Privacy Notice for EU Customers
This Notice applies to our European Union (EU) customers.
Mission Valley Bank provides this privacy notice (“Notice”), as data controller, to describe our practices regarding the collection, storage, use, disclosure and other processing of Personal Data (defined below). Mission Valley Bank may process your Personal Data in a variety of situations. These include when you or your organization have a relationship with a Mission Valley Bank entity (“Mission Valley Bank”). As described below, other examples in which we may process your Personal Data are in the context of providing financial products and carrying out financial services.
Types of Personal Data We Collect
Mission Valley Bank collects different types of Personal Data. We may collect information about individual representatives of our customer organizations (“Customers”) or other individuals who have a connection to our Customers or the services we are performing (collectively, “Individuals”) such as the Individual’s:
- Work contact details:
name, work address, phone number, mobile phone number, email address, and online contact details.
- Position description:
employer, title, position held, and length of employment.
- Authentication data:
passport or national identification card, driver’s license, other governmental identification information, home address and telephone number, documents that verify address, date of birth, country of domicile, and documents that verify employment, and signature authorization.
- Customer access or use data:
user name and passwords to log into a customer portal, location data, other website or product access information, and use of corporate credit card.
- Financial data:
salary and other income, sources of wealth, assets, financial relationships, and financial transactions.
- Background or credit check data:
credit check information, background check information including credit and criminal checks and screening, but only to the extent required or permitted by local law. Collectively, the above categories of data constitute “Personal Data.” We may collect, to the extent permitted by applicable law, Personal Data directly from Individuals, Customers, private lists, and publicly available sources. Failure to provide this information may result in Mission Valley Bank being unable to provide or continue to provide the requested services to the Customer.
Our handling of Personal Data
Mission Valley Bank needs to collect, process and use Personal Data for a number of purposes. A primary purpose is to ensure we can provide Customers with the products and services we offer and which they have requested. As described in greater detail below, we also need to use Personal Data for purposes of carrying out our business operations, including confirming a person’s authority as a representative or agent of a Customer, maintaining business continuity plans and processes, undertaking internal investigations and audits, handling legal claims, responding to requests from supervisory authorities, and complying with applicable laws and regulations on a global basis. We collect, process and use Personal Data:
- To provide products and services requested by our Customers. We collect and use work contact details, position description, authentication data, customer access or use data, financial data, and background or credit check data to perform obligations under our agreements, carry out related business functions, process data and transactions, perform banking services (including deposit taking and account management), conduct credit checks and due diligence, market products and services, provide financial services, and manage Customer relationships and inquires, including when we need to contact Customers or Individuals with important information or for other administrative purposes.
- To comply with legal obligations and regulations. We collect and use work contact details, position description, authentication data, financial data, and background or credit check data to comply with applicable laws, regulations, and legal obligations applicable to Mission Valley Bank, including “know your customer” obligations based on applicable anti-money laundering and anti-terrorism requirements, financial crime and fraud prevention, suspicious activity reporting, responding to requests from public authorities, complying with economic and trade sanction requirements, performing Customer and Individual due diligence, performing audit and risk assessments, conducting foreign exchange, preparing tax reports, complying with whistleblowing requirements, and handling legal claims.
- To confirm a person’s authority as a representative or agent of a Customer. We collect and use work contact details, position description, customer access or use data, and authentication data to confirm a person’s authority as a representative or agent of a Customer with which Mission Valley Bank has entered or intend to enter into various arrangements, including deposit contracts, loan contracts, contracts for foreign exchange transactions, contracts involving derivative transactions, letters of credit, loan services, account management, commercial banking, commercial real estate, structured lending, corporate and investment banking services, credit card issuance and processing, financial services, and investment management.
- To conduct recordkeeping. We collect and use work contact details, position description, authentication data, customer access or use data, financial data, and background or credit check data to facilitate managing our records in a systematic manner so they can be retrieved when required for legal, regulatory or operational reasons.
Transfer Personal Data to Different Countries
Mission Valley Bank does not transfer Personal Data to third parties in different countries.
Disclose Personal Data
We may disclose Personal Data, to the extent necessary and on a need-to-know basis, as follows:
- Beneficiaries, counterparties, and other parties related to a transaction; credit reference agencies. Mission Valley Bank may disclose Personal Data to beneficiaries, counterparties, or other parties related to a transaction on a worldwide basis to provide the services requested by our Customers and to comply with legal obligations and regulations.
- We may provide Personal Data to credit reference agencies where allowed by law.
- Service providers. Mission Valley Bank may disclose Personal Data to information technology providers or other service providers that act on our behalf and under our instructions regarding the processing of such data (“Data Processors”). Data Processors will be subject to contractual obligations to implement appropriate technical and organizational security measures to safeguard the Personal Data, and to process Personal Data only as instructed. Mission Valley Bank may also disclose Personal Data to independent external auditors or other service providers that may not be acting as a Data Processor. These service providers will be subject to any necessary contractual obligations to ensure the protection of such Personal Data.
- Legal requirements. Mission Valley Bank may disclose Personal Data if required or permitted by applicable law or regulation, including laws and regulations of the United States and other countries, or in the good faith belief that such action is necessary to: (a) comply with a legal obligation or in response to a legally binding request from law enforcement or other public authorities; (b) protect and defend the our rights or our property; (c) act in urgent circumstances to protect the personal safety of Individuals, Customers, employees of Mission Valley Bank, or others; or (d) protect against any legal liability. In addition, Mission Valley Bank may share Personal Data with U.S. regulators, and other self-regulatory bodies to which we are subject.
