Printable Notices: SBIC CCPA and CPRA Policy (PDFs require Adobe Reader)
OUR CALIFORNIA CONSUMER PRIVACY ACT (“CCPA”) AND CALIFORNIA PRIVACY RIGHTS ACT (“CPRA”) POLICY
This California Privacy Policy applies only to California consumers (“you” or collectively as “consumers”) and supplements the Consumer Privacy Policy of the State Bank of India California (“SBIC”). The California Consumer Privacy Act of 2018 (“CCPA”) and the California Privacy Rights Act of 2020 (“CPRA”), collectively referred to as “California Consumer Privacy Laws”, provide California consumers with specific rights regarding their personal information. This California Privacy Policy describes your privacy rights under the California Consumer Privacy Laws, explains how you may exercise your privacy rights, and provides an overview on the types of personal information we collect.
The CPRA define personal information as information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household. Personal information does not include:
- information that is lawfully made available from federal, state, or local government records;
- de‐identified or aggregated information; and
- information excluded from the California Consumer Privacy Laws such as health or medical information covered under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) and financial information covered under the Fair Credit Reporting Act (“FCRA”) or Gramm‐Leach Bliley Act (“GLBA”).
The CPRA defines Sensitive Personal Information (“SPI”) as Personal Information that is not publicly available and reveals:
- a consumer’s social security, driver’s license, state identification card, or passport number;
- a consumer’s account log-In, financial account, debit card, or credit card number in combination with any required security
or access code, password, or credentials allowing access to an account;
- a consumer’s precise geolocation;
- a consumer’s racial or ethnic origin, religious or philosophical beliefs, or union membership;
- the contents of a consumer’s mail, email and text messages, unless the business is the intended recipient of the
communication;
- a consumer’s genetic data; and
- the processing of biometric information for the purpose of uniquely identifying a consumer;
- personal information collected and analyzed concerning a consumer’s health; or
- personal information collected and analyzed concerning a consumer’s sex life or sexual orientation
Your Rights Under California Consumer Privacy Laws and this Privacy Policy
California Consumer Privacy Laws provide you with the following rights:
Right to know/Access. You have the right to know what categories and specific pieces of personal information we collect about you; the categories of sources from which we collect personal information; our business or commercial purpose for the collection, use, and sharing of your personal information; and any categories of third parties with whom we share your information.
Right to delete. You have the right to request that we delete the personal information that we collect about you.
Right to opt out. You have the right to opt out of the sale or sharing of personal information. If we sell or share any of your personal information, you have the right, at any time, to tell us not to sell or share your personal information. At the time this Privacy Policy was last updated, we do not sell or share any personal information.
Right to correct. You have the right to request the correction of any personal information we maintain bout you.
Right to limit use or disclosure of sensitive personal information (“SPI”). You have the right to limit the use and disclosure of your SPI, if we are using your SPI beyond what is reasonable and proportionate to provide the requested goods or services.
Right to nondiscrimination. If you exercise any of your privacy rights, we will not discriminate against you.
I. HOW TO CONTACT US ABOUT YOUR PRIVACY RIGHTS
|
EXPLANATION
|
A consumer has the right to exercise their privacy rights for any Personal Information we collect, use, disclose, share and sell.
|
|
If you wish to submit a Privacy Request, Request to delete, Request to Opt-out, Request to Correct, Request to limit the use or disclosure of SPI, or a Verifiable Consumer Request, collectively referred to as “Privacy Request” for Personal Information we collect, use, disclose, share or sell you can by:
|
|
Online
|
Complete and submit a Privacy Request online or visit www.sbical.com/privacy.
|
|
Telephone (Toll-Free)
|
1.877.707.1995 Monday – Friday 8:00 AM – 4:30 PM PST
Complete and submit a Privacy Request over the phone.
