PRIVACY POLICY
Effective as of January 1, 2020
Last updated July 16, 2021
INTRODUCTION
First Midwest Bank (“First Midwest,” “we,” “our,” or “us”) respects the privacy of your information. This Privacy Policy is designed to assist you in understanding how we collect, use and safeguard the information you provide to us in using our website (“Site”), the services provided through our Site, and the mobile applications we offer (collectively, “Services”).
If you have a consumer financial product or service with us, we will use and share any information that we collect from or about you in accordance with our U.S. Consumer Privacy Notice, which offers you certain choices with respect to the use and sharing of your personal information.
From time to time, we may change this Privacy Policy. If we do, we will post an amended version on this webpage. Please review this Privacy Policy periodically.
COLLECTING AND USING INFORMATION
Personally Identifiable Information We Collect Online
We may collect Personally Identifiable Information from you through your use of the Site and Services. “Personally Identifiable Information” is individually identifiable information about an individual consumer that we collect online and that we maintain in an accessible form. We collect the following types of Personally Identifiable Information:
Information You Provide
We may collect the following Personally Identifiable Information that you voluntarily provide to us:
- Online Banking. If you open an online banking account, we will collect your first and last name, social security number, and email address. We will also collect the pin number associated with your banking account. Every time you log on to use our online banking feature we will request that you enter your User ID—personal online identifier.
- Applications. If you apply for one of our financial products or services, such as a credit card, bank account, or loan, we will collect your first and last name, postal address, email address, telephone number, and social security number. We also will collect other information such as your date of birth, marital status, driver’s license number and expiration date, months and years you have resided at your current residence, current rent or mortgage monthly payment, employment information such as your occupation, employer name and address, your gross monthly income, and if you are applying for a loan, we will request your bank account number.
- Mobile Apps. If you use our mobile applications we, through our mobile application service providers, will collect your User ID and password information. We also will collect a device identifier and location to provide additional security to protect your account.
- Talk to an Expert. If you request communication with one of our experts, we will collect your first name and telephone number.
- Business Express. If you enroll in our Business Express service, we will request the name of your business, your first and last name, postal address, telephone number, and email address. We will also collect your financial information such as your bank account and routing number.
Information as You Navigate Our Site
We automatically collect certain Personally Identifiable Information through your use of the Site and Services, such as the following:
- Usage Information. We collect information automatically through your use of the Site and Services, such as which of the pages on the Site you access, the frequency of access, and what you click on while on the Site.
- Device Information. We collect information about the device you are using, such as hardware model, operating system, application version number, and browser.
- Mobile Device Information. In addition to the Device Information listed above, when you access our Site via a browser on your mobile device, we collect and aggregate information about whether you are accessing the Site via a mobile device or tablet, device type, and carrier.
- Location Information. We collect location information from Site visitors on a city-regional basis.
Third Party Information
In some cases, we may receive certain Personally Identifiable Information from you about a third party. For example, as part of our application process, you may provide the information of a third party. If you submit any Personally Identifiable Information about another individual to us, you are responsible for making sure that you have the authority to do so and to allow us to use their Personally Identifiable Information in accordance with this Privacy Policy.
How We Use Your Personally Identifiable Information
We use the Personally Identifiable Information we collect to provide the Services to you, to improve our Services and Site, and to protect our legal rights. In addition, we may use the Personally Identifiable Information we collect to:
- Process your account registration and application;
- Provide customer service;
- Review your job application;
- Contact you regarding our products and services that we feel may be of interest to you;
- Communicate with you about our Site or Services or to inform you of any changes to our Site or Services;
- Provide support;
- Maintain and improve our Site and Services;
- Defend our legal rights and the rights of others;
- Efficiently maintain our business; and
- Comply with applicable law.
How We Share Your Personally Identifiable Information
We may share the information that we collect about you in the following ways:
- With service providers who perform data or Site-related services on our behalf (e.g., email, hosting, maintenance, backup, analysis, etc.). Any such service providers will be under an obligation to us to maintain the confidentiality of your Personally Identifiable Information;
- To service providers to prepare, deploy, and analyze advertising content;
- To the extent that we are required to do so by law; In connection with any legal proceedings or prospective legal proceedings;
- To establish, exercise, or defend our legal rights, including providing information to others for the purposes of fraud prevention;
- To any person who we reasonably believe may apply to a court or other competent authority for disclosure of that Personally Identifiable Information where, in our reasonable opinion, such court or authority would be reasonably likely to order disclosure of that Personal Information;
- To any other person or entity as part of any business or asset sale; and
- To any other person or entity where you consent to the disclosure.
