Privacy Policy
 

The First National Bank of Bastrop (FNB) is committed to protecting customer privacy. When a customer opens an account with us, that customer provides us with private financial and personal information, and we are committed to maintaining the confidentiality of that information. Our customers are not only protected by federal and state laws but by FNB’s commitment to uphold both the spirit and the letter of those laws. Our commitment is described in this Customer Privacy Statement.

Information Collection

The FNB maintains information and data about our customers for several reasons. We use information to protect and administer your records, accounts, and funds; to comply with certain laws and regulations; to help us design or improve our products and services; and to understand your financial needs so we can provide you with quality products and superior service.

Accuracy of Information

Keeping your information complete and accurate is very important to us, and we employ reasonable measures to ensure the accuracy, timeliness, and thoroughness of this information. If you think any information we have about you or your account(s) may be incorrect, please notify us immediately. We will make appropriate corrections as quickly as possible.

Sharing Customer Information

FNB is not affiliated with any other companies with which we would share any of your financial information, other than the bank's holding company, Bastrop Holdings, Inc. and Bastrop Bancshares, Inc. Bastrop Bancshares is a one-bank holding company which performs no other function than ownership of the bank.

Sharing Information with Other Companies

Although we are committed to protecting our confidential information about you, occasionally we may be required to or find it necessary to provide information about you and your finances to other companies with whom we do business.

For example, we are required to share your financial information with parties named in a lawsuit or administrative action when we are served with a subpoena or court order and with federal or state regulatory authorities, such as banking examiners or the Internal Revenue Service, as authorized by federal or state law. Consistent with the practice of other financial institutions, we also share information about you and your account(s) with us with reputable credit reporting agencies as authorized under federal law and with others who may receive certain information from us under particular circumstances, but only as lawfully permitted or required.

Further, we may contract with other reputable companies in our efforts to offer you additional products and services. We may disclose information to these companies as necessary to effect a service or transaction you request or authorize.

Employee Access

Customer confidentiality is emphasized in our new employee orientation program. Our employees are aware of their responsibility with respect to customer information through orientation programs, special training programs, and our policy on ethics. Only employees who need customer information to perform their duties are authorized to access customer information.

Protection of Information

FNB is committed to the security of your financial and personal information. All of our operational and data processing systems are in a secure environment that protects your account information from being accessed by third parties. We maintain and grant access to customer information only in accordance with our internal security standards.

Internet Privacy

Our commitment to safeguard your privacy also extends to the Internet. If you are just browsing through our website, we do not request any personally identifiable information, nor do we collect unique identifying information about you unless you voluntarily and knowingly provide us that information, such as when you send us an email or complete an application online. If you provide us this information, it is only used internally and in furtherance of the purpose for which it was provided.

Our Internet financial services provider, FundsXpress Financial Network, Inc. (FundsXpress) may collect general information on our Website visitors simply to help us provide banking and other financial services to you online. They collect certain information on our behalf for security and statistical purposes. The information collected for these purposes may include:

• The Internet address (referral site) which brought you to our web site;
• The date and time you access our site;
• The name and version of your web browser;
• The Internet service provider you used when you accessed our site;
• Your Internet Protocol (IP) address; and
• The pages visited in our Website.

FundsXpress may use cookies to collect this general information on all Website Visitors. They also use cookies for security purposes in our Internet Banking product and for customization and personalization of the Website.

In the future, we may use aggregate, general, non-personally identifiable information to help us market our products and services that may be of interest you.

Additional information about IP addresses and cookies are provided below.

Internet Protocol (IP) Addresses

An IP address is a number that's automatically assigned to your computer whenever you're on the Internet. Web servers, the computers that "serve up" Web pages, automatically identify your computer by its IP address.

When collecting information for us, FundsXpress does not link IP addresses to anything personally identifiable, which means that a user's session will be logged, but the user remains anonymous.

FundsXpress may use IP addresses to audit the use of our site. They can and will use IP addresses to identify a user when necessary for security purposes.

What is a Cookie?

