Effective Date: June 1, 2020
This privacy notice discloses the privacy practices for this website (ccsefcu.org) of Cecil County School Employees’ Federal Credit Union (CCSEFCU).
We may amend this policy by updating this page. Therefore, we suggest you check this page occasionally to ensure you are aware of any changes and amendments.
CCSEFCU is the sole owner of the information collected on this site. Only information collected is what you voluntarily give us via email or other direct contact from you. We do not sell or rent this information.
- Log Data. When you use or interact our Website, our servers record certain information that is automatically reported by your browser (such as Google’s Chrome, Mozilla’s Firefox, or Apple’s Safari) or mobile/tablet device. Each time you make a request to access the Website we are recording log data that may include your IP address, browser settings, device information, referring page and URL, along with the date and time of your request. We may also collect data from emails sent to our users to help us track which emails are opened and which links are clicked.
- Device Information. In addition to log data, we may collect certain information about the device you’re using to access the Website. This may vary depending on if you are using a PC, Mac, or mobile device such as an iPhone or Android phone. Device information includes hardware model, operating system, and device identifiers.
- Location Information. The Website may collect information about your approximate or precise location. A variety of technologies may be used to collect location information, including IP address, GPS, and other ways that may provide information on nearby devices, Wi-Fi access, and cell towers.
Our website resides on a network monitored 24/7/365 using the latest technology and are continually updated to meet the latest standards in security. There are several levels of security within our network framework, which are protected by both hardware and software firewalls. Our servers are setup to continually run system scans for Viruses and Malware. We have monitors setup to alert us of any suspicious activity and any downtime that may occur.
All information provided is protected and secured giving our users the safest web experience when visiting our website. With sensitive information submitted via the website, your information is protected both online and offline. With collected sensitive information (such as credit card data), that information is encrypted and securely transmitted to us. We secure online connections with cryptography and Secure Sockets Layer (SSL) protocol. This is easily verified by looking for a lock icon in the address bar and looking for “https” at the beginning of the web address.
We take precautions to protect your information. Encryption is used to protect sensitive information transmitted online and offline. The only employees who need this information are those that perform a specific job (for example, billing) and can access to personally identifiable information. Our servers and computers (where personally identifiable information is stored) are kept in a secure environment.
You can also set up your browser to block all cookies, including cookies related to our services, or to indicate when a cookie is being set. It’s important to note that many of our services may not function properly if cookies are disabled.
Use of Information & Sharing
We use information collected to analyze statistics and trends while improving overall experience. Data gathered may be used to provide personally relevant features, customized search results, tailored advertising, and other marketing efforts. No personal information you provide will be shared to a third-party unless otherwise given consent. Any information you share publicly may be indexed by search engines including Google.
Information and data shared may include:
- Third-Party Consent. User provided consent such as signing up for our E-Mail Newsletter.
- Domain Administrators & Marketing. Marketing firm processing of information and compiling data and analytics.
- Company Processing & Handling. Internal and external company processing and handling of generated data and analytics.
- Legal Reasons. May be used in a restricted manner for company integrity while protecting user information and data.
Web Visitor Responsibilities
While we constantly evaluate and implement the latest improvements in Internet security technology, visitors also have responsibility for the security of their information. Some basic recommendations are listed below:
- Migrate to a modern operating system (OS) and hardware platform. Many of these security features are enabled by default and help prevent many common attack vectors. In addition, implementing the 64-bit mode of the OS on a 64-bit hardware platform substantially increases the effort of an adversary to attain a system or root compromise. For any Windows-based OS, verify that Windows Update is configured to provide updates automatically.
- Utilize the latest version of a browser. The major browsers are: Microsoft Edge, Google Chrome, Mozilla Firefox, and Safari.
- Security codes and passwords should be kept confidential. Change it frequently to ensure that the information cannot be guessed or used by others.
- Be sure others are not watching you enter information on the keyboard when using the system.
- Never leave your computer unattended while logged in to Online Banking or other sites requiring login credentials. Others may approach your computer and gain access to your account information while you are away.
- Click Exit when you are finished using the system to properly end your session. Once a session has been ended, no further transactions can be processed until you log on to the system again.
- Close your browser when you are finished. This will prevent other individuals from viewing any account information displayed on your computer.
- Keep your computer free of viruses and spyware. Use virus and spyware protection software and keep it current. Routinely check on the integrity of your computer.
Email Best Practices
Personal email accounts are common attack targets. The following recommendations will help reduce your exposure to email-based threats:
- In order to limit exposure both at work and home, consider using different usernames for home and work email addresses. Unique usernames make it more difficult for someone targeting your work account to also target you via your personal accounts.
- Setting “out-of-office messages” on personal email accounts is not recommended, as this can confirm to spammers that your email address is legitimate and also provides awareness to unknown parties as to your activities.
- Always use secure email protocols if possible when accessing email, particularly if using a wireless network. Secure email protocols include Secure IMAP and Secure POP3. These protocols, or “always use SSL” for web-based email, can be configured in the options for most email clients. Secure email prevents others from reading email while in transit between your computer and the mail server.
- Unsolicited emails containing attachments or links should be considered suspicious. If the identity of the sender can’t be verified, consider deleting the email without opening. For those emails with embedded links, open your browser and navigate to the web site either by its well-known web address or search for the site using a common search engine. Be wary of an email requesting personal information such as a password, credit card number or social security number. Any web service that you currently conduct business with should already have this information.
Ensure that passwords and challenge responses are properly protected since they provide access to large amounts of personal and financial information. Passwords should be strong, unique for each account, and difficult to guess. A strong password should be at least 10 characters long and contain multiple character types (lowercase, uppercase, numbers, and special characters). A unique password should be used for each account to prevent an attacker from gaining access to multiple accounts if any one password is compromised.
Links to other sites are on this website. We are not responsible for the content or privacy practices on other sites. Please be aware when they leave our site and read the privacy statements of any other site that collects personally identifiable information.