COOKIES AND OTHER TRACKING TECHNOLOGIES
How We Use Cookies
Like many other companies, we use cookies and other tracking technologies (such as pixels and web beacons) (collectively “Cookies”). “Cookies” are small files of information that are stored by your web browser software on your computer hard drive, mobile or other devices (e.g., smartphones or tablets).
We use Cookies to:
- Estimate audience size and usage patterns;
- Understand and save your preferences for future visits, allowing us to customize the Site and Services to your individual needs;
- Advertise new content and services that relate to your interests; Keep track of advertisements and search engine results;
- Compile aggregate data about Site traffic and Site interactions to resolve issues and offer better Site experiences and tools in the future;
- Ensure browsing security;
- and Recognize when you return to the Site.
We set some Cookies ourselves and others are set by other entities. We use Cookies set by other entities to provide us with useful information to help us improve our Site and Services, to conduct advertising, and to analyze the effectiveness of advertising. For example, we use Cookies from Google, Facebook and other similar companies.
We use technology supplied by certain service providers such as Hotjar and WebTrax to better understand our users’ needs and to optimize our Services and your experience. The technology helps us better understand our users’ experience (e.g. how much time they spend on which pages, which links they choose to click, what users do and don’t like, etc.) and this enables us to build and maintain our Services with user feedback. The technology uses cookies and other tools to collect data on our users’ behavior and their devices. This may include a device’s IP address (processed during your session), device screen size, device type (unique device identifiers), browser information, and the preferred language used to display our Site.
How You Can Opt-Out of Cookies
Browser Settings
Cookies can be blocked by changing your Internet browser settings to refuse all or some Cookies. If you choose to block all Cookies (including essential Cookies) you may not be able to access all or parts of the Site.
You can find out more about Cookies and how to manage them by visiting http://www.allaboutcookies.org/privacy-concerns/.
Platform Controls
You can opt out of Cookies set by specific entities by following the instructions found at these links:
- Google: https://adssettings.google.com
- Facebook: https://www.facebook.com/about/ads
Advertising Industry Resources
You can understand which entities have currently enabled Cookies for your browser or mobile device and how to opt-out of some of those Cookies by accessing the Network Advertising Initiative’s website or the Digital Advertising Alliance’s website. For more information on mobile specific opt-out choices, visit the Network Advertising Initiative’s Mobile Choices website.
Please note that these opt-out mechanisms are specific to the device or browser on which they are exercised. Therefore, you will need to opt out on every browser and device that you use.
Third Party Processors
To ensure that your Personally Identifiable Information receives an adequate level of protection, we have put in place appropriate procedures with the service providers we share it with to ensure that it is treated consistent with applicable data security and privacy laws. For example, we use service providers to allow us to accept applications and deliver our financial products and services.
Google Analytics
We use Google Analytics, a web analytics service provided by Google, Inc. Google Analytics uses Cookies or other tracking technologies to help us analyze how users interact with the Site and Services, compile reports on their activity, and provide other services related to their activity and usage. The technologies used by Google may collect information such as your IP address, time of visit, whether you are a returning visitor, and any referring website. The technologies used by Google Analytics do not gather information that personally identifies you. The information generated by Google Analytics will be transmitted to and stored by Google and will be subject to Google’s privacy policies. To learn more about Google’s partner services and to learn how to opt-out of tracking of analytics by Google, click here.
“Do Not Track” Signals
Some internet browsers incorporate a “Do Not Track” feature that signals to websites you visit that you do not want to have your online activity tracked. Given that there is not a uniform way that browsers communicate the “Do Not Track” signal, the Site does not currently interpret, respond to or alter its practices when it receives “Do Not Track” signals.
CHOICES ABOUT YOUR PERSONALLY IDENTIFIABLE INFORMATION
Review and Request Changes to Your Personally Identifiable Information
You may use your account to access, correct, or view certain Personally Identifiable Information we have collected and which is associated with your account. To review or request changes to any of your Personally Identifiable Information, please contact us at CustomerCare@FirstMidwest.com.
Marketing Communications
To unsubscribe from our marketing emails, please click the unsubscribe link included in the footer of our emails. You also may submit a request to us at CustomerCare@FirstMidwest.com.
SECURITY
First Midwest safeguards client information by maintaining physical, electronic, and procedural safeguards that comply with federal standards to guard non-public personal information about you. This is accomplished by operating under a detailed information security policy and program designed to protect the security of your information. The information security program is subject to ongoing regulatory oversight and examination. However, no security measure or modality of data transmission over the Internet is 100% secure. Although we strive to use commercially acceptable means to protect your Personally Identifiable Information, we cannot guarantee absolute security.
