Your privacy is important to us. This California Consumer Privacy Act Disclosure (download a printable copy) explains how American Riviera Bank (“Company,” “we,” or “us”) collect, use, and disclose personal information relating to California residents covered by the California Consumer Privacy Act of 2018 (“CCPA”).
Under the CCPA, ‘Personal Information’ is information that identifies, relates to, or could reasonably be linked directly or indirectly with a particular California resident.
The specific Personal Information that we collect, use, and disclose relating to a California resident covered by the CCPA will vary based on our relationship or interaction with that individual. For example, this Disclosure does not apply with respect to information that we collect about California residents who apply for or obtain our financial products and services for personal, family, or household purposes. For more information about how we collect, disclose, and secure information relating to these customers, please refer to our US Consumer Privacy Notice.
Keeping Personal Information secure is one of our most important priorities. Consistent with our obligations under applicable laws and regulations, we maintain physical, technical, electronic, procedural and organizational safeguards and security measures that are designed to protect personal data against accidental, unlawful, or unauthorized destruction, loss, alteration, disclosure, or access, whether it is processed by us or elsewhere.
We collect, for our business purposes, certain personal information to provide financial products and services, and for employment purposes. In the past 12 months, we have collected and disclosed:
The categories of sources from whom we collected this Personal Information are:
The categories of third parties to whom we disclosed Personal Information for our business purposes described in this privacy disclosure are:
In the past 12 months, we have used Personal Information relating to California residents to operate, manage, and maintain our business, to provide our products and services, and to accomplish our business purposes and objectives, including the following:
In the past 12 months, we have not “sold” Personal Information subject to the CCPA, including Personal Information of minors under the age of 16. For purposes of this Disclosure, “sold” means the disclosure of Personal Information to a third-party for monetary or other valuable consideration.
We will keep Personal Information no longer than reasonably necessary to fulfil the purposes described in this Disclosure. According to our retention policy, we are required to destroy records containing Personal Information according to specific periods contained in that policy. However, we may need to hold such records beyond these retention periods as set forth in our record retention policy, due to regulatory requirements, or in response to a regulatory audit, investigation, or other legal matter.
If you are a California resident, you have the right to:
We will acknowledge receipt of your request and advise you how long we expect it will take to respond if we are able to verify your identity. Requests for specific pieces of Personal Information will require additional information to verify your identity. If you submit a request on behalf of another person, we may require proof of authorization and verification of identity directly from the person for whom you are submitting a request.
Privacy and data protection laws, other than the CCPA, apply to much of the Personal Data that we collect, use, and disclose. When these laws apply, Personal Data may be exempt from, or outside the scope of, Access Requests and Deletion Requests. For example, information subject to certain federal privacy laws, such as the Gramm-Leach-Bliley Act or the Health Insurance Portability and Accountability, is exempt from CCPA Requests. As a result, in some instances, we may decline all or part of an Access Request or Deletion Request related to Personal Data exempt from CCPA Requests. This means that we may not provide some or all of this Personal Data when you make an Access Request. Also, we may not delete some or all of this Personal Data when you make a Deletion Request.
As examples, our processing of or response to an Access Request or Deletion Request may not include some or all of the following Personal Data:
The types of Personal Data described above are examples. We have not listed all types of Personal Data that may not be included when we respond to or process Access Requests or Deletion Requests.
In addition to the above, in some instances, we may not be able to honor your request. For example, we will not honor your request if we cannot verify your identity or if we cannot verify that you have the authority to make a request on behalf of another individual. Additionally, we will not honor your request where an exception applies, such as where the disclosure of Personal Information would adversely affect the rights and freedoms of another consumer or where the Personal Information that we maintain about you is not subject to the CCPA's access or deletion rights.
We will advise you in our response if we are not able to honor your request. We will not provide social security numbers, driver's license numbers or government issued identification numbers, financial account numbers, health care or medical identification numbers, account passwords or security questions and answers, or any specific pieces of information if the disclosure presents the possibility of unauthorized access that could result in identity theft or fraud or unreasonable risk to data or systems and network security.
If you are a California resident, you may submit a request by:
We will ask you to provide the following information to identify yourself:
When you make a request, we will attempt to verify that you are who you say you are. For example, we will attempt to match information that you provide in making your request with other sources of similar information to reasonably verify identity.
You may contact us with questions or concerns about this Disclosure and our practices by:
Writing us at:
American Riviera Bank
Attn: Compliance
P.O. Box 329
Santa Barbara, CA 93102
Emailing us at [email protected]
We may change or update this Disclosure from time to time. When we do, we will post the revised Disclosure on this page with a new “Last Updated” date.