A cookie is a very small text file sent by a web server and stored on your hard drive, your computer’s memory, or in your browser so that it can be read back later. Cookies cannot “read” information about you from your computer or be used to “steal” information about you; and cookies don’t carry viruses. Cookies are a basic way for a server to identify you (most cookies actually identify the computer you happen to be using at the time, not you personally). Cookies are used for many things from personalizing start up pages to facilitating online purchases. Cookies help sites recognize return visitors and they perform a very important function when you engage in secure Internet banking. For your security, we do not store any of your personal information in our cookies. The cookies used in our Internet banking system and Website are further described below.

Internet Banking Cookies

FundsXpress uses encrypted cookies that do not pass to your computer’s hard drive. Instead, the cookie is stored in your computer’s memory, identifying only your computer while you are logged on. Only FundsXpress can read the information in these cookies. This Internet banking cookie allows FundsXpress to process multiple transactions during your session without requiring you to reenter your pass code for each individual transaction. The cookies for Internet banking simply provide another level of security for our Internet banking product. When you log off, or close your browser, the cookie is destroyed. A new cookie is used for each session. That way, no one can use the prior cookie to access your account. For additional security, the cookie expires after 10 minutes of inactivity. It must then be renewed by reentering your pass code. FundsXpress does not (and cannot) use this cookie to collect or obtain new personal information about you. You must allow your browser to accept this cookie so you can use the Internet banking system.

Website Cookies:

FundsXpress uses several cookies to provide features within the Website. They send a “Web Trends” cookie to all Website visitors in order to help us collect general information on all Website visitors. This cookie is sent to your computer hard drive and provides us information such as; when you accessed our site, which pages you accessed in the Website, and what Internet provider you used when you accessed our site. The information collected through this cookie is not personally identifiable and is only used for statistical purposes to assist us in our planning process and our marketing program.

When visitors register on the Website and select the “Remember Me” checkbox, FundsXpress sends additional cookies to your hard drive, which enable you to customize the Website and bypass the login process each time you revisit the Website. These cookies are retained on your computer until you either delete them or click on the Logout link within the Website. These cookies only contain a unique user identification number and do not contain or collect any personally identifiable information.

When registered users login to the Website, FundsXpress sends an additional cookie called a "per-session" cookie or "server-side" cookie. This "server-side" cookie resides in the browser and is only used by FundsXpress to monitor the session by a unique identification number. This cookie is used for security purposes and you must allow your browser to accept the "server-side" cookie to use the Website. The cookie is destroyed after eight hours.

When you click on advertisements of 3rd party merchants within the Website, they may also send you a cookie to collect general non-personally identifiable information. You do not have to accept these cookies to use the Website.

Disclosure of Information

• We do not disclose any nonpublic personal information about our customers, former customers, website visitors or Website visitors to anyone, except as permitted by law.
• We must provide certain customer account information to service providers, such as FundsXpress, so that we may process your Internet banking transactions.
• We do not sell any of your personal information.
• We will not disclose any medical information that you provide to us, unless you specifically authorize its disclosure.
• We may disclose a portion of the customer information we collect on the Website to financial institutions that perform marketing services on our behalf and with whom we have joint marketing agreements. We have such an agreement with FundsXpress. Our contract requires FundsXpress to protect the confidentiality of your personal information to the same extent that we must do. The disclosure of certain information to FundsXpress can help us market financial products and services that may be of particular interest to you or save you money.

Email Policies

In the future we may send you email notices for certain required disclosures if you choose to accept electronic disclosures or statements. We may also send you emails to market our products and services that may be of interest you. We may also provide you an opportunity to subscribe to a newsletter; however, we will always provide you an opportunity to opt-in or opt-out of these advertising promotions if required by law. FundsXpress may send emails as an agent on our behalf.

External 3rd Party Links

Our Website has numerous links to other 3rd party sites. These links to external third parties are offered as a courtesy and a convenience to our customers.

First National Bank of Bastrop is not responsible for the privacy practices or the content of such web sites. As a general rule, you should always look for and review a site's privacy policy before giving out any personal information.

Third party merchants may collect personal information from you when you visit their sites. For example, they collect personal information from you when you provide billing information or send them an email. Some third party merchants may also send you a cookie to collect data on your Internet usage and preferences. When you click on advertisements at third party sites, the advertising company may also send you a cookie. With the exception of our service provider, FundsXpress, we do NOT have access to the information collected by any third party, nor can we control how they use this information. If you have questions or concerns about the privacy policies and practices of these third parties, please review their websites and contact them directly.

