Consumer Safety

Our Public Disclosure on Privacy

Our Responsibilities

The confidentiality and protection of customer information is one of First National Bank's fundamental responsibilities. And while information is critical to providing quality service, we recognize that our most important asset is the trust of our customers. Thus, the safekeeping of customer information is a priority for First National Bank. The following are the general policy statements regarding our customers' privacy:

• It is our policy to take all necessary steps to limit the use and collection of information about our customers to that information that is necessary to administer our business, provide superior service, and offer opportunities that are of interest to our customers.
• It is our policy to ensure that others who are provided access to this information also maintain the confidentiality and integrity of the information.
• It is our policy to give our consumers the right to “opt-out” of providing information when any disclosure of that information may be provided to non-affiliated third parties.
• It is our policy to refuse to disclose account information to third-party marketers.
• It is our policy to disclose our general annual privacy policy to our customers.

The first key to sound Information Security is commitment. This commitment must emanate from the Board of Directors through Senior Management to all bank personnel. The commitment must be universal. The bank cannot relax its commitment to Information Security nor tolerate those in the bank unwilling to maintain the bank’s commitment to sound Information Security.

The Board of Directors affirms that any personnel unable or unwilling to meet the privacy guidelines established herein will be subject to disciplinary action. Moreover, if the action(s) of any employee or group of employees involves any form of illegal activity, the bank will take appropriate action. Similarly, the bank will pursue action against any vendors or others who violate Information Security efforts and established guidelines. In short, First National Bank takes privacy seriously.

Our Approach to Your Privacy

Oversight

First National Bank has designated specific individuals to handle your privacy concerns. The bank has assigned its Risk Management Committee to handle the major privacy issues. In addition, the bank has designated an Information Security Officer (ISO). The ISO is given the day-to-day oversight role regarding privacy. If you have any questions regarding your privacy at First National Bank please do not hesitate to contact us and ask for the Information Security Officer.

Other Information Security Efforts

To establish and maintain your privacy, First National Bank utilizes various systems and devices. We continually review the effectiveness of these systems and make corrections when necessary. We conduct training on the use of these systems and work diligently to ensure all of our employees recognize the importance of confidentiality. An annual independent review of our efforts is conducted that provides us additional insight into the effectiveness of our efforts.

You Can Help

You can help protect your own privacy. There are many websites that provide guidance on protecting your privacy. Some of these include the following:

Privacy Links

• Consumer Protection Association, https://consumerfed.org/consumer-protection-association/
• Electronic Privacy Information Center , https://www.epic.org/
• Privacy Forum, Lauren Weinstein, https://www.vortex.com/privacy
• Privacy Rights Clearinghouse, https://privacyrights.org/
• Privacy Times, Evan Hendricks, http://www.privacytimes.com/
• U.S. PIRG, www.pirg.org

Other Things to Do

There are other things you can do to protect your security. The first step in guarding your privacy is to find out what information about you is already stored in data banks.

Credit Reports

Credit reports about you are available to anyone with a "legitimate business need." This information could determine whether you get a job, a loan, insurance or an apartment. You should check your credit reports periodically to determine if information about you is accurate. You can request reports from each of the largest credit reporting agencies ($8 each), by calling: Experian (800) 682-7654; Equifax (800) 685-1111; Trans Union (900) 851-2674 or (800) 916-8800. You may be able to access a free copy of your credit report under certain circumstances.

Each company may have different information, so it's important to request a report from each. While you're talking to the agencies, you may want to find out how to get your name removed from their lists that are rented or sold.

Medical History

Your medical history may be stored in an insurance industry database. You can get a copy of your records (for $8) through the Medical Information Bureau, by calling (617) 426-3660 or write: MIB, P.O. Box 105 Essex Station, Boston, MA 92112.

In some states, you have a right to see the medical records held by your doctor or other health providers. Check with your state's medical board or physician licensing agency.

Social Security

You can find out if your account has been tampered with and whether or not your earnings have been properly recorded by requesting a Social Security Earnings Benefits Statement from the Social Security Office. Call (800) 772-1215 for information.

Department of Motor Vehicles

Like many government records, DMV records are public and accessible to anyone. To check your driving records, visit your local DMV office. There may be a fee.

Get off lists and out of data banks

National Mailing Lists. You can get your name off many national direct marketing lists by writing the Direct Marketing Association. Tell them to add you to their "delete" or "opt-out" file, which is sent to subscribing organizations several times a year. Write to: Direct Marketing Association, Mail Preference Service, P.O. Box 9008, Farmingdale, NY 11735-9008.

Telephone Directory & Reverse Directories. You may want to consider listing only your telephone number in the telephone book and telling the phone company to remove your listing from its street address directory. You may also want to request an unlisted telephone number and request that it not be included in any directories.

Gifts, Donations, Memberships. You may want to tell charities, nonprofits and other organizations to which you give or belong that you don't want your name and address added to any mailing lists that are available to others.

Subscriptions. When you subscribe to a publication, you may want to make sure you tell them to keep information about you to themselves. Don't rent, sell or exchange it.

Telemarketing Lists. You may want to consider telling every telemarketer who calls you to take your name off his or her list. (They're required by law to honor your request.) Write the DMA to be added to their "don't call" or "opt-out" list. Write to: Direct Marketing Association, Telephone Preference Service, P.O. Box 9014, Farmingdale, NY 11735-9014.

Telephone. Use Caller ID, Call Blocking and other services provided, for a fee, by your telephone company. Request that your telephone number be blocked from access by Caller ID equipment used by those whose numbers you call.

Mail. Use a post office box instead of your home address to receive your mail. It will provide you with a protective screen between your home and those who want to solicit you as a customer.

Be Assertive! The only way to keep your information private is to guard it. Don't comply with every request for information about you. Ask why. Say no. Be stringent, give only the minimum required.

Thing You Should Not Do

Don't give out information without good cause. This includes your phone number, address, and especially your social security number. Always ask why information about you is needed. You can choose to whom you give information and what information you give. Your social security number is required only on tax forms, employment records and most banking, stock and property transactions and credit reports. For any other use, request an alternative number. Always ask for the procedure to have your information kept private by the agency or organization.

Use caution when paying by automatic withdrawal cards or credit cards. Someone could be watching using sophisticated systems.

Remember that when you join "buyers clubs" at stores or supermarkets that information about your buyer preferences may be added to the database each time you use your membership card. In addition, information on applications may be sold to direct-mail marketers or telemarketers. You may want to consider requesting the store's privacy policy and requesting that your personal information is not to be used by others.

Don't call 800, 888 or 900 numbers unless you have an established relationship with the company. Your phone number may be captured through an Automatic Number Identification system and sold. If you do call, make sure to tell the business you do not want information about you added to any lists that may be rented or exchanged.

Don't pre-print your phone number on your checks. Always ask the purpose for additionally requested information. Never pre-print your social security number on anything.

Don't toss your mail out without tearing in half anything that has your credit card numbers or other info about you that could be used by someone else. Do keep two separate trash bags. You may want to consider getting a paper shredder for your home.

Remember that when you sign up for sweepstakes or contests that most giveaways and drawings are designed as a method to gather names and addresses for marketing purposes.

Recognize that when you fill out product registration cards that the receipt you receive when you pay for an item, along with the product warranty, should be sufficient if a problem arises. Product registration cards are often used to gather marketing information.

Take caution when revealing credit card numbers, bank account numbers or other sensitive information via cordless and cellular telephones. Conversations on these phones are relayed via radio signals and might be picked up by scanners.