If you are just browsing through our website, we do not request any personally identifiable Customer Information, nor do we collect unique identifying information about you unless you voluntarily and knowingly provide us that information, such as when you send us an email or complete an application online. If you provide us this information, it is only used internally and in furtherance of the purpose for which it was provided.

As part of providing online financial products or services, we may obtain information about our customers and website visitors from the following sources:

• Information we receive from you on applications, emails, or other forms;
• Information about your transactions with this Institution and our affiliates;
• Information we receive from a consumer-reporting agency; and
• Information that is generated electronically when you visit our website or use our online financial services.

Service Providers hosting our website and internet banking service may collect general information on our website visitors for security and statistical purposes. Such information may include:

• The internet address (referral site) which brought you to our web site;
• The date and time you access our site;
• The name and version of your web browser;
• Your internet Protocol (IP) address;
• The pages visited in our website; and
• The duration of your online session.

Our Service Providers may use Cookies to collect some the above information. In some cases you must accept cookies in order to view our website.

When you click on advertisements in our website or advertisements on linked 3rd party web sites, you may receive another Cookie; however, you do not have to accept any Cookies from third party advertisements.

As mentioned previously, our Service Provider(s) may also use Cookies within our internet banking and bill payment products. You must accept these Cookies in order to utilize the service. These Cookies do not store any personally identifiable information; they simply provide another level of security.

• We may disclose the information that we collect, as described above, with Service Providers acting on our behalf to provide online financial services such as: internet banking and bill payment.
• We may also disclose Customer Information when required or permitted by law. For example, Customer Information may be disclosed in connection with a subpoena or similar legal process, fraud prevention, or security investigation.
• We may also share Customer Information outside this Institution when we have your consent, such as when you request a specific product like insurance or an investment product from a third party financial services provider.
• We may also disclose aggregate (not personally identifiable) Customer Information with Service Providers or financial institutions that perform marketing and research services on our behalf and with whom we have joint marketing agreements. Our contracts require all such Service Providers/or financial institutions to protect the confidentiality of your Customer Information to the same extent that we must do.
• We do not disclose any Customer Information about our customers, former customers, website visitors to anyone, except as permitted or required by law.
• We do not sell any of your personal information.

Account aggregation sites allow you to consolidate account information from several sources into one online location. In order to provide this service, an aggregation provider may request your passcode and login information. You should ensure that the aggregation provider has appropriate policies to protect the privacy and security of any information that you provide.

If you provide information about your Texas National Bank accounts to an aggregation provider, we will consider all transactions initiated by an aggregator using the access or login credentials that you provide, to be authorized whether or not you were aware of a specific transaction.

If you decide to revoke the authority given to an aggregation provider, we strongly recommend that you also change your online passcode with this Institution. This will help ensure that the aggregation company cannot continue to access your account(s) with us.

When you enroll for our online services, we will send you a welcome email. We may also send emails marketing various products and services offered by this Institution. We will always provide you an opportunity to opt-in or opt-out of marketing related emails.

We will also send security related email notices when you sign-up for email (“notify me”) alerts on your account(s) or whenever you change your passcode, security question, or email address.

If you agree to accept electronic disclosures and/or online account statements, we may also send you notices of important account updates through email. For example, if you have agreed to accept disclosures electronically, we may send you an email with updates to this privacy policy and/or we may send you a notice that your account statement is available for viewing on our website. For more information on how to enroll for electronic disclosures, please contact us at 325-235-4997.

While email is convenient and has a good business use, it can also be misused by criminals for scams and various other fraudulent purposes.   “Phishing emails” are frequently used by criminals to entice the recipient to visit a fraudulent website where they try to convince the recipient to provide personal information, such as ATM card numbers, account numbers, Social Security numbers, access Ids and passcodes.  Some of these fraudulent websites may also be virus laden and can be used to download mal-ware to your computer.  Fraudulent websites often look identical to a legitimate site, so it’s important to look very closely at the website address.