^back to top

Security

First National Bank of Bastrop has developed strict policies and procedures to safeguard your personal information. We restrict employee access to your sensitive personal information to a "need to know" basis. We maintain physical, electronic, and procedural safeguards that comply with federal regulations to guard your nonpublic personal information. We educate our employees about the importance of confidentiality and customer privacy. We take appropriate disciplinary measures to enforce employee privacy responsibilities. We offer secure email through our Internet Banking service. You should use the secure mail service anytime you send us sensitive personal information.

Our Internet Banking service provider, FundsXpress, has also developed security policies and procedures to protect the customer information that they must collect and maintain to help us process your banking transactions over the Internet. They have developed a top-of-the line security system to ensure your customer information is protected on the Internet and within the FundsXpress environment. For more information on the FundsXpress security measures, please visit their website at http://www.fundsxpress.com.

If you would like to know what information we have collected in connection with your use of our products and services, including Internet based products and services, please contact us 512-321-2561 or

First National Bank of Bastrop
1028 Main Street
Bastrop, TX 78602

After reviewing the information, if you believe any of the information is in error, contact us either by phone or email info@fnbbastrop.com, or send a letter that explains the alleged discrepancy. If the information is incorrect, we will work with you to ensure your information is promptly updated.

In addition, if you believe any information that First National Bank of Bastrop or FundsXpress has collected about you has been used for an improper purpose; please contact us at info@fnbbastrop.com. Explain your concerns in as much detail as possible so that we may take any appropriate action.

^back to top

Fraud Alert

Beware of Internet Fraud. The bank will never request confidential information through e-mail. Report any such requests to the bank at 512-321-2561.

Consumer Alert - Fraudulent FDIC Email Notification

FDIC Consumer Call Centers in Kansas City, Missouri, and Washington, D.C., have begun receiving a large number of complaints by consumers who received an e-mail that has the appearance of being sent from the FDIC. The e-mail informs the recipient that Department of Homeland Security Director Tom Ridge has advised the FDIC to suspend all deposit insurance on the recipient’s bank account due to suspected violations of the USA PATRIOT Act. The e-mail further indicates that deposit insurance will be suspended until personal identity, including bank account information, can be verified.

This e-mail was not sent by the FDIC and is a fraudulent attempt to obtain personal information from consumers. Financial institutions and consumers should NOT access the link provided within the body of the e-mail and should NOT under any circumstances provide any personal information through this media.

The FDIC is attempting to identify the source of the e-mails and disrupt the transmission. Until this is achieved, consumers are asked to report any similar attempts to obtain this information to the FDIC by sending information to alert@fdic.gov.

Consumer Alert: Don’t Fall Victim to Online Scams

Your security is important to us. Here at First National Bank we want to provide tools and resources to help prevent identity theft and educate you on security.

What is “Phishing”? Phishing (FISHing)
Phishing is a high-tech scam that uses spam or pop-up messages to attempt to deceive you into disclosing your credit card numbers, bank account information, Social Security number, passwords, and/or other sensitive information.

Example Citations
Phishing is the term coined by hackers who imitate legitimate companies in e-mails to entice people to share passwords or credit card numbers.

What is “Spoofing”?
Pretending to be something it is not, on the Internet, usually an e-mail or a Web site.

How to report Phishing:
We suggest reporting phishing e-mails or spoofed Web sites to the following groups:

• Forward the e-mail to reportphishing@antiphishing.org.
• Forward the e-mail to the Federal Trade Commission at spam@uce.gov.
• Forward the e-mail to the “abuse” e-mail address at the company that is being spoofed (e.g., spoof@ebay.com).
• When forwarding spoofed messages, always include the entire original e-mail with its original header information intact.
• Notify the Internet Crime Complaint Center of the FBI by filing a complaint on their Web site: www.ic3.gov.

Recommended Actions if You’ve Become a Victim of a Phishing Scam

If You Have Given Out Your Credit, Debit, or ATM Card Information

• Report the incident to the card issuer as quickly as possible.
• Report using toll-free numbers and 24 service that many companies have established to deal with such emergencies.
• Request your card issuer close your compromised account number and reissue you a new card with a different number.
• Monitor your account activity and review account statements carefully after the information loss.
• If any unauthorized charges appear, call the card issuer immediately and follow up with a hard copy letter via a traditional delivery service such as the U.S. Postal Service (keep a copy for yourself) describing each questionable charge.

