SBIC CCPA and CPRA Policy

SBIC CCPA and CPRA Policy Banner Image

Printable Notices:
SBIC CCPA and CPRA Policy
(PDFs require Adobe Reader)

OUR CALIFORNIA CONSUMER PRIVACY ACT (“CCPA”) AND CALIFORNIA PRIVACY RIGHTS ACT (“CPRA”) POLICY

This California Privacy Policy applies only to California consumers (“you” or collectively as “consumers”) and supplements the Consumer Privacy Policy of the State Bank of India California (“SBIC”). The California Consumer Privacy Act of 2018 (“CCPA”) and the California Privacy Rights Act of 2020 (“CPRA”), collectively referred to as “California Consumer Privacy Laws”, provide California consumers with specific rights regarding their personal information. This California Privacy Policy describes your privacy rights under the California Consumer Privacy Laws, explains how you may exercise your privacy rights, and provides an overview on the types of personal information we collect.

The CPRA define personal information as information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household. Personal information does not include:

  • information that is lawfully made available from federal, state, or local government records;
  • de‐identified or aggregated information; and
  • information excluded from the California Consumer Privacy Laws such as health or medical information covered under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) and financial information covered under the Fair Credit Reporting Act (“FCRA”) or Gramm‐Leach Bliley Act (“GLBA”).

The CPRA defines Sensitive Personal Information (“SPI”) as Personal Information that is not publicly available and reveals:

  • a consumer’s social security, driver’s license, state identification card, or passport number;
  • a consumer’s account log-In, financial account, debit card, or credit card number in combination with any required security
  • or access code, password, or credentials allowing access to an account;
  • a consumer’s precise geolocation;
  • a consumer’s racial or ethnic origin, religious or philosophical beliefs, or union membership;
  • the contents of a consumer’s mail, email and text messages, unless the business is the intended recipient of the
  • communication;
  • a consumer’s genetic data; and
  • the processing of biometric information for the purpose of uniquely identifying a consumer;
  • personal information collected and analyzed concerning a consumer’s health; or
  • personal information collected and analyzed concerning a consumer’s sex life or sexual orientation

Your Rights Under California Consumer Privacy Laws and this Privacy Policy

California Consumer Privacy Laws provide you with the following rights:

Right to know/Access. You have the right to know what categories and specific pieces of personal information we collect about you; the categories of sources from which we collect personal information; our business or commercial purpose for the collection, use, and sharing of your personal information; and any categories of third parties with whom we share your information.

Right to delete. You have the right to request that we delete the personal information that we collect about you.

Right to opt out. You have the right to opt out of the sale or sharing of personal information. If we sell or share any of your personal information, you have the right, at any time, to tell us not to sell or share your personal information. At the time this Privacy Policy was last updated, we do not sell or share any personal information.

Right to correct. You have the right to request the correction of any personal information we maintain bout you.

Right to limit use or disclosure of sensitive personal information (“SPI”). You have the right to limit the use and disclosure of your SPI, if we are using your SPI beyond what is reasonable and proportionate to provide the requested goods or services.

Right to nondiscrimination. If you exercise any of your privacy rights, we will not discriminate against you.

I. HOW TO CONTACT US ABOUT YOUR PRIVACY RIGHTS

EXPLANATION

A consumer has the right to exercise their privacy rights for any Personal Information we collect, use, disclose, share and sell.

SUBMIT A
PRIVACY REQUEST

If you wish to submit a Privacy Request, Request to delete, Request to Opt-out, Request to Correct, Request to limit the use or disclosure of SPI, or a Verifiable Consumer Request, collectively referred to as “Privacy Request” for Personal Information we collect, use, disclose, share or sell you can by:

 

Online

Complete and submit a Privacy Request online or visit www.sbical.com/privacy

 

Telephone (Toll-Free)

1.877.707.1995
Monday – Friday
8:00 AM – 4:30 PM PST

Complete and submit a Privacy Request over the phone.