- Business transfers, combinations and related activities. As we develop our business, Mission Valley Bank might sell, buy, restructure or reorganize businesses or assets. In the event of any actual or proposed sale, merger, reorganization, restructuring, dissolution or any similar event involving our business or assets, Personal Data may be shared with the relevant entity or may be part of the transferred assets and will be subject to any necessary contractual obligations to ensure the protection of such personal Data. The recipients of Personal Data identified above may be located in the United States or in other countries, including countries located outside the EU, that may not provide the same level of data protection as your home country. As needed, we will establish appropriate data transfer agreements with such recipients, including agreements based on EU Model Contractual Clauses with respect to Personal Data transferred from the EU to a third country, or otherwise provide appropriate safeguards regarding transfers of Personal Data to other countries.
Keeping Your Personal Data Safe
Personal Data will be safely stored in the databases of Mission Valley Bank and will be held and maintained by Mission Valley Bank or on behalf of Mission Valley Bank by Mission Valley Bank service providers. Appropriate measures are taken so that Personal Data can be kept accurate and up-to-date, which will be in accordance with applicable security requirements. To prevent the loss, misuse, unauthorized access, disclosure, alteration or destruction of Personal Data, we will take appropriate legal, organizational and technical measures to protect Personal Data and ensure it is accessed by our team members only on a need-to-know basis. We will keep Personal Data no longer than necessary to fulfill the purposes described in this Notice. Under our record retention policy, we are required to destroy Personal Data after we no longer need it according to specific retention periods. However, we may need to hold Personal Data beyond these retention periods due to regulatory requirements of a particular country or in response to a regulatory audit, investigation or other legal matter. These requirements also apply to our third-party service providers. While registering with our website, mobile applications, or social media features (each, a “Site”), we may provide you with a unique identification and password for accessing our products and services. We encourage you to choose your password wisely such that no intruder or third party can obtain any unauthorized access to the Site. We also encourage you to keep your password confidential and not have any written or other record of the password that can be accessible by an intruder or third party.
Your Rights in Relation to Personal Data
Laws in the EU enable you to have appropriate control and oversight over what organizations do with your Personal Data. This Notice provides you with details about your Personal Data rights. You have the following rights in relation to your Personal Data:
- Access: you can ask us for a description of the Personal Data we hold about you and our purposes for holding it; you can also ask for a paper or electronic copy of this information.
- Rectification: you can ask us to correct your Personal Data if you see that it is inaccurate or incomplete.
- Objection: you can object to our processing of your Personal Data except where we base such processing on our legitimate interests or, if applicable, on public interests or where we act under an official authority. You can also object if we use your Personal Data for direct marketing purposes.
- Erasure: you can ask us to destroy your Personal Data if you believe we no longer need it or we are inappropriately using it, or if you withdraw your consent. You can also ask for the destruction after you object to our use of your Personal Data or for compliance with a legal obligation.
- Restriction of processing: you can ask us to temporarily stop using your Personal Data when you contest its accuracy, when you believe our use is unlawful, or when you wish us to keep but not use your Personal Data beyond our time limit for storage for the purpose of a legal claim you’ve made or plan to make. You can also ask us to temporarily stop using your Personal Data during the period we are processing your objection request.
- Data portability: you have the right to receive Personal Data you have provided to us in a structured, commonly used, and machine-readable format. You also have the right to request that we transmit your Personal Data directly to another party if technically feasible. This right only relates to Personal Data which we process based on your consent, or on a contract you have with us, and where we carry out the processing by automated means.
- Complaint with a supervisory authority: you have the right to lodge a complaint with a data protection supervisory authority in the European Union. In certain circumstances, we will need to use your Personal Data even though you may have asked us to delete it or restrict our use of it, or when you objected to our use. If this is necessary, we will do so in a lawful, fair, and transparent manner. Please contact us if you have any questions.
Revoking Consent to Use Your Personal Data
To the extent that consent is required by applicable law and our collection, use, disclosure or other processing of Personal Data is not otherwise permitted by applicable law, by providing Personal Data to Mission Valley Bank or authorizing the Customer to provide such information to us, you consent to the collection, use, disclosure, and other processing of Personal Data as described in this Notice. You expressly waive the bank secrecy or confidentiality laws and obligations, if any, of the country or countries where you are located but only to the extent permitted by applicable law. You may revoke consent at any time. Prior uses and disclosures will not be affected (unless required by applicable law), and we may otherwise continue to process Personal Data as permitted or required by law.
Stopping Mission Valley Bank from Sending Marketing Materials to You
We will only send you marketing and sales materials where, to the extent required by applicable law, you have consented to receive such materials. If you do not want to receive marketing and sales materials from Mission Valley Bank by direct mail, telephone or email, please follow the unsubscribe or opt-out instructions if provided in those communications or submit a written request to us. We will comply with any such request within a reasonable period of time after receiving it.
Exercising Your Rights
We are dedicated to responding to requests in relation to your Personal Data, and to help you with any other questions that you may have. Please contact us with questions.
Modifying this Notice
We will modify this Notice as a result of amendments to laws or regulations, or due to other reasons involving our operations. In such case, an amended Notice will be posted on our website. The page providing the Notice will indicate the date when it was last updated.
If you have questions or concerns you may address them to us by email or at the following address:
Mission Valley Bank
9116 Sunland Boulevard
Sun Valley, CA 91352
This Privacy Notice was last updated on December 5, 2018.