|
|
In Person
|
Please visit, complete and submit a Privacy Request in person at any one of our seven (7) California branches below:
|
Los Angeles 707 Wilshire Blvd., Suite 2900 Los Angeles, CA 90017
Monday – Friday 9:00 AM – 4:00 PM
|
Cerritos 17500 Bloomfield Ave., Suite B Cerritos, CA 90703
Monday – Friday 9:00 AM – 4:00 PM Saturday 9:00 AM – 1:00 PM
|
Woodland Hills 21724 Ventura Blvd., Woodland Hills, CA 91364
Monday – Friday 9:00 AM – 4:00 PM
|
San Diego 9494 Black Mountain Rd., Suite E San Diego, CA 92126
Monday – Friday 9:00 AM – 4:00 PM
|
Fresno 2787 W. Shaw Ave., Suite 101 Fresno, CA 93711
Monday – Friday 9:00 AM – 4:00 PM
|
San Jose 675 N. First Street Suite 105 San Jose, CA 95112
Monday – Friday 9:00 AM – 4:00 PM Saturday 9:00 AM – 4:00 PM
|
Fremont 39148 Paseo Padre Parkway Fremont, CA 94538
Monday – Friday 9:00 AM – 4:00 PM Saturday 9:00 AM – 4:00 PM
|
|
|
HOW THE BANK VERIFIES YOUR IDENTITY IN RESPONSE TO A PRIVACY REQUEST
|
State Bank of India (California) verifies the identity of a consumer making a Privacy Request prior to responding to such requests.
State Bank of India (California) will match the identifying information provided by the consumer to the Personal Information of the consumer already maintained by the Bank.
State Bank of India (California) shall generally avoid requesting additional information from the consumer for purposes of verification. If, however, the Bank cannot verify the identity of the consumer from the information already maintained by the Bank, the Bank may request additional information from the consumer, which shall only be used for the purposes of verifying the identity of the consumer seeking to exercise their rights under the CCPA, and for security or fraud-prevention purposes. The Bank will delete any new personal information collected for the purposes of verification as soon as practical after processing the consumer’s Privacy Request.
If the Bank suspects fraudulent or malicious activity on or from your account, the Bank shall not comply with your Privacy Request until further verification procedures determine that the consumer request is authentic and the consumer making the request is the person about whom the Bank has collected information.
For the selected method of completing and submitting a Privacy Request, the Bank will verify your identify by one of the following methods:
|
|
Online
|
After completing and submitting a Privacy Request for the categories of Personal Information online, to verify your identity, the Bank will require matching of at least two (2) data points provided by you with data points maintained by the Bank through the Bank’s phone verification process.
If completing and submitting a Privacy Request for specific pieces of Personal Information online, to verify your identity, the Bank will require matching of at least three (3) data points provided by you with data points maintained by the Bank through the Bank’s phone verification process. In addition, the Bank will require a signed Declaration Under Penalty of Perjury that the requestor is the consumer whose Personal Information is the subject of the request.
|
|
Telephone (Toll-Free)
|
After completing and submitting a Privacy Request for the categories of Personal Information over the phone, to verify your identity, the Bank will require matching of at least two (2) data points provided by you with data points maintained by the Bank through the Bank’s phone verification process.
If completing and submitting a Privacy Request for specific pieces of Personal Information over the phone, to verify your identity, the Bank will require matching of at least three (3) data points provided by you with data points maintained by the Bank through the Bank’s phone verification process. In addition, the Bank will require a signed Declaration Under Penalty of Perjury that the requestor is the consumer whose Personal Information is the subject of the request.
|
|
In Person
|
After completing and submitting a Privacy Request for the categories of Personal Information in person, to verify your identity, the Bank will require matching of at least two (2) data points provided by you with data points maintained by the Bank through the Bank’s in-person verification process.
If completing and submitting a Privacy Request for specific pieces of Personal Information in person, to verify your identity, the Bank will require matching of at least three (3) data points provided by you with data points maintained by the Bank through the Bank’s in-person verification process. In addition, the Bank will require a signed Declaration Under Penalty of Perjury that the requestor is the consumer whose Personal Information is the subject of the request.