Credit Card Loss or Fraudulent Charges

Your maximum liability under federal law for unauthorized use of your credit card is generally $50. However, that $50 potential liability probably does not apply for unauthorized telephone and Internet transactions because there is “no means to identify the cardholder” in those cases.

ATM or Debit Card Loss or Fraudulent Transfers

• Your liability under federal law for unauthorized use of your ATM or debit card depends on how quickly you report the loss.
• You risk unlimited loss if you fail to report an unauthorized transfer within 60 days after your bank statement containing unauthorized use is mailed to you for transactions made after that 60-day period.

If You Have Given Out Your Bank Account Information

Report the theft of this information to the bank as quickly as possible.
Request your bank close the compromised account and re-open a like account with a different number.

If You Have Downloaded a Virus or ‘Trojan Horse’

Some phishing attacks use viruses and /or “Trojan Horses” to install programs called “key loggers” on your computer. These programs capture and send out any information that you type to the phisher, including credit card numbers, user names and passwords, Social Security numbers, etc. If this happens, it’s likely you may not be aware of it until you unusual transactions on your account.

To minimize this risk, you should:

• Install and/or update anti-virus and personal firewall software.
• Update all virus definitions and run a full scan.
• If your system appears to have been compromised, repair it and then change your password again, since you may well have transmitted the new one to the hacker.
• Check your other accounts! The fraudsters may have helped themselves to many different accounts: eBay account, PayPal, your e-mail ISP, online bank accounts, online trading accounts and other e-commerce accounts, and everything else for which you use online passwords.

If you have given out your personal identification information

If you believe you have given out personal information such as your name, address, and Social Security number to someone who may use it for fraud:

Contact the three major credit reporting agencies – Experian, Equifax and TransUnion – and do the following:

• Request that the agencies place a fraud alert and a victim’s statement in your file.
• Request a free copy of your credit report to check whether any accounts were opened without your consent.
• Request that the agencies remove inquires and/or fraudulent accounts stemming from the theft.

Major Credit Bureaus

Equifax – www.equifax.com

• To order your report, call: 800-685-1111 or write : P.O. Box 740241, Atlanta, GA 30374-0241.
• To report fraud, call: 800-525-6285 and write: P.O. Box 740241, Atlanta, Ga 30374-0241.
• Hearing impaired call 1-800-255-0056 and ask the operator to call the Auto Disclosure Line at 1-800-685-1111 to request a copy of your report.

Experian – www.experian.com

• To order your report, call: 888-EXPERIAN (397-3742) or write: P.O. Box 2002, Allen, TX 75013.
• To report fraud, call: 888-EXPERIAN (397-3742) and write: P.O. Box 9530, Allen, TX 75013. TDD: 1-800-972-0322.

Trans Union – www.transunion.com

• To order your report, call: 800-888-4213 or write: P.O. Box 1000, Chester, PA 19022.
• To report fraud, call: 800-680-7289 and write: Fraud Victim Assistance Division, P.O. Box 6790, Fullerton, CA 92634 TDD: 1-877-553-7803.

Additional Actions to Take

• If bank accounts were set up without your consent, close them.
• Contact your local police department to file a criminal report.
• Contact the Social Security Administration’s Fraud Hotline to report the unauthorized use of your personal identification information.
• Notify the Department of Motor Vehicles of your identity theft.
• Check to see whether an unauthorized driver’s license number has been issued in your name.
• Notify the passport office to be on the lookout for anyone ordering a passport in your name.
• File a complaint with the Federal Trade Commission. Ask for a free copy of “ID Theft: When Bad Things Happen in Your Good Name,” a guide that will help you guard against and recover from your theft – and guard it in the future.
• File a complaint with the Internet Crime Complaint Center (IC3) by visiting their Web site: www.ic3.gov. IC3 is a partnership between the Federal Bureau of Investigation (FBI) and the National White Collar Center (NW3C), with a mission to address fraud committed over the Internet. For victims of Internet fraud, the Center provides a convenient and easy-to-use reporting mechanism that alerts authorities of a suspected criminal or civil violation.
• Document the names and phone numbers of everyone you speak to regarding the incident. Follow up your phone calls with letters. Keep copies of all correspondence.

