Privacy Statement

Last Updated December 30, 2022

I. ABOUT THIS PRIVACY STATEMENT

II. HOW WE COLLECT, USE AND SHARE PERSONAL INFORMATION

III. ADDITIONAL INFORMATION ABOUT ONLINE INFORMATION

IV. CHOICES RELATED TO HOW WE USE PERSONAL INFORMATION

V. HOW WE PROTECT THE CONFIDENTIALITY AND SECURITY OF YOUR PERSONAL INFORMATION

VI. CHANGES TO THIS STATEMENT

VII. CONTACT FOR MORE INFORMATION

Royal First Bank Bancshares, Inc. (collectively "Royal First Bank," "we," "us," or "our") respects your privacy and is committed to treating and using Personal Information (as defined below) about you responsibly.

I. ABOUT THIS PRIVACY STATEMENT

This Privacy Statement ("Statement") explains how Royal First Bank collects, uses and shares Personal Information, from or about you in connection with our products and services, as well as when you use Royal First Bank' websites or mobile applications that link to this Statement (each, a "Site", and collectively, "Sites").

Throughout this Statement, we refer to "Personal Information", which means information that identifies, relates to, describes, is reasonably capable of being associated with, or could be reasonably linked, directly or indirectly, with you or your household. Personal Information does not include Public Information (for example, information from federal, state or local government records), Aggregated Information (information relating to multiple individuals that has been combined and grouped together, resulting in a data set that is not reasonably capable of identifying any individual) or De-identified Information (information that is not attributable to an identified or identifiable individual).

California Consumers have certain rights under the California Privacy Rights Act of 2020 ("CPRA") with respect to their Personal Information. A "California Consumer" is a natural person who resides in California. For further information, please see our CPRA Privacy Notice for California Residents.

If you are an individual and have a Royal First Bank financial product or service for your personal, family or household purposes, please see our Royal First Bank Consumer Privacy Notice for additional details about how we use and share Personal Information that we collect in connection with providing you those financial products or services.

II. HOW WE COLLECT, USE AND SHARE PERSONAL INFORMATION

How we collect Personal Information

The types of Personal Information we collect depends on your interaction with us, including the types of products or services you applied for or use. We, or entities that we contract with to provide services to support our business and delivery of our products and services ("Service Providers"), may collect Personal Information:

  • Directly from you, such as when you apply for or obtain one of our products or services, or if you apply for a job with us;
  • From financial and non-financial companies related by common ownership or control (our "Affiliates"), based on your relationship with them and as permitted by law; and/or
  • From other entities that we work with who are not Service Providers ("Third Parties"), such as credit bureaus.

We (or our Service Providers) may also collect Online Information, such as IP address, browser or device information, or other information about you directly or indirectly through interactions with our Sites, applications, or ads, such as:

  • The internet address (referral site) which brought you to the Site;
  • The types of devices you use to visit our Sites and interact with us such as device, operating system, web browser, and the IP address;
  • Your device's browsing history on our Sites and the time and duration of your visit;
  • Information about the ads or content from us (or our Service Providers) that you view, access or click on;
  • Information that is collected through Cookies, Web Beacons, and/or mobile ad identifiers as described below;
  • The location of the device you use to visit our Sites (subject to applicable law or with your consent); or
  • Your contact lists, photos, or access to your camera, when you request certain services that require such access, and only with your consent. For example, to initiate a money transfer or access the remote deposit capture features of our Sites or mobile applications.

Though Online Information may not, alone, reveal your specific identity, some of this information may be used or associated with Personal Information, or may itself be considered Personal Information. Please see Section III for more information.

How we use Personal Information

We (or our Service Providers) may use Personal Information for the following business purposes:

To deliver products, information, or services, including to:

  • complete transactions;
  • provide account services;
  • recognize and remember you when you visit our Sites;
  • improve our Sites and make them easier to use, and provide you with an overall improved experience on our Sites;
  • notify you about updates to your accounts, products, and/or services;
  • perform quality assurance activities that maintain the quality of services provided to you; or
  • respond to your inquiries.

To provide advertising about our products and services including:

  • sending marketing materials inclusive of special offers, email notifications, or other notices regarding Royal First Bank' products, services, or news; or
  • presenting personalized content or tailored ads that may relate to your interests and/or location.

To manage security risks and prevent fraudulent activity, including to:

  • detect security incidents and protect against malicious, deceptive, fraudulent, or illegal activities;
  • debug to identify and repair errors that may impair existing intended functionality;
  • maintain a secure session, authenticate your computer and verify transactions;
  • verify your identity such as when you apply for an account or access our online/mobile services; or
  • assess your creditworthiness, including obtaining credit reports if you apply for credit or apply for a financial product or service.

To conduct employment-related activities at Royal First Bank, including to:

  • perform background checks;
  • deliver employee benefits programs; or
  • contact references you provide during your application process.

To perform other activities, as permitted or required by law including:

  • to perform internal research;
  • in connection with litigation;
  • to comply with regulatory record retention requirements;
  • to perform analytics concerning your use of our online services, including your responses to our emails and the pages and advertisements you view; or
  • for audit purposes within our organization.

How we share Personal Information

We may share your Personal Information, as permitted or required by law with:

  • Our Affiliates;
  • Service Providers;
  • Regulatory authorities or governmental agencies to meet regulatory or legal requirements; or
  • Third Parties, with your consent or as permitted by law.