|
II. COLLECTION OF PERSONAL INFORMATION
|
Below is a list of categories of Personal Information (PI) we have collected about consumers in the preceding 12 months. For each category identified we have also provided the categories of sources from which we collected the Personal Information, the business or commercial purpose for collecting the information, and the categories of third parties with whom we share the personal information:
|
Categories of PI We Collect:
|
Categories of Sources from Which We Collect the PI:
|
Our Business or Commercial Purpose for Collecting the PI:
|
Categories of Third Parties with Whom We Share the PI:
|
Biometric Information
|
Fingerprint
|
Consumer Directly
|
To perform services on behalf of the Bank or service provider, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing advertising or marketing services, providing analytic services, or providing similar services on behalf of the business or service provider.
|
Operating Systems and Platforms
|
Face
|
Consumer Directly
|
Operating Systems and Platforms
|
Voice Recordings
|
Consumer Directly
|
Operating Systems and Platforms
|
Identifiers
|
Real Name
|
Consumer Directly
|
To perform services on behalf of the Bank or service provider, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing advertising or marketing services, providing analytic services, or providing similar services on behalf of the business or service provider.
|
Operating Systems and Platforms
|
Alias
|
Consumer Directly
|
Operating Systems and Platforms |
Postal Address
|
Consumer Directly |
Operating Systems and Platforms |
Online Identifier
|
Consumer Directly |
Operating Systems and Platforms |
Internet Protocol Address
|
Consumer Directly |
Operating Systems and Platforms
|
Email Address
|
Consumer Directly |
Operating Systems and Platforms |
Internet or Network Activity
|
Consumer Directly |
Operating Systems and Platforms
|
Web Site Interaction
|
Consumer Directly |
Operating Systems and Platforms
|
Application Interaction
|
Consumer Directly |
Operating Systems and Platforms
|
Account Name
|
Consumer Directly |
Operating Systems and Platforms |
Social Security Number
|
Consumer Directly |
Operating Systems and Platforms |
Date of Birth
|
Consumer Directly |
Operating Systems and Platforms
|
Place of Birth
|
Consumer Directly |
Operating Systems and Platforms |
Driver’s License Number
|
Consumer Directly |
Operating Systems and Platforms |
Passport Number
|
Consumer Directly |
Operating Systems and Platforms |
Signature
|
Consumer Directly |
Operating Systems and Platforms |
Address
|
Consumer Directly |
Operating Systems and Platforms |
Telephone Number
|
Consumer Directly |
Operating Systems and Platforms |
State Identification Number
|
Consumer Directly |
Operating Systems and Platforms |
Account Number
|
Consumer Directly |
Operating Systems and Platforms |
Credit Card Number
|
Consumer Directly |
Operating Systems and Platforms |
Debit Card Number
|
Consumer Directly |
Operating Systems and Platforms
|
Professional or Employment Information
|
Consumer Directly |
To support employment, infrastructure, and human resource management, including providing benefits to employees and dependents, including healthcare and retirement plans, manage pay and compensation activities, manage and operate our facilities and infrastructure, and process employment applications.
|
Operating Systems and Platforms |
Employer(s)
|
Consumer Directly |
Operating Systems and Platforms |
Employment History
|
Consumer Directly |
Operating Systems and Platforms |
Salary or Income
|
Consumer Directly |
Operating Systems and Platforms |
Education Information
|
Consumer Directly |
Operating Systems and Platforms |
Schools Attended
|
Consumer Directly |
Operating Systems and Platforms |
Dates of Attendance
|
Consumer Directly |
Operating Systems and Platforms |
Honors and Awards Received
|
Consumer Directly |
Operating Systems and Platforms |
Commercial Information
|
Records of Personal Property |
Consumer Directly |
To perform services on behalf of the Bank or service provider, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing advertising or marketing services, providing analytic services, or providing similar services on behalf of the business or service provider.
|
Operating Systems and Platforms |
Products Purchased or Obtained |
Consumer Directly |
Operating Systems and Platforms |
Services Purchased or Obtained |
Consumer Directly |
Operating Systems and Platforms |
Purchase History |
Consumer Directly |
Operating Systems and Platforms |
Health Insurance Information
|
Insurance Policy Number
|
Consumer Directly
|
To support employment, infrastructure, and human resource management, including providing benefits to employees and dependents, including healthcare and retirement plans, manage pay and compensation activities, manage and operate our facilities and infrastructure, and process employment applications.