 

In Person

Please visit, complete and submit a Privacy Request in person at any one of our seven (7) California branches below:

Los Angeles
707 Wilshire Blvd.,
Suite 2900
Los Angeles, CA 90017

Monday – Friday
9:00 AM – 4:00 PM

Cerritos
17500 Bloomfield Ave., Suite B
Cerritos, CA
90703

Monday – Friday
9:00 AM – 4:00 PM
Saturday
9:00 AM – 1:00 PM

Woodland Hills
21724 Ventura Blvd.,
Woodland Hills, CA
91364


Monday – Friday
9:00 AM – 4:00 PM

San Diego
9494 Black Mountain Rd., Suite E
San Diego, CA
92126

Monday – Friday
9:00 AM – 4:00 PM

Fresno
2787 W. Shaw Ave.,
Suite 101
Fresno, CA
93711

Monday – Friday
9:00 AM – 4:00 PM

San Jose
675 N. First Street
Suite 105
San Jose, CA
95112

Monday – Friday
9:00 AM – 4:00 PM
Saturday
9:00 AM – 4:00 PM

Fremont
39148 Paseo Padre Parkway
Fremont, CA
94538

Monday – Friday
9:00 AM – 4:00 PM
Saturday
9:00 AM – 4:00 PM

 

 

 

HOW THE BANK VERIFIES YOUR IDENTITY IN RESPONSE TO A PRIVACY REQUEST

State Bank of India (California) verifies the identity of a consumer making a Privacy Request prior to responding to such requests.

State Bank of India (California) will match the identifying information provided by the consumer to the Personal Information of the consumer already maintained by the Bank.

State Bank of India (California) shall generally avoid requesting additional information from the consumer for purposes of verification. If, however, the Bank cannot verify the identity of the consumer from the information already maintained by the Bank, the Bank may request additional information from the consumer, which shall only be used for the purposes of verifying the identity of the consumer seeking to exercise their rights under the CCPA, and for security or fraud-prevention purposes. The Bank will delete any new personal information collected for the purposes of verification as soon as practical after processing the consumer’s Privacy Request.

If the Bank suspects fraudulent or malicious activity on or from your account, the Bank shall not comply with your Privacy Request until further verification procedures determine that the consumer request is authentic and the consumer making the request is the person about whom the Bank has collected information.

For the selected method of completing and submitting a Privacy Request, the Bank will verify your identify by one of the following methods:

 

Online

After completing and submitting a Privacy Request for the categories of Personal Information online, to verify your identity, the Bank will require matching of at least two (2) data points provided by you with data points maintained by the Bank through the Bank’s phone verification process.

If completing and submitting a Privacy Request for specific pieces of Personal Information online, to verify your identity, the Bank will require matching of at least three (3) data points provided by you with data points maintained by the Bank through the Bank’s phone verification process. In addition, the Bank will require a signed Declaration Under Penalty of Perjury that the requestor is the consumer whose Personal Information is the subject of the request.

 

Telephone (Toll-Free)

After completing and submitting a Privacy Request for the categories of Personal Information over the phone, to verify your identity, the Bank will require matching of at least two (2) data points provided by you with data points maintained by the Bank through the Bank’s phone verification process.

If completing and submitting a Privacy Request for specific pieces of Personal Information over the phone, to verify your identity, the Bank will require matching of at least three (3) data points provided by you with data points maintained by the Bank through the Bank’s phone verification process. In addition, the Bank will require a signed Declaration Under Penalty of Perjury that the requestor is the consumer whose Personal Information is the subject of the request.

 

In Person

After completing and submitting a Privacy Request for the categories of Personal Information in person, to verify your identity, the Bank will require matching of at least two (2) data points provided by you with data points maintained by the Bank through the Bank’s in-person verification process.