A critical part of protecting your information includes steps you should take to protect yourself when using computers to access online services, communicate and store information. If you'd like to know more about how First Midwest Bank protects information about you, click here for details about our Website Privacy & Security Practices.
THIRD PARTY LINKS
The Site may contain links that will let you leave the Site and access another website. Linked websites are not under our control. Except as stated below, this Privacy Policy applies solely to Personally Identifiable Information that is acquired by us on this Site. We accept no responsibility or liability for these other websites.
CHILDREN’S PRIVACY
The Site and Services are not intended for children under 13 years of age. We do not knowingly collect, use, or disclose personal information from children under 13 years of age.
NOTICE TO CALIFORNIA RESIDENTS
The California Consumer Privacy Act (CCPA) requires that we provide California residents with a privacy policy that contains a comprehensive description of our online and offline practices regarding the collection, use, disclosure, and sale of personal information and of the rights of California residents regarding their personal information. This section of the Privacy Policy is intended solely for, and is applicable only as to, California residents. If you are not a California resident, this does not apply to you and you should not rely on it.
The CCPA defines “personal information” to mean information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household. Personal information does not include information that is publicly available, deidentified or aggregate information. For purposes of this “Notice to California Residents” section we will refer to this information as “Personal Information.
Right to Know About Personal Information Collected, Disclosed, or Sold
If you are a California resident, you have the right to request that we disclose what Personal Information we have collected about you. This right includes the right to request any or all of the following:
- Specific pieces of Personal Information that we have collected about you;
- Categories of Personal Information that we have collected about you;
- Categories of sources from which the Personal Information was collected;
- Categories of Personal Information that we sold (if applicable) or disclosed for a business purpose about you;
- Categories of third parties to whom the Personal Information was sold (if applicable) or disclosed for a business purpose; and
- The business or commercial purpose for collecting or, if applicable, selling Personal Information.
The CCPA defines “sell” to mean selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, a California resident’s Personal Information to another business or a third party for monetary or other valuable consideration.
Collection of Personal Information
We currently collect and, in the 12 months prior to the “last updated” date of this Privacy Policy, have collected the following categories of Personal Information about California residents directly from them and from credit bureaus and consumer lead generators:
- Identifiers (name, alias, postal address, online identifier, internet protocol address, email address, account name, Social Security number, driver’s license number, passport number, and other types of state identification cards)
- Unique personal identifiers (cookies, beacons, pixel tags, mobile ad identifiers, or other similar technology)
- Telephone number
- Signature
- Bank account number
- Credit and debit card number
- Insurance policy number (e.g., homeowners’ insurance)
- Other financial information (e.g., income)
- Internet or other electronic network activity information (browsing history; search history; and information regarding consumer’s interaction with website, application or advertisement)
- Geolocation data
- Commercial information (records of products or services purchased, obtained or considered)
- Education information
- Professional or employment-related information (e.g., occupation and employer name)
- Protected classifications (race, color, sex/gender, age (40 and older), national origin, disability, citizenship status, marital status, medical condition, military status)
- Audio (e.g., voice recording)
As mentioned above, if you are a California resident who has a financial product or service with us, much of the Personal Information that we collect is exempt from the CCPA. Your choices and rights with respect to our use and sharing of that information are subject to our U.S. Consumer Privacy Notice.
In addition to the purposes stated above in the section “COLLECTING AND USING INFORMATION,” we currently collect and have collected and sold the above categories of Personal Information for the following business or commercial purposes:
- Detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, and prosecuting those responsible for that activity
- Maintaining or servicing accounts, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing advertising or marketing services, and providing analytic services
- Auditing related to a current interaction with a consumer and concurrent transactions, including, but not limited to, counting ad impressions to unique visitors, verifying positioning and quality of ad impressions, and auditing compliance with this specification and other standards
- Debugging to identify and repair errors that impair existing intended functionality
- Undertaking internal research for technological development and demonstration
- Undertaking activities to verify or maintain the quality or safety of our Services, and to improve, upgrade, or enhance the Services
- Advancing our commercial or economic interests, such as by inducing another person to buy, join, subscribe to, provide, or exchange products, goods, property, information, or services, or enabling or effecting, directly or indirectly, a commercial transaction
Disclosure or Sale of Personal Information
The following table identifies the categories of Personal Information that we disclosed for a business purpose to service providers or sold to third parties in the 12 months preceding the Last Update date of this Privacy Policy and, for each category, the category of service providers or third parties to whom the Personal Information was sold or disclosed:
Categories of Personal Information | Category of Service Providers |
Category of Third Parties |
Identifiers (name, alias, postal address, email address, account name, Social Security number, driver’s license number, passport number, and other types of state identification cards); signature | Email, website hosting, maintenance, data backup, and data analysis providers; business partners who provide services to us to facilitate our providing of financial products to consumers; government agencies | |
Unique personal identifiers (cookies, beacons, pixel tags, mobile ad identifiers, or other similar technology); identifiers (online identifier and internet protocol address) | Data analytics provider | Advertising networks |
Geolocation data | Data analytics providers; business partners who provide services to us to facilitate our providing of financial products to consumers | |
Education information; professional or employment-related information (e.g., occupation and employer name); protected classifications (race, color, sex/gender, age (40 and older), national origin, disability, citizenship status, marital status, medical condition, military status); other financial information (e.g., income); commercial information (records of products or services purchased, obtained or considered) | Business partners who provide services to us to facilitate our providing of financial products to consumers | |
Internet or other electronic network activity information (browsing history; search history; and information regarding consumer’s interaction with website, application or advertisement) | Website hosting and data analysis providers |
We do not knowingly collect or sell the Personal Information of minors under 16 years of age.