|
Operating Systems and Platforms
|
Subscriber Identification Number
|
Consumer Directly
|
Operating Systems and Platforms
|
Application History
|
Consumer Directly
|
Operating Systems and Platforms
|
Claim History
|
Consumer Directly
|
Operating Systems and Platforms
|
Appeal Records
|
Consumer Directly
|
Operating Systems and Platforms
|
III. COLLECTION OF SENSITIVE PERSONAL INFORMATION
|
Below is a list of Sensitive Personal Information (SPI) we have collected about consumers in the preceding 12 months. For each category identified we have also provided the categories of sources from which we collected the SPI, the business or commercial purpose for collecting the information, and the categories of third parties with whom we share the SPI. We will retain your information as long as it is reasonably necessary for each disclosed purpose, as outlined in the table.
|
Categories of SPI We Collect:
|
Categories of Sources from Which We Collect the SPI:
|
Our Business or Commercial Purpose for Collecting the SPI:
|
Categories of Third Parties with Whom We Share the SPI:
|
SENSITIVE PERSONAL INFORMATION
|
Social Security Number
|
Consumer Directly
|
To perform services on behalf of the Bank or service provider, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing advertising or marketing services, providing analytic services, or providing similar services on behalf of the business or service provider.
|
Operating Systems and Platforms
|
State Identification Number
|
Consumer Directly
|
Operating Systems and Platforms
|
Driver's License Number
|
Consumer Directly
|
Operating Systems and Platforms
|
Passport Number
|
Consumer Directly
|
Operating Systems and Platforms
|
User ID
|
Consumer Directly
|
Operating Systems and Platforms
|
Password
|
Consumer Directly
|
Operating Systems and Platforms
|
Security Questions
|
Consumer Directly
|
Operating Systems and Platforms
|
Access Code
|
Consumer Directly
|
Operating Systems and Platforms
|
Account Information
|
Consumer Directly
|
Operating Systems and Platforms
|
Credit Card Number with access code or credentials
|
Consumer Directly
|
Operating Systems and Platforms
|
Debit Card Number with access code or credentials
|
Consumer Directly
|
Operating Systems and Platforms
|
Geolocation
|
Consumer Directly
|
Operating Systems and Platforms
|
Racial or Ethical Origin
|
Consumer Directly
|
Operating Systems and Platforms
|
Content of mail, email and text messages
|
Consumer Directly
|
Operating Systems and Platforms
|
Biometric Identification Information
|
Consumer Directly
|
Operating Systems and Platforms
|
Health Information
|
Consumer Directly
|
Operating Systems and Platforms
|
III. DISCLOSURE OR SALE OF PERSONAL INFORMATION
|
SALE
|
We have not sold any Personal Information about consumers in the preceding 12 months for a business or commercial purpose.
|
DISCLOSED FOR BUSINESS PURPOSE
|
We have disclosed personal information about consumers to third parties for a business or commercial purpose in the preceding 12 months.
Below is the list of categories of information disclosed for business or commercial purposes:
|
|
Categories of PI We Disclose:
|
Our Business or Commercial Purpose for Disclosing the PI:
|
|
Biometric Information
|
|
Fingerprint
|
To perform services on behalf of the Bank or service provider, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing advertising or marketing services, providing analytic services, or providing similar services on behalf of the business or service provider.
|
|
Face
|
|
Voice Recordings
|
|
Identifiers
|
|
Real Name
|
To perform services on behalf of the Bank or service provider, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing advertising or marketing services, providing analytic services, or providing similar services on behalf of the business or service provider.
|
|
Alias
|
|
Postal Address
|
|
Online Identifier
|
|
Internet Protocol Address
|
|
Email Address
|
|
Internet or Network Activity
|
|
Web Site Interaction
|
|
Application Interaction
|
|
Account Name
|
|
Social Security Number
|
|
Date of Birth
|
|
Place of Birth
|
|
Driver’s License Number
|
|
Passport Number
|
|
Signature
|
|
Address
|
|
Telephone Number
|
|
State Identification Number
|
|
Account Number
|
|
Credit Card Number
|
|
Debit Card Number
|
|
Professional or Employment Information
|
To support employment, infrastructure, and human resource management, including providing benefits to employees and dependents, including healthcare and retirement plans, manage pay and compensation activities, manage and operate our facilities and infrastructure, and process employment applications.