Below we have listed a few tips to help protect your personal information on the internet:

• Always be wary of links in emails, especially any links in emails purporting to be from this Institution.
• Please remember that if we send you an email, we will never ask for personal information such as your account number, ATM card number, PIN number, or social security number.
• Bookmark financial websites and use these bookmarks every time you visit the website.
• Whenever you enter personal information like your access ID or passcode, always look for the lock symbol, or https: in the address bar. Always click on the lock symbol and review the certificate details.
• Update your internet browser! Most browsers now offer free anti-phishing tool bars that can help alert you of fraudulent websites.
• If you send us an email, please do not include any confidential, personal or sensitive information in the email message, as email messages are generally not secure.  We do offer secure messaging through our internet banking product and you may use this secure messaging feature if you need to send us sensitive or confidential information.
• Make sure that your computer always has up-to-date versions of both anti-spyware and anti-virus software.
• If you receive an e-mail that you think could be a scam, delete it immediately or forward the email to spam@uce.gov.
• If you have any questions about the legitimacy of an email, especially an email from this Institution, you can also call us at this number Texas National Bank or forward the email to customerservice@texasnational.bank.

Our website may include links to other 3rd party web sites. These links to external 3rd parties are offered as a courtesy and a convenience to our customers.  When you visit these sites, you will leave our website and will be redirected to another site.

This Institution does not control linked 3rd party web sites.  We are not an agent for these third parties nor do we endorse or guarantee their products. We make no representation or warranty regarding the accuracy of the information contained in linked sites. We suggest that you always verify the information obtained from linked websites before acting upon this information. Also, please be aware that the security and privacy policies on these sites may be different from our policies, so please read third party privacy and security policies closely.

If you have questions or concerns about the privacy policies and practices of linked 3rd parties, please review their websites and contact them directly. This privacy policy applies solely to the Customer Information collected by this Institution.

This Institution and our Service Providers have developed strict policies and procedures to safeguard your Customer Information. Our policies require confidential treatment of your personal information. We restrict employee access to your personal information on a “need to know” basis and we take appropriate disciplinary measures to enforce employee privacy and confidentiality responsibilities. We have established training programs to educate our employees about the importance of customer privacy and to help ensure compliance with our policy requirements.

Furthermore, this Institution and our Service Providers maintain strong physical, electronic and procedural controls to protect against unauthorized access to customer information.  Our computer systems are protected in the following ways:

• Computer anti-virus protection detects and prevents viruses from entering our website, email, and computer network systems.
• Firewalls and intrusion prevention systems block unauthorized access by individuals or networks.
• We use encryption technology, such as Secure Socket Layer (SSL), to protect the transmission of your confidential information. Whenever you login to our internet banking product or schedule an online transaction through our system, the communication is encrypted. Encryption scrambles transferred data so it cannot be read by unauthorized parties.
• We use strong multi-level authentication and behavior analysis to help prevent unauthorized access to your accounts.  Multi-level authentication can help prevent access by someone who may have stolen your login credentials.
• We provide secure email through our internet Banking product to help ensure that your communications with us are confidential.

We continually monitor technological advances and upgrade our systems to ensure your information remains secure.

COPPA, the Children’s Online Privacy Protection Act, protects children under the age of 13 from the collection of personal information on the internet. This financial institution respects the privacy of children. We do not knowingly collect names, emails addresses, or any other personally identifiable information from children. We do not knowingly market to children, nor do we allow children under 13 to open online accounts.

This policy may be updated from time-to-time as new products and features may require changes to our Internet Privacy Policy. The effective date of our policy will always be clearly displayed. If we make any changes regarding the use or disclosure of your personal information, we will provide you prior notice and the opportunity to opt-out of such disclosure if required by law.

If you have any questions about our privacy policy or concerns about our privacy practices, please contact us at 325-235-4997 or customerservice@texasnational.bank.

We care about our customers and the security of their accounts. If you believe you are a victim of fraud, notify your bank immediately. If you are a Texas National Bank customer, we will work with you to identify and make appropriate corrections to your account and help to protect you against future fraud.

The following information is provided with the intention of helping to further protect you against possible fraud attempts. We strongly encourage all customers to implement the following “best practices.” This is especially important to business online banking users because Regulation E protections related to electronic funds transfers are limited to consumers.

• Use the most recent versions of operating system available for your particular computer. They’re more secure.
• Download security patches and updates. Turn on automatic updates so you’ve got the latest fixes to problems as they arise.
• Disable “file and printer sharing” on your computer to prevent unauthorized access.
• Increase the security settings for your operating system. Limit administrative rights on users’ workstations.
• Use a current web browser and keep it updated.
• Set your browser to block pop-ups.
• Turn your computer off when you’re not using it. If you’re not connected to the internet, you can’t be hacked or infected.
• Use only the most trusted sources for computer service. Make sure your personal data is completely secure before allowing anyone to work on your computer.

TIP: It is strongly recommended that computers used by businesses for online banking be restricted to use for that purpose only. All security measures should be implemented and Internet surfing to any sites other than business banking sites prohibited.

