Privacy & Security

Keep yourself protected by staying informed

Grand River Bank will never solicit personal information via email or telephone. Personal information can include access id’s, tax identification numbers, passwords, or debit card numbers.

FACTS

WHAT DOES GRAND RIVER BANK DO WITH YOUR PERSONAL INFORMATION?

WHY?

Financial companies choose how they share your personal information. Federal law gives consumers the right to limit some but not all sharing. Federal law also requires us to tell you how we collect, share, and protect your personal information. Please read this notice carefully to understand what we do.

WHAT?

The types of personal information we collect and share depend on the product or service you have with us. This information can include:

• Social Security number and income

• Account balances and payment history

• Credit history and credit worthiness

When you are no longer our customer, we continue to share your information as described in this notice.

HOW?

All financial companies need to share customers' personal information to run their everyday business. In the section below, we list the reasons financial companies can share their customers' personal information; the reasons Grand River Bank chooses to share; and whether you can limit this sharing.

REASONS WE CAN SHARE YOUR PERSONAL INFORMATION

Does Grand River Bank share?

Can you limit this sharing?

For our everyday business purposes- such as to process your transactions, maintain your account(s), respond to court orders and legal investigations, or report to credit bureaus

Yes

No

For our marketing purposes- to offer our products and services to you

Yes

No

For joint marketing with other financial companies

No

We don't share

For our affiliates' everyday business purposes- information about your transactions and experiences

No

We don't share

For our affiliates' everyday business purposes- information about your creditworthiness

No

We don't share

For nonaffiliates to market to you

No

We don't share

QUESTIONS?

Call 616.929.1600 or 888-929-4723 or go to grandriverbank.com


Page 2

WHAT WE DO

How does Grand River Bank protect my personal information?

To protect your personal information from unauthorized access and use, we use security measures that comply with federal law. These measures include computer safeguards and secured files and buildings.

We also restrict access to nonpublic personal information about you to only those employees who need to know that information to provide products or services to you.

How does Grand River Bank collect my personal information?

We collect your personal information, for example, when you

• open an account or deposit money

• pay your bills or apply for a loan

• use your credit or debit card

We also collect your personal information from others, such as credit bureaus or other companies.

Why can't I limit all sharing?

Federal law gives you the right to limit only

• sharing for affiliates' everyday business purposes - information about your creditworthiness

• affiliates from using your information to market to you

• sharing for nonaffiliates to market to you

State laws and individual companies may give you additional rights to limit sharing.

DEFINITIONS

Affiliates

Companies related by common ownership or control. They can be financial and nonfinancial companies.

• Grand River Bank does not share with our affiliates.

Nonaffiliates

Companies not related by common ownership or control. They can be financial and nonfinancial companies.

• Grand River Bank does not share with nonaffiliates so they can market to you.

Joint marketing

A formal agreement between nonaffiliated financial companies that together market financial products or services to you.

• Grand River Bank doesn't jointly market.



• Multiple layers of encryption, firewalls, screening, and filtering routers.

• Secure sessions established through Secure Socket Layers (SSL).

• Use of 128-bit capable encryption protocol.

• Login ID and User passwords.

• Strong password requirements.

• Sessions are “timed out” after a specified period of inactivity.

• Security procedures audited by external certified examiners.

• Security penetration testing routinely performed by independent security firm.

To help our government fight the funding of terrorism and money laundering activities, Federal Law requires all financial institutions to obtain, verify and record information that identifies each persona who open an account. When you open an account with Grand River Bank, we will ask for your Name, Address, Date of Birth and other information that will allow us to identify you. We may also ask to see you driver’s license to other identifying documents.

You can take a few precautions to protect yourself from other online threats:

• Install a Firewall, anti-virus software, and anti-spyware and keep your virus definitions and browser and security software current.

• Exercise reasonable care when downloading software and opening email attachments.

• Have your computer analyzed by a qualified technician if you suspect your computer is running abnormally, you are receiving an unusual amount of “pop-up” pages, or you notice that you are being redirected to other web pages.

• Beware of using non-encrypted wireless connections with computers, phones, and portable devices to send sensitive information from public wireless locations or even from home wireless networks. Using scanning devices, individuals can intercept unencrypted signals and view or obtain your information.

• Beware of “shoulder surfers” while using a computer in public areas who may be trying to intercept your passwords or information.

• Use strong passwords with a combination of uppercase and lowercase letters, numbers, and symbols. Change passwords periodically and always change pre-assigned temporary passwords. When creating PINs and passwords, do not use birth dates, addresses, phone numbers, etc. that are easily guessed from personal information.

• Never use the “save ID and password” option in your browser at home, or on a laptop or public computer.

• Do not email personal and financial information to non-secure sites. Because of the potential for loss, avoid storing personal information on a laptop computer.

• Properly dispose of old computers and ensure all sensitive information is removed from the hard drive. Reformatting the hard drive may not be sufficient - use specialized software to erase information.

• Review your bank statements closely. Make sure there are no transactions that you can’t account for and that all of the decimals are in the right spots. If you find any problems contact us immediately.

If you are a customer who has provided sensitive account or personal information in response to an unsolicited Grand River Bank email or phone call, immediately contact Grand River Bank at 616.929.1600. We are available to serve you Monday through Thursday from 8 AM - 5 PM and Friday from 8 AM - 5:30 PM.

Effective April 8, 2014, Microsoft discontinued extended support for its Windows XP operating system. Microsoft will no longer provide regular security patches, technical assistance, or support for XP. Security updates patch vulnerabilities that may be exploited by malware and help keep users and their data safer. PCs running Windows XP after April 8, 2014, should not be considered to be protected.