|
|
Employer(s)
|
|
Employment History
|
|
Salary or Income
|
|
Education Information
|
|
Schools Attended
|
|
Dates of Attendance
|
|
Honors and Awards Received
|
|
Commercial Information
|
|
Records of Personal Property
|
To perform services on behalf of the Bank or service provider, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing advertising or marketing services, providing analytic services, or providing similar services on behalf of the business or service provider.
|
|
Products Purchased or Obtained
|
|
Services Purchased or Obtained
|
|
Purchase History
|
|
Health Insurance Information
|
|
Insurance Policy Number
|
To support employment, infrastructure, and human resource management, including providing benefits to employees and dependents, including healthcare and retirement plans, manage pay and compensation activities, manage and operate our facilities and infrastructure, and process employment applications.
|
|
Subscriber Identification Number
|
|
Application History
|
|
Claim History
|
|
Appeal Records
|
MINORS UNDER 16 YEARS OF AGE WITHOUT AFFIRMATIVE AUTHORIZATION
|
We do not sell the personal information of minors under 16 years of age without affirmative authorization.
|
HOW LONG WE RETAIN YOUR INFOMATION
|
We retain your information as long as it is reasonably necessary for each disclosed purpose, as outlined in the table.
|
I. RIGHT TO OPT-OUT OF THE SALE AND/OR SHARE OF PERSONAL INFORMATION
|
EXPLANATION
|
You have the right to opt-out of the sale and/or of your personal information.
|
NOTICE OF RIGHT TO OPT-OUT
|
If we sell or share any of your personal information, you have the right, at anytime, to tell us to stop. We do not and will not sell or share the personal information of consumers to third parties.
|
II. RIGHT TO CORRECT PERSONAL INFORMATION
|
EXPLANATION
|
You have the right to request the correction of any inaccurate personal information that we maintain about you, taking into account the nature of the personal information and the purposes of the processing of the personal information. We will use commercially reasonable efforts to correct the inaccurate personal information as you may direct.
|
I. RIGHT TO LIMIT OR USE DISCLOSURE OF SENSITIVE PERSONAL INFORMATION ("SPI")
|
SPI WE COLLECT
|
Typically, we collect SPI only to determine whether we are able to provide care or as a part of our ongoing care services. We use your SPI in a reasonable and proportionate manner in order to provide you with the appropriate level of care.
|
YOUR RIGHTS REGARDING SPI
|
You have the right to limit the use and disclosure of your SPI, if we are using your SPI beyond what is reasonable and proportionate to provide the requested goods or services. Please see the Tables “Categories of Personal Information” and “How We Use Your Personal Information” for more details about our practices around SPI and your rights related to SPI.
|
VII. RIGHT TO NON-DISCRIMINATION FOR THE EXCERCISE OF YOUR PRIVACY RIGHTS
|
EXPLANATION
|
You have a right not to receive discriminatory treatment by us for the exercise of any privacy rights conferred by the California Consumer Privacy Act (California Civil Code § 1798.100 et seq.)
|
VII. AUTHORIZED AGENT
|
EXPLANATION
|
You may designate an authorized agent to make a request under the California Consumer Privacy Act on your behalf. When you use a authorized agent to submit a Privacy Request, the Bank will require that you:
- Provide the authorized agent written permission to do so;
- Verify the identiy of the Authorized Agent; and
- Verify your own identity directly with the Bank.
The Bank may deny a request from an agent that does not submit proof that they have been authorized by you to act on your behalf, and/or if the Bank cannot verify your identity or the identity of the Authorized Agent
|
Contact Us For More Information
|
For questions or concerns about the Bank’s privacy policies and practices contact us at 1.877.707.1995 (Toll-Free) Monday – Friday, 8:00 AM – 4:30 PM PST or email us by visiting www.sbical.com/contact-us.
|
|