If completing and submitting a Privacy Request for specific pieces of Personal Information in person, to verify your identity, the Bank will require matching of at least three (3) data points provided by you with data points maintained by the Bank through the Bank’s in-person verification process. In addition, the Bank will require a signed Declaration Under Penalty of Perjury that the requestor is the consumer whose Personal Information is the subject of the request.

II. COLLECTION OF PERSONAL INFORMATION

Below is a list of categories of Personal Information (PI) we have collected about consumers in the preceding 12 months. For each category identified we have also provided the categories of sources from which we collected the Personal Information, the business or commercial purpose for collecting the information, and the categories of third parties with whom we share the personal information:

Categories of PI We Collect:

 Categories of Sources from Which We Collect the PI:

Our Business or Commercial Purpose for Collecting the PI: 

Categories of Third Parties with Whom We Share the PI:

Biometric Information

 Fingerprint

Consumer Directly

To perform services on behalf of the Bank or service provider, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing advertising or marketing services, providing analytic services, or providing similar services on behalf of the business or service provider.

  

Operating Systems and Platforms

Face

Consumer Directly

Operating Systems and Platforms

Voice Recordings

Consumer Directly

Operating Systems and Platforms

Identifiers

Real Name

Consumer Directly

To perform services on behalf of the Bank or service provider, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing advertising or marketing services, providing analytic services, or providing similar services on behalf of the business or service provider.

Operating Systems and Platforms

Alias 

Consumer Directly

Operating Systems and Platforms

Postal Address

Consumer Directly Operating Systems and Platforms

Online Identifier

Consumer Directly Operating Systems and Platforms

Internet Protocol Address

Consumer Directly

Operating Systems and Platforms

Email Address

Consumer Directly Operating Systems and Platforms

Internet or Network Activity

Consumer Directly

Operating Systems and Platforms

Web Site Interaction

Consumer Directly

Operating Systems and Platforms

Application Interaction

Consumer Directly

Operating Systems and Platforms

Account Name

Consumer Directly Operating Systems and Platforms

Social Security Number

Consumer Directly Operating Systems and Platforms

Date of Birth

Consumer Directly

Operating Systems and Platforms 

Place of Birth

Consumer Directly Operating Systems and Platforms

Driver’s License Number

Consumer Directly Operating Systems and Platforms

Passport Number

Consumer Directly Operating Systems and Platforms 

Signature

Consumer Directly Operating Systems and Platforms 

Address

Consumer Directly Operating Systems and Platforms

Telephone Number 

Consumer Directly Operating Systems and Platforms

State Identification Number

Consumer Directly Operating Systems and Platforms 

Account Number

Consumer Directly Operating Systems and Platforms

Credit Card Number

Consumer Directly Operating Systems and Platforms

Debit Card Number

Consumer Directly

Operating Systems and Platforms

Professional or Employment Information

Consumer Directly

To support employment, infrastructure, and human resource management, including providing benefits to employees and dependents, including healthcare and retirement plans, manage pay and compensation activities, manage and operate our facilities and infrastructure, and process employment applications.

Operating Systems and Platforms

Employer(s)

Consumer Directly Operating Systems and Platforms 

Employment History

Consumer Directly Operating Systems and Platforms

Salary or Income

Consumer Directly Operating Systems and Platforms 

Education Information

Consumer Directly Operating Systems and Platforms

Schools Attended

Consumer Directly Operating Systems and Platforms

Dates of Attendance

Consumer Directly Operating Systems and Platforms

Honors and Awards Received

Consumer Directly Operating Systems and Platforms

Commercial Information

Records of Personal Property Consumer Directly 

To perform services on behalf of the Bank or service provider, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing advertising or marketing services, providing analytic services, or providing similar services on behalf of the business or service provider. 

