Privacy & Security


Mobile App Download


Mobile App Download

Download from the Apple Store Download from the Google Play Store


MENU:

Privacy Policy

St. Lawrence Federal Credit Union is committed to ensuring the confidentiality and security of your data.

  • We do not sell your data or information to others. We occasionally work with businesses to offer services that benefit you

  • We have extensive internal processes for safeguarding your data that involves file encryption and other security methods. We continuously update and enhance our efforts as new technology and safeguarding methods become available

  • We have specific policies, procedures and practices to ensure security related to our facilities, employees, information technology hardware and software, etc.

FACTS WHAT DOES ST. LAWRENCE FEDERAL CREDIT UNION DO WITH YOUR PERSONAL INFORMATION?
Why? Financial companies choose how they share your personal information. Federal law gives consumers the right to limit some but not all sharing. Federal law also requires us to tell you how we collect, share, and protect your personal information. Please read this notice carefully to understand what we do.
What? The types of personal information we collect and share depend on the product or service you have with us. This information can include:
  • Social Security number and account balances
  • overdraft history and credit history
  • employment information and payment history
When you are no longer our member, we continue to share your information as described in this notice.
How? All financial companies need to share members’ personal information to run their everyday business. In the section below, we list the reasons financial companies can share their members’ personal information; the reasons St. Lawrence Federal Credit Union chooses to share; and whether you can limit this sharing.

Reasons we can share your personal information Does St. Lawrence Federal Credit Union share? Can you limit this sharing?
For our everyday business purposes –
such as to process your transactions, maintain your account(s), respond to court orders and legal investigations, or to report to credit bureaus
Yes No
For our marketing purposes –
to offer our products and services to you
Yes No
For joint marketing with other financial companies Yes No
For our affiliates’ everyday business purposes –
information about your transactions and experiences
No We don't share
For our affiliates’ everyday business purposes –
information about your creditworthiness
No We don't share
For nonaffiliates to market to you Yes No

Questions

Call (315) 393-3530 or go to www.stlawrfcu.com


What We Do
How does St. Lawrence Federal Credit Union protect my personal information? To protect your personal information from unauthorized access and use, we use security measures that comply with federal law. These measures include computer safeguards and secured files and buildings.
How does St. Lawrence Federal Credit Union collect my personal information? We collect your personal information, for example, when you
  • open an account or make a wire transfer
  • give us your income information or apply for financing
  • give us your contact information
We also collect your personal information from others, such as credit bureaus, affiliates, or other companies.
Why can’t I limit all sharing? Federal law gives you the right to limit only
  • sharing for affiliates’ everyday business purposes – information about your creditworthiness
  • affiliates from using your information to market to you
  • sharing for nonaffiliates to market to you
State law and individual companies may give you additional rights to limit sharing.
Definitions
Affiliates Companies related by common ownership or control. They can be financial and nonfinancial companies.
- St. Lawrence Federal Credit Union has no affiliates.
Nonaffiliates Companies not related by common ownership or control. They can be financial and nonfinancial companies.
- Nonaffiliates we share with can include government agencies, plastic card processors (credit/debit/ATM), consumer reporting agencies, and check/share draft printers.
Joint Marketing A formal agreement between nonaffiliated financial companies that together market financial products or services to you.
- Our joint marketing partners include CUNA Mutual Group's MEMBERCONNECT

Third Party Site Disclosure

The Credit Union’s web site may contain links to other web sites owned and operated by third parties.  Links to other web sites are provided solely as a convenience to you.  The Credit Union has no control over these sites and the Credit Union shall have no responsibility or liability relating to any access to such sites or communications between you and such third parties.  In addition, third parties are not covered by the Credit Union’s privacy or other policies and the Credit Union is not responsible for the privacy practices or the content of third party sites.  The Credit Union is not responsible for the content or availability of linked sites.  Please be advised that the Credit Union does not represent either the third party or you, the member, if you enter into a transaction.  The privacy and security policies of the linked site may differ from those practiced by the Credit Union.


Security & Fraud Alerts

ALERT!!!

If you are using a debit card to make a purchase (especially at the gas pump), DO NOT run the card as a debit with your PIN#, always choose the option to run it as credit. We believe our area is being targeted by a group who are skimming card data and PIN numbers. As always...it is important you monitor your account balances as often as you can and using our mobile app and our CardValet app can help you with this. If anyone needs assistance setting these apps up, please stop in and we will be more than happy to help you!


CELL PHONE "PORT-OUT" SCAM**

If you’re like most Americans, your cell phone is probably one of the first things you look at in the morning and one of the last things you look at at night. Imagine then, waking up to find that your phone suddenly doesn’t work, and it’s just constantly in emergency mode. For a growing number of consumers, this is the first sign that they are a victim of the port-out scam.