How we retain Personal Information

We retain Personal Information for as long as necessary to fulfill the purpose(s) for which they were obtained, unless a longer retention period is required by law. The criteria used to determine our retention periods include:

  • The length of time we have an ongoing relationship with you;
  • Whether there is a legal obligation to which we are subject (for example, certain laws require us to keep records of your transactions for a certain period of time before we can delete them); or
  • Whether retention is advisable based on our legal position, such as applicable statute of limitations, litigations, or regulatory investigations.

Special Considerations for Minors

Our Sites are not intended for children under 16 years of age and we do not knowingly market our products or services to children.

Royal First Bank does not knowingly collect or retain Personal Information from individuals under the age of 13. Visit the Federal Trade Commission website for more information about the Children's Online Privacy Protection Act (COPPA).

III. ADDITIONAL INFORMATION ABOUT ONLINE INFORMATION

Online Information

When you visit or browse our Sites, we may collect Online Information as described in Section II of this Statement. The purpose of collecting this information is to improve the effectiveness of our Sites and product offerings. The collection of this information also allows for the compilation of De-identified and Aggregated Information about the usage of our Sites and can help us improve your use of our Sites, for example, providing quick login, streamlining site navigation and maintaining up-to-date content for all users.

Online Behavioral Advertising, "Cookies", and Similar Technologies

Royal First Bank and our digital Service Providers (e.g., Google or Facebook) may use Cookies, Web Beacons, mobile advertising identifiers, and other technologies for the purposes of delivering tailored advertising to you across the internet, and to help manage and optimize our internet-business and communications."Cookies" are pieces of data stored by your browser and used by web servers to uniquely distinguish your browser from all others and remember your browser over time, including preferences and other information. "Web Beacons" are small image files that are loaded when a webpage or other online resource is processed by your browser (including when emails are opened). Should you configure your browser to reject Cookies, you may disable some of our online service's features.

We use the following types of Cookies:

  • Performance Cookies: These Cookies let us count visits and traffic sources to measure and improve our Site's performance. They help us know which pages are the most and least popular and help us understand how visitors move around the Site. Online Information, including digital identifiers, collected through these technologies (e.g., Google Analytics) may be shared with Service Providers to conduct analytics and/or to provide you with ads about our products and services that may be of interest to you and which may be relevant to you, based on your browsing history and perceived interests.
  • Marketing Cookies: These Cookies may be set through our Site by companies with which we advertise. The Cookies may be used by those companies to build a profile of your interests and show you relevant ads on other sites.
  • Strictly Necessary Cookies: These Cookies are necessary for the website to function and can't be switched off in our systems. They're usually set in response to actions made by you that amount to a request for services such as setting your privacy preferences, signing into your account or filling in forms. You can set your browser to block or alert you about these Cookies, but then some parts of the Site won't work.
  • Functional Cookies: These Cookies enable the website to provide enhanced functionality and personalization. They may be set by us or Third Party providers whose services we've added to our pages.

Links to Other Sites and Other Privacy Policies

Our Sites may contain links to other party websites. When you click on these links, you may be providing information, including Personal Information, to the other party, us, or both. Royal First Bank has no control over the privacy practices or content of these linked websites, so we recommend that you carefully review the privacy policies or statements of every other party website that you visit.

IV. CHOICES RELATED TO HOW WE USE PERSONAL INFORMATION

You have choices about how we use your information, including what kinds of marketing you want to receive from us.

If you prefer to not receive targeted advertising, you can opt-out of some network advertising programs that use your information. To do so, please visit the NAI Consumer Opt-Out Tool or DAA Consumer Choice Tool. These tools identify member companies that have Cookies on your browser and allow you to submit opt-out requests to those companies. If you choose to opt-out, you will still see advertisements while you are browsing online; however, the advertisements you see may be less relevant to you and your interests. Please note these opt-out tools work via Cookies, so if you delete Cookies, use a different device, or change web browsers, you will need to opt-out again.

You can also opt-out of receiving marketing offers via email or telephone. Offers may include instructions on how to opt-out, or if you prefer, please call 888-FC-DIRECT (202-555-0185). We will still contact you for transactional purposes, such as to service your account or respond to an inquiry.

Do-Not-Track Signals

We currently do not employ technology that changes how our servers treat your browser if our servers receive a "do-not-track" signal since there is no universal standard on how to apply these settings.

V. HOW WE PROTECT THE CONFIDENTIALITY AND SECURITY OF YOUR PERSONAL INFORMATION

To protect your Personal Information from unauthorized access and use, we use security measures that comply with federal law. These measures include computer safeguards and secured files and buildings. Only people who have a legitimate business reason to do so in connection with their job responsibilities are authorized to access customer information. For further information, please see our Privacy & Security page.

VI. CHANGES TO THIS STATEMENT

This Statement is subject to change. If we make changes to this Statement, we will revise the "Last Updated" date at the top of this Statement. Your use of the Site means that you accept the terms of this Statement.

VII. CONTACT FOR MORE INFORMATION

If you have questions or concerns about Royal First Bank' privacy practices or this Statement, contact us:

Telephone: 202-555-0185 (202-555-0185) daily from 7 am to 11 pm ET

Email: privacy.questions@cit.com

Links to third-party websites may have a privacy policy different from Royal First Bank and may provide less security than this website. Royal First Bank and its affiliates are not responsible for the products, services and content on any third-party website.

Bank deposit products are offered by Royal First Bank. Member FDIC and an Equal Housing Lender. icon: sys-ehl.