you. The App’s provision of a link to any other website or location is for your convenience and does not signify our endorsement of such other website or location or its contents. We have no control over, do not review, and cannot be responsible for, these outside websites or their content. Please be aware that the terms of this Privacy Policy do not apply to these outside websites. We encourage you to read the privacy policy of every website you visit.
YOUR CHOICES REGARDING YOUR INFORMATION
You have several choices regarding use of information on the Services.
(a) How We Respond to Do Not Track Signals—Some web browsers transmit “do not track” signals to the websites and other online services with which your web browser communicates.
There is currently no standard that governs what, if anything, websites should do when they receive these signals. We currently do not take action in response to these signals. If and when a
standard is established, we may revise its policy on responding to these signals.
(b) Access, Update, or Correct Your Information—You can access, update, or correct your information by changing preferences in your account. For additional requests, please contact us.
(c) Opting Out of Email or SMS Communications—If you have signed-up to receive our email marketing communications, you can unsubscribe any time by clicking the “unsubscribe” link
included at the bottom of the email or other electronic communication. Alternatively, you can opt out of receiving marketing communications by contacting us at the contact information under
“Contact Us” below. If you provide your phone number through the Services, we may send you notifications by SMS, such as provide a fraud alert. You may opt out of SMS communications by
unlinking your mobile phone number through the Services.
(d) Opting Out of Location Tracking—If you initially consented to the collection of geo-location information through the Services, you can subsequently stop the collection of this information at any time by changing the preferences on your mobile device. Please note, if you withdraw consent to our collection of location information, you may no longer be able to use some features of the App.
SAFEGUARDS AND RETENTION
We implement reasonable administrative, technical, and physical measures in an effort to safeguard the information in our custody and control against theft, loss and unauthorized access,
use, modification, and disclosure. Nevertheless, transmission via the internet is not completely secure and we cannot guarantee the security of your information.
A NOTE ABOUT CHILDREN
The Services are not directed towards individuals under the age of 18, and we do not, through the App, intentionally gather personal information about visitors who are under the age of 18. If a child under 18 submits personal information to us through the App and we learn that the personal information is the information of a child under 18, we will attempt to delete the information as soon as possible.
PRIVACY POLICY UPDATES
This Privacy Policy is subject to occasional revision. We will notify you of any material changes in its collection, use, or disclosure of your personal information by posting a notice on the Services. Any material changes to this Privacy Policy will be effective thirty (30) calendar days following notice of the changes on the Services. These changes will be effective immediately for new users of the Services. If you object to any such changes, you must notify us prior to the effective date of such changes that you wish to deactivate your account. Continued use of the Services following notice of any such changes shall indicate your acknowledgement of such changes.
CONTACT US
If you have any questions or complaints about this Privacy Policy or The App’s data collection or processing practices, or if you want to report any security violations to The App, please contact The App by email at: info@ffbwi.com; or by mail at: First Federal Bank of Wisconsin, PO Box 1198, Waukesha WI 53187