PRIVACY POLICY

I. Recognition of the Customer’s Expectation of Privacy

We recognize our customers’ expectation that information provided to us by our customers or obtained by us about our customers will be safeguarded by us.  This policy is intended to describe how we collect, maintain, disclose and dispose of customer information, and how you can choose how information about you is used by us.  This Policy may be amended from time to time at our discretion.  If you have any questions, comments or complaints about the privacy of information about you, please contact us at:

II. Collecting Information

When you contact us about our products and services, you may be asked to provide us with information about yourself and other relevant persons.  This is information that is useful (and allowed by law) to administer our accounts and provide products, services and other opportunities to you. You may provide information directly, for example, in a loan application, when opening a deposit account, or by completing information requests, such as surveys, communications, check register forms, or order forms.
 
We gather information about you indirectly through our experiences of doing business with you, such as your loan balances, your overdraft history, or your payment history.

We may also obtain additional information about your credit history from outside sources.  For example, when you establish a loan or deposit account, we may obtain a credit report from a credit reporting agency.  We obtain credit reports when you initiate a transaction with us for which we need to know your credit history or we need to review or collect an existing account.

We may obtain information about you from a credit reporting agency if we wish to solicit you with a firm offer of credit or insurance, even if you have not first contacted us.  You have the right under federal law to ask the credit reporting agencies to remove your name from any list provided to us.

Collection of information on our Website may include data such as pages visited, downloads, other Websites from which visitors arrive, and the types of operating systems and browsers used. Such information is collected only to optimize the performance of the site or to personalize the information displayed. We may also offer online planning tools, such as calculators, to help you evaluate your personal finances or decide whether one of our products is right for you.

Information obtained through online planning tools, or online transactions such as payments and transfers, may be used only in connection with the transaction initiated by you. In addition, when we use a cookie to call up a database file with personal information provided by you, that information is stored at the website, not in the cookie, and is protected by information security procedures described below.

III. Disclosure of Information About You

Unless you tell us to share information, the only disclosures we make relating to information about you and your accounts or transaction on your accounts are those that we are either (a) required to make by law, for example, in response to a court order; or (b) those that are permitted by law, which, in general, are those that are appropriate or necessary for us to make in order to maintain, administer and service your business transactions with us, for example, where it is necessary for completing transfers and tracing transactions, or resolving errors or claims.

IV. Employee Access/Security

Each of our employees is trained in our policies regarding the confidentiality of customer information in our files.  Each of our employees understands that each has a role to safeguard your information.

On our Website, we use a full range of Internet security measures. These include encryption utilizing Secure Sockets Layer (SSL) technology, routers and firewalls that act as barriers between the outside world and the internal bank network, and a trusted operating system to complete our overall security architecture. For certain applications, cookies are a requirement because they help protect the privacy of a customer’s transactions, for example, by automatically terminating an online session if the customer forgets to log out. Please note, however, that when you use a link from our Website to a  non-Evergreen State Bank site, Evergreen State Bank’s privacy policies are no longer in effect.

V. Maintaining Accurate Information

We strive to retain complete, accurate and current information on our customers.  If you believe that any information in your customer records with us is insufficient, inaccurate, or out of date, please contact us as follows:

By mail at: P.O. Box 427 Stoughton , WI 53589
By telephone at: (608) 873-6681 or 1-800-863-2265
By facsimile at: (608) 873-6920

VI. Access to Accounts

If you believe someone has accessed your accounts without authorization, or if someone has discovered your Personal Identification Number (PIN), User Name or Password (“Codes”), please notify us at (608) 873-6681 or 1-800-863-2265 as soon as possible. Please assist us in this effort by protecting your Codes and account numbers. These numbers are for your personal use and should be kept confidential by you.

VII. Disposal of Information

We retain individual records for different periods of time depending upon state and federal record retention requirements, internal risk management policies and need.

Before we dispose of any record containing personal information relating to our customers, we will either shred the record, erase any personal information contained in the record, or modify the records to make any personal information unreadable, and will take all actions that we reasonably believe necessary to be sure that no unauthorized person will have access to your personal information between the period of our disposal of the record and its destruction.

Evergreen State Bank’s Online Banking Security Statement

With Evergreen State Bank’s Online Banking, we use a full range of Internet Security measures, including cryptography, routers and firewalls, and a trusted operating system to complete our overall security architecture.

Security on the Internet begins with your browser. In order to utilize Online Banking, you must use a browser that supports the Secure Sockets Layer (SSL) protocol. SSL allows you to securely send and receive encrypted data over the Internet. This protocol provides a secure channel for data transmission through its public/private key encryption capabilities. When a client connects to the Online Banking Vault Server, the session immediately goes through a “handshaking” process where the server sends a certified Digital ID to the client, whereupon an “encrypted tunnel” is created between the client and the server. This simply means that all requests by the client and, subsequently, all replies by the server are encrypted using an extremely long and complicated key.

We recommend the following browsers:

•  Netscape Navigator 6.0 or greater
•  Firefox 1.0 or greater
•  AOL 8.0 for Windows or greater
•  AOL for MAC OS X
•  Macintosh Safari 1.2x or greater
•  Camion 1.0 or greater

Routers and Firewalls

Your account information is protected by a series of filtering routers and firewalls that act as a barrier between the outside world and the internal bank network. The filtering router is the first component that you pass through to gain access to your account information. Much like a security guard, the router is responsible for determining who has access to what components of Online Banking. This is achieved with Access Control Lists (ACLs) which allow or deny specific services for a particular user.

The firewall is the next security component that you pass through. The firewall provides a higher level of security and authentication of a client request. The firewall takes advantage of the same type of ACLs that a router utilizes and tracks each request that was made, who made it, when it was made, where it was made from, and where it was destined for. Each one of these items is used to determine whether the user is granted access to the requested destination and protects the internal bank network from outside access.

The entire Online Banking application resides within a trusted operating system. The trusted operating system acts much like a firewall by protecting sensitive and proprietary information from the outside world. The trusted operating system accepts your authorized requests for account information, retrieves the information from our database, and sends the information back to your browser in an encrypted format. The system also contains numerous audit controls to track requests and navigation. This audit control allows us to quickly identify any suspicious activity.

When you establish your Online Banking account, you will select a picture and phrase that will be displayed every time you sign on. If they are not displayed, DO NOT SIGN ON. You will also be prompted to select and answer confirmation questions that will be used for authentication during a subsequent sign on. You will also be asked if you want to register your computer by allowing us to save a cookie on your computer. This will identify your computer as authorized and you will not be asked to answer the confirmation questions during a subsequent sign on. If you sign onto a computer that hasn’t been registered, we will use the confirmation questions you chose to verify that you are authorized to access your account.

When you establish your Online Banking account, you will input a username and password to access your accounts through the Internet. It is important that you memorize your password and not convey it to anyone else. You must make sure that no one is watching you enter your password and that you properly exit your Internet Banking session/browser before leaving the computer. The Online Banking system allows you to change your password anytime and you should change your password frequently.

If you view your Online Banking account on a computer that is not yours, such as a public computer, DO NOT REGISTER that computer with a cookie.

Evergreen State Bank will never send email containing attachments, or require customers to send personal information to us via email or pop-up windows. If you receive an email requesting information about your account, please notify the bank immediately.