Identify Theft Resources

• http://www.consumer.gov/idtheft/
• http://www.identity-theft-help.us/
• http://www.identytheft.org/
• http://www.usdoj.gov/criminal/fraud/idtheft.html
• http://www.ic3.gov
• http://www.ftc.gov/bcp/conline/pubs/alerts/phishingalrt.htm

How to Practice Safe Computing

The number and sophistication of phishing and spoofing scams sent out to consumers is continuing to increase dramatically. While online banking is widely considered to be as safe as or safer than in-branch or ATM banking, as a general rule you should be careful about giving out your personal financial information over the Internet. Remember, no reputable financial institution will ever request your personal information via e-mail.

Here is a list of recommendations to follow in order to avoid becoming a victim of scams:

1. Be suspicious of any e-mail with urgent requests for personal financial information.
   Phishers have been known to include upsetting or enticing (but false) statements in their e-mails to get people to react immediately. More recently, some phishers have toned down their language, as e-mail recipients have become more aware of the use of this tactic. Either way, the e-mail typically asks for information such as user names, passwords, credit card numbers, Social Security numbers, etc.

2. Be careful of e-mails that are not personalized and /or may contain spelling errors and/or awkward syntax and phrasing. Many phishing e-mails are sent in great bulk and, therefore, are not personalized. If you are suspicious of an e-mail claiming to be from your institution that is not personalized, call your institution before responding. Many also are being sent from other countries from individuals for whom English is a foreign language, thus resulting in misspelled words and awkward syntax and phrasing.

3. Be careful of personalized e-mails that ask for personal financial information. Be suspicious of any e-mail that contains some personal financial information, such as a bank account number and asks for other information, such as a PIN. Your bank will never ask for or send personal financial information by e-mail.

4. Do not use links in an e-mail to get to any Web page. Instead, call the bank on the telephone to confirm the address, or log onto the Web site directly by typing in the Web address in your browser.

5. Do not complete forms in e-mail messages that ask for personal financial information. Your financial institution would never ask you to complete such a form within an e-mail message.

6. Only communicate information, such as credit card numbers or account information, via a secure Web site or the telephone. When submitting financial information to a Web site, look for the padlock or key icon at the bottom of your browser, and make sure the Internet address begins with “https.” A secure Web server designation can be found by checking the beginning of the Web address in your browser’s address bar – the address should begin https://... Rather than just http://... While you can not be completely sure that a Web site is secure when its address starts with “https,” you can be sure the Web site is not secure when it does not start with “https.”

7. Regularly log on to your online accounts and check your bank, credit and debit card statements to ensure that all transactions are legitimate. One of the real advantages of banking online is being able to regularly review your account for unauthorized or unusual activity. If anything is suspicious, contact your bank and all card issuers immediately.

8. Ensure that your browser is up to date and security patches applied. Always visit your browser’s home page to download the latest security updates even if they don’t alert you to do so.

9. Use online statements to reduce the volume of paper mailed. Paper today is the cause of more actual instances of identity fraud than are electronic thefts.

Consumer Tips

To avoid becoming a victim of a phishing scam, the American Bankers Association offers these tips:

• Never give out your personal financial information in response to an unsolicited phone call, fax or email, no matter how official it may seem.

• Do not respond to email that may warn of dire consequences unless you validate your information immediately. Contact the company to confirm the email's validity using a telephone number or Web address you know to be genuine.

• Check your credit card and bank account statements regularly and look for unauthorized transactions, even small ones. Some thieves hope small transactions will go unnoticed. Report discrepancies immediately.

• When submitting financial information to a Web site, look for the padlock or key icon at the bottom of your browser, and make sure the Internet address begins with "https." This signals that your information is secure during transmission.

• Report suspicious activity to the Internet Crime Complaint Center, a partnership between the FBI and the National White Collar Crime Center.

• If you have responded to an email, contact your bank immediately so they can protect your account and your identity. For information on identity theft, visit ABA's Consumer Connection.

• For more information on phishing, visit the Federal Deposit Insurance Corporation, Federal Trade Commission or the Anti-Phishing Working Group.