   
Operating Systems and Platforms
Products Purchased or Obtained  Consumer Directly Operating Systems and Platforms
Services Purchased or Obtained Consumer Directly Operating Systems and Platforms
Purchase History Consumer Directly Operating Systems and Platforms

Health Insurance Information

Insurance Policy Number

Consumer Directly

To support employment, infrastructure, and human resource management, including providing benefits to employees and dependents, including healthcare and retirement plans, manage pay and compensation activities, manage and operate our facilities and infrastructure, and process employment applications.

    

Operating Systems and Platforms

Subscriber Identification Number

Consumer Directly

Operating Systems and Platforms

Application History

Consumer Directly

Operating Systems and Platforms

Claim History

Consumer Directly

Operating Systems and Platforms 

Appeal Records 

Consumer Directly

Operating Systems and Platforms

III. COLLECTION OF SENSITIVE PERSONAL INFORMATION

Below is a list of Sensitive Personal Information (SPI) we have collected about consumers in the preceding 12 months. For each category identified we have also provided the categories of sources from which we collected the SPI, the business or commercial purpose for collecting the information, and the categories of third parties with whom we share the SPI. We will retain your information as long as it is reasonably necessary for each disclosed purpose, as outlined in the table.

Categories of SPI We Collect:

 Categories of Sources from Which We Collect the SPI:

Our Business or Commercial Purpose for Collecting the SPI: 

Categories of Third Parties with Whom We Share the SPI:

SENSITIVE PERSONAL INFORMATION

Social Security Number

Consumer Directly

To perform services on behalf of the Bank or service provider, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing advertising or marketing services, providing analytic services, or providing similar services on behalf of the business or service provider.

  

Operating Systems and Platforms

State Identification Number

Consumer Directly

Operating Systems and Platforms

Driver's License Number

Consumer Directly

Operating Systems and Platforms

Passport Number

Consumer Directly

Operating Systems and Platforms

User ID

Consumer Directly

Operating Systems and Platforms

Password

Consumer Directly

Operating Systems and Platforms

Security Questions

Consumer Directly

Operating Systems and Platforms

Access Code

Consumer Directly

Operating Systems and Platforms

Account Information

Consumer Directly

Operating Systems and Platforms

Credit Card Number with access code or credentials

Consumer Directly

Operating Systems and Platforms

Debit Card Number with access code or credentials

Consumer Directly

Operating Systems and Platforms

Geolocation

Consumer Directly

Operating Systems and Platforms

Racial or Ethical Origin

Consumer Directly

Operating Systems and Platforms

Content of mail, email and text messages

Consumer Directly

Operating Systems and Platforms

Biometric Identification Information

Consumer Directly

Operating Systems and Platforms

Health Information

Consumer Directly

Operating Systems and Platforms

III. DISCLOSURE OR SALE OF PERSONAL INFORMATION

SALE

We have not sold any Personal Information about consumers in the preceding 12 months for a business or commercial purpose.

DISCLOSED FOR BUSINESS PURPOSE

We have disclosed personal information about consumers to third parties for a business or commercial purpose in the preceding 12 months.

Below is the list of categories of information disclosed for business or commercial purposes:

 

Categories of PI We Disclose:

Our Business or Commercial Purpose for Disclosing the PI:

 

Biometric Information

 

Fingerprint

To perform services on behalf of the Bank or service provider, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing advertising or marketing services, providing analytic services, or providing similar services on behalf of the business or service provider.



 

Face

 

Voice Recordings

 

Identifiers

 

Real Name

To perform services on behalf of the Bank or service provider, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing advertising or marketing services, providing analytic services, or providing similar services on behalf of the business or service provider.

 

Alias

 

Postal Address

 

Online Identifier

 

Internet Protocol Address

 

Email Address

 

Internet or Network Activity

 

Web Site Interaction

 

Application Interaction

 

Account Name

 

Social Security Number

 

Date of Birth

 

Place of Birth

 

Driver’s License Number

 

Passport Number

 

Signature

 

Address

 

Telephone Number

 

State Identification Number

 

Account Number

 

Credit Card Number

 

Debit Card Number

 

Professional or Employment Information

To support employment, infrastructure, and human resource management, including providing benefits to employees and dependents, including healthcare and retirement plans, manage pay and compensation activities, manage and operate our facilities and infrastructure, and process employment applications.