• Only use a well-established and highly rated “internet security suite” software with features that include:
  • Anti-virus
  • Anti-spyware
  • Anti-phishing
  • Anti-spam
  • Identity protection
  • Email scanning
  • Automatic updates
  • Automatic scanning
• Always ensure that your security software subscription does not expire and verify that automatic updates and scanning are occurring. For additional assurance, set your security software to automatically perform a “full system” scan of your computer daily or weekly.
• Use a secure password to prevent access when you’re away from your computer.
• Use encryption software to protect data stored on your laptop, PDA, cell phone or other wireless device.

• Access online banking sites by typing the URL directly into the address bar. That way you know the
  site is legitimate. You may want to bookmark the site for future visits.
• Look for a lock icon in the browser and “https:” in the address line. They tell you the page is secure. (Still not sure? Double-click the lock icon to verify the security certificate.)
• Check for anything unusual, unprofessional or out of place such as a slightly altered domain name. Also be suspicious of an imperfect or altered bank logo and urgent account verification requests you might receive.
• Review Texas National Bank’s website’s privacy policy to learn how your information will be used and protected. Don’t use the same password for banking that you use for other online accounts.
• Do not leave a computer unattended when logged into online banking.
• Avoid having other websites loaded in your web browser when using online banking.
• Don’t use public computers to do your banking, including those at schools, libraries, internet cafes, hotels, airports, business centers, and conference centers.
• Avoid using wi-fi hotspots when online banking. These are shared by many people and theft of data can occur using established hacking techniques. If you are using a mobile device such as a smartphone or tablet that is connected to the internet via a proprietary network (i.e. AT&T, Sprint, Verizon, etc.) this is generally considered safer than mobile wi-fi hotspots.
• Do not share your online banking login credentials with anyone. Shared account owners should have their own individual logins.
• Take full advantage of available alerts within your financial institution’s online banking system. You know best what your banking habits are, so use alerts to make you immediately aware of any suspicious activity with your account.
• Set acceptable limits for funds transfers and ACH. Assign those limits based on user needs.
• Implement dual authorization requirements for high-value transactions.
• Utilize hardware or soft tokens as an additional layer of security for account access and ACH and wire transfer transactions.
• Avoid using email as a delivery method for secure access codes! Instead, use voice calls or text messaging to your mobile device. If your PC has been hacked, so has your email information.
• Enroll for online statements with your financial institution, credit card companies, mortgage company, etc. to avoid having statement information potentially exposed in the mail.

REMEMBER: It is strongly recommended that computers used by businesses for online banking be restricted to use for that purpose only. All security measures should be implemented and internet surfing to any sites other than business banking sites prohibited.

• Don’t share your password with anyone.
• Memorize your password. Don’t write it down or store it on your computer.
• Don’t use automatic login features that save user names, login IDs and passwords. Do not respond if you are prompted by a website to save logon credentials.
• Use upper and lower case letters, numbers and symbols.
• Avoid common words or obvious names. Think of a phrase that’s memorable to you but not to others. Use passwords that are at least eight characters long.
• Change passwords regularly (at least every 90 days).

• Don’t open email from someone you don’t know. Read subject lines carefully. Don’t be tricked by a friendly tone or urgent request.
• Turn off the preview pane in your email program.
• Don’t click on links or attachments in unsolicited email, especially if they tell you the problem is urgent or the attached file ends in “.exe.”
• Don’t give out personal information. Check a website’s privacy policy before you give them your email address.
• Delete email from unknown sources immediately. Make sure you have enabled junk mail filtering.
• Don’t forward chain emails. Spam already makes up around 50 percent of all email traffic.

TIP: If your bank sends e-mail to your e-mail address; it should always include a personal or account identifier. Any links included should be to the bank’s web site information page, not directly to a page that requires log-in credentials or personal information.

REMEMBER: No one at your bank should ever email you to ask for your personal confidential information or for your account or password information.

Phishing scams use email messages which urge you to click on a link within the message to update personal information. This link then takes you to a “spoofed” website which is designed to look like the bank’s legitimate site.

To Prevent Phishing:

• Be suspicious of any email with urgent requests for personal financial information.
• Don’t use the links in an email to get to any web page if you suspect the message might not be authentic. Instead, call the company on the telephone, or log onto the website directly by typing in the web address in your browser.
• Avoid filling out forms in email messages that ask for personal financial information. You should only communicate information such as credit card numbers or account information via a secure website or the telephone.