Due to the potential risk of data theft and unauthorized additions, deletions, and changes of data this presents, Grand River Bank has updated its minimum standards and XP no longer meets the minimum requirements. We strongly recommend our online banking customers migrate to a current supported operating system, such as Windows 7, for continued security updates and protection from malicious computer attacks, and to ensure continued support of our online related products and services.

The following are Grand River Bank’s minimum system requirements for online banking:


CPU

Dual Core Intel Xeon E5520 (2.26 GHz)

Memory

2 GB

Operating System

Windows 7 Standard (32 and 64-bit)

Windows 8 Standard 64-bit (MSC Only)

Drive Configuration (Raid 5/SAN)

60 GB System Drive (C:)

Web Browser

Internet Explorer 8, 32-bit

Internet Explorer 9, 32-bit & Compatibility View

Internet Explorer 10, 32-bit & Compatibility View

Protect Yourself Against Phishing

Phishing usually comes in the form of fraudulent emails that appear to come from legitimate sources. These ask customers to verify personal information or link to counterfeit Web sites that appear real.

Watch for emails that:

• Urge you to act quickly because your account may be suspended or closed, or to update your personal information.

• Don't address you by name, but use a more generic one like "Dear valued customer."

• Ask for account numbers, passwords, Access IDs, or other personal information.

We will NEVER ask for sensitive information, such as account numbers, access IDs or passwords, via e-mail.

Tips from the American Bankers Association for safeguarding your information:

• Do not give your Social Security number or other personal credit information about yourself to anyone who calls you.

• Tear up receipts, bank statements and unused credit card offers before throwing them away.

• Keep an eye out for any missing mail.

• Do not mail bills from your own mailbox with the flag up.

• Review your monthly accounts regularly for any unauthorized charges.

• Order copies of your credit report once a year to ensure accuracy. You may call 1-877-322-8228 for a free credit report from any or all three credit reporting agencies.

• Do business with companies you know are reputable, particularly online.

• Do not open email from unknown sources and use virus detection software.

• Protect your PINs (don’t carry them in your wallet!) and passwords; use a combination of letters and numbers for your passwords and change them periodically.

• Report any suspected fraud to your bank and the fraud units of the three credit reporting agencies immediately.

TransUnion: (800) 680-7289

Experian: (888) 397-3742

Equifax: (800) 525-6285

If you become a victim, contact:

• The fraud departments of the three major credit reporting agencies

• The creditors of any accounts that have been misused

• The local police to file a report

• The bank to cancel existing accounts held in your name and re-open new accounts with new passwords

We are committed to safeguarding our customers’ financial information. Maintaining our customers’ trust and confidence is a top priority. To learn more about how we protect your information, please review our privacy policy. .

What is identity theft?

Identity theft occurs when someone acquires your personal information and uses it without your knowledge to commit fraud or theft. It is a serious crime and cases are growing. An all-too-common example is when an identity thief uses your personal information to open a credit card account in your name.

No matter how cautious you are, there is no way to completely prevent identity theft from occurring. But there are ways you can help minimize your risk. This page contains valuable information on how you can protect yourself by managing your personal information wisely, the warning signs of identity theft, and what to do if you do become a victim.

Helpful Tips

• Don't give out personal information on the phone, through the mail or over the Internet unless you've initiated the contact or are sure you know whom you're dealing with.

• Don't carry your Social Security card with you; leave it in a secure place. Carry only the identification and credit and debit cards that you need.

• Don't put your address, phone number, or driver’s license number on credit card sales receipts.

• Social Security numbers or phone numbers should not be put on your checks.

• Shred your charge receipts, copies of credit applications, insurance forms, physician statements, checks and bank statements, expired charge cards that you're discarding, and credit offers you get in the mail.

• Secure your credit card, bank, and phone accounts with passwords. Avoid using easily available information like birth date, the last four digits of your SSN, or your phone number. When opening new accounts, you may find that many businesses still have a line on their applications for your mother's maiden name. Use a password instead.

• Secure personal information in your home, particularly if you have roommates or hire outside help.

• Promptly remove mail from your mailbox. If you're planning to be away from home and can't pick up your mail, call the U.S. Postal Service at 1-800-275-8777 to request a vacation hold.

• Ask about information security procedures in your workplace. Find out who has access to your personal information and verify that records are kept in a secure location. Ask about the disposal procedures for those records as well.

• Before revealing any personally identifying information (for example, on an application), find out how it will be used and secured, and whether it will be shared with others. Ask if you have a choice about the use of your information. Can you choose to have it kept confidential?

Why is it important to review your credit report?

Your credit report contains important information about your current and past credit and payment history. Negative information in your credit report will lower your credit score, which could affect things such as qualifying for a loan or insurance or even getting a job. When you review your credit report make sure to check for accuracy and report any errors or discrepancies to the credit bureau.

Guard against Identity Theft

It is recommended that you check your credit report at least annually. Victims of identity theft often do not know they are victims until their credit reports reveal the evidence that someone else has used their personal information to open accounts in their name.

For more information on accessing your free credit reports, visit the Federal Trade Commission's web site or request your free credit report in any of the following ways:

1. Online at www.annualcreditreport.com

2. By calling toll-free 1-877-322-8228

3. Mail your request to:

Annual Credit Report Request Service

PO Box 105281

Atlanta, GA 30348

Here are some helpful links and resources available to you:

Consumer Financial Protection Bureau Alerts – watch accounts closely when account data is hacked and report suspicious charges.

FinCen Alerts – FinCEN Fraudulent Correspondence and Phone Call alert.

Online Safety

Business Online Banking Security

Stopfraud.gov

Antiphishing.org

FDIC video “Don’t be an Online Victim”. Go to www.fdic.gov and select Identity Theft to view an informational video from the FDIC on how to protect your identity while using the internet.