 

Employer(s)

 

Employment History

 

Salary or Income

 

Education Information

 

Schools Attended

 

Dates of Attendance

 

Honors and Awards Received

 

Commercial Information 

 

Records of Personal Property

To perform services on behalf of the Bank or service provider, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing advertising or marketing services, providing analytic services, or providing similar services on behalf of the business or service provider.

   
 

Products Purchased or Obtained

 

Services Purchased or Obtained

 

Purchase History

 

Health Insurance Information

 

Insurance Policy Number

To support employment, infrastructure, and human resource management, including providing benefits to employees and dependents, including healthcare and retirement plans, manage pay and compensation activities, manage and operate our facilities and infrastructure, and process employment applications.

    
 

Subscriber Identification Number

 

Application History

 

Claim History

 

Appeal Records

MINORS UNDER 16 YEARS OF AGE WITHOUT AFFIRMATIVE AUTHORIZATION

We do not sell the personal information of minors under 16 years of age without affirmative authorization.

 

HOW LONG WE RETAIN YOUR INFOMATION

We retain your information as long as it is reasonably necessary for each disclosed purpose, as outlined in the table.

I. RIGHT TO OPT-OUT OF THE SALE AND/OR SHARE OF PERSONAL INFORMATION

EXPLANATION

You have the right to opt-out of the sale and/or of your personal information.

NOTICE OF RIGHT TO OPT-OUT

If we sell or share any of your personal information, you have the right, at anytime, to tell us to stop. We do not and will not sell or share the personal information of consumers to third parties.

II. RIGHT TO CORRECT PERSONAL INFORMATION

EXPLANATION

You have the right to request the correction of any inaccurate personal information that we maintain about you, taking into account the nature of the personal information and the purposes of the processing of the personal information. We will use commercially reasonable efforts to correct the inaccurate personal information as you may direct.

I. RIGHT TO LIMIT OR USE DISCLOSURE OF SENSITIVE PERSONAL INFORMATION ("SPI")

SPI WE COLLECT

Typically, we collect SPI only to determine whether we are able to provide care or as a part of our ongoing care services. We use your SPI in a reasonable and proportionate manner in order to provide you with the appropriate level of care.

YOUR RIGHTS REGARDING SPI

You have the right to limit the use and disclosure of your SPI, if we are using your SPI beyond what is reasonable and proportionate to provide the requested goods or services. Please see the Tables “Categories of Personal Information” and “How We Use Your Personal Information” for more details about our practices around SPI and your rights related to SPI.

VII. RIGHT TO NON-DISCRIMINATION FOR THE EXCERCISE OF YOUR PRIVACY RIGHTS

EXPLANATION

You have a right not to receive discriminatory treatment by us for the exercise of any privacy rights conferred by the California Consumer Privacy Act (California Civil Code § 1798.100 et seq.)

VII. AUTHORIZED AGENT

EXPLANATION

You may designate an authorized agent to make a request under the California Consumer Privacy Act on your behalf.
When you use a authorized agent to submit a Privacy Request, the Bank will require that you:

  • Provide the authorized agent written permission to do so;
  • Verify the identiy of the Authorized Agent; and
  • Verify your own identity directly with the Bank.

The Bank may deny a request from an agent that does not submit proof that they have been authorized by you to act on your behalf, and/or if the Bank cannot verify your identity or the identity of the Authorized Agent

Contact Us For More Information

For questions or concerns about the Bank’s privacy policies and practices contact us at 1.877.707.1995 (Toll-Free) Monday – Friday, 8:00 AM – 4:30 PM PST or email us by visiting www.sbical.com/contact-us.

 

 

back to top