Right to Request Deletion of Personal Information
If you are a California resident, you have the right to request that we delete the Personal Information about you that we have collected. However, per the CCPA, we are not required to comply with a request to delete if it is necessary for us to maintain the Personal Information in order to, for example, complete a transaction, detect security incidents, comply with a legal obligation, or otherwise use the Personal Information, internally, in a lawful manner that is compatible with the context in which you provided the information.
How to Submit a Request to Know or Delete
You may submit a request to know or delete via a web form available here or by calling us toll-free at 1-877-203-6724.
If you submit a request to delete online, you may be asked to confirm separately that you want your Personal Information deleted.
Our Process for Verifying a Request to Know or Delete
If we determine that your request is subject to an exemption or exception, we will notify you of our determination. If we determine that your request is not subject to an exemption or exception, we will comply with your request upon verification of your identity and, to the extent applicable, the identity of the California resident on whose behalf you are making such request. We will verify your identity either to a “reasonable degree of certainty” or a “reasonably high degree of certainty” depending on the sensitivity of the Personal Information and the risk of harm to you by unauthorized disclosure or deletion as applicable.
For requests to access categories of Personal Information and for requests to delete Personal Information that is not sensitive and does not pose a risk of harm by unauthorized deletion, we will verify your identity to a “reasonable degree of certainty” by verifying at least two data points that you previously provided to us and which we have determined to be reliable for the purpose of verifying identities.
For requests to access specific pieces of Personal Information or for requests to delete Personal Information that is sensitive and poses a risk of harm by unauthorized deletion, we will verify your identity to a “reasonably high degree of certainty” by verifying at least three pieces of Personal Information previously provided to us and which we have determined to be reliable for the purpose of verifying identities. In addition, you will be required to submit a signed declaration under penalty of perjury stating that you are the individual whose Personal Information is being requested.
Right to Opt-Out of Sale of Personal Information
If you are a California resident, you have the right to direct us to stop selling your Personal Information.
The CCPA defines “sell” to mean selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, a California resident’s Personal Information to another business or a third party for monetary or other valuable consideration.
To opt-out of our use of third-party advertising Cookies, please see the section “How You Can Opt-Out of Cookies” above. You may submit a request to opt-out of sales via web form by clicking on this link: “Do Not Sell My Personal Information.” You also may submit a request by calling us toll-free at 1-877-203-6724.
Right to Non-Discrimination for the Exercise of a California Resident’s Privacy Rights
We will not discriminate against California residents if they exercise any of the rights provided in the CCPA as described in this section “NOTICE TO CALIFORNIA RESIDENTS.” As such, we will not deny goods or services to that California resident; charge different prices or rates for goods or services, including through the use of discounts or other benefits or imposing penalties; provide a different level or quality of goods or services to the California resident; or suggest that the California resident will receive a different price or rate for goods or services or a different level or quality of goods or services. However, we are permitted to charge a California resident a different price or rate, or provide a different level or quality of goods or services, if that difference is reasonably related to the value provided to us by the individual’s data.
Authorized Agents
If you are submitting a request on behalf of a California resident, please submit the request through one of the designated methods discussed above. After submitting the request, we will require additional information to verify your authority to act on behalf of the California resident.
ACCESSIBILITY
We are committed to ensuring this Privacy Policy is accessible to individuals with disabilities. If you wish to access this Privacy Policy in an alternative format, please contact us as described below. Please also see our Accessibility Statement available here.
HOW TO CONTACT US
To contact us for questions or concerns about our privacy policies or practices please call us toll-free at 1-800-322-3623.