In the scam (also known as the “SIM-swap scam”), a fraudster tricks a cell phone carrier into transferring or porting a consumer’s legitimate phone number to a phone in a scammer’s controls. Once a number is ported, all calls and text messages that are sent to that number go to the scammer’s phone. With that power, scammers are able to get around security features, like two-factor authentication, that are in place to protect consumers’ sensitive email, banking, and social media account information.

In a typical port-out scam, the fraudster will first obtain key details about their victims, such as the last four digits of a Social Security number, a phone number, name on the account, and the victim’s address--all of which are widely available on online black markets thanks to years of data breaches.

Armed with this information, the scammer then calls the victim’s wireless provider and impersonates the victim. Once the scammer establishes contact with the cell phone company, if the victim did not establish a security pin, all the scammer needs to do is correctly confirm the last 4 digits of their victim’s Social Security number and mailing address. The scammer then asks the wireless company to port “their” number to a different phone. After the carrier switches the victims’ phone number to the fraudster’s phone, the victim’s phone will go dead, and the scammer will then use the phone in his possession to reset passwords or gain entry to accounts that use two-factor text authentication. The most common target for these scammers are bank accounts. Once a bank account is accessed, the scammer can quickly transfer funds to an account that the scammer controls.

This scam can be financially devastating to its victims, but there are several steps you can take to prevent the scam from happening in the first place:

  • Contact your carrier and ask them to add a unique personal identification number (PIN) to your account. This PIN will need to be provided any time you wish to make a change to your account, including upgrading your cell phone. This extra layer of security will help stem any would-be scammer from running the port-out scam on your phone. The process for adding a PIN depends on your provider. See below for details on how to add an account PIN for each of the four major national wireless providers:

  • AT&T - Log into your ATT.com account, go to your profile by clicking your name, and under the wireless passcode drop-down menu, click on “manage extra security.”

    1. T-Mobile - Call 611 or (800) 937-8997 from your cell phone to speak with a customer service agent

    2. Sprint - Sprint automatically requires their customers to set up a PIN when an account is opened

    3. Verizon - Call (800) 922-0204

  • Always use good password hygiene. Regardless of account, choose a password that is unique, complex, and contains upper- and lower-case letters, numbers, and symbols. It is critical not to reuse passwords across multiple accounts. That way, if one account becomes compromised, then every account with that password can become compromised as well. For the best password security, use a password manager that creates and remembers random passwords.

  • Consider alternatives to text two-factor authentication. For your most important accounts, like your online bank account, see if they allow other versions of two-factor authentication such as a security key or a third-party authenticator app like Authy.

  • Be wary of suspicious emails or phone calls from people purporting to be from your bank. Remember, your bank will never ask you to enter confidential information in an email.

Even despite our best efforts, fraudsters will likely still be able to pull off the port-out scam. If this happens to you, and your phone stops working, you should:

  1. Immediately notify your cell phone provider, and report any fraud to your bank. Quick action on your part can minimize any damage the fraudster could inflict on you. Your cell phone provider can turn off your phone number and prevent scammers from using that number to bypass two-factor text authentication. Notifying your bank the moment you notice unauthorized charges or that you are at risk for fraudulent two-factor authentication can also minimize your liability.

  2. File a report at Fraud.org via our secure online complaint form. We’ll share your complaint with our network of law enforcement and consumer protection agency partners who can investigate and help put fraudsters behind bars.

  3. File a police report at your local police station.

**Information from www.fraud.org


SMISHING*

Internet scam artists are moving beyond your email inbox and targeting your text messages instead. With this new scam, called “smishing,” scammers are trying to get you to send them your personal information that could help them access your bank account or other online profiles.

Here’s what you should know:

What are smishing scams?

“Smishing” scams are so named because they’re like a phishing email, except sent via SMS, the technology underlying the typical text message. They often prey on people’s panic or sense of urgency, according to Jason Hong, associate professor at Carnegie Mellon University’s Human-Computer Interaction Institute. For example, one fraudulent message might appear to be a warning from your bank about an unauthorized charge.

“That’s one of the main ways they try to trick you,” says Hong. “There’s urgency to the message. There’s something that needs your attention right now.”

How can you avoid smishing scams?

Hong says you should make sure to use different passwords for everything from your bank’s website and social media apps to your email account. Two-factor authentication and password managers like Dashlane and 1Password can also be useful. And in the hypothetical case outlined above, you should call your bank or credit card company directly to verify the alert, rather than clicking any links in suspicious text messages.

Unfortunately, there’s no foolproof way to block smishing messages entirely, says Steve Wicker, a computer engineering professor at Cornell University. Wicker says the best course of action is to be vigilant for suspicious text messages, just like you should watch out for strange emails. One tip: Look out for text messages from phone numbers that clearly appear fake or suspicious.

Why are scammers using smishing scams?

Scammers could have one of several motives, Hong says. They could be trying to steal a victim’s identity, access their bank account, or blackmail them into giving out personal or company secrets.

“That’s where the money is,” Hong added. “People are getting more suspicious of emails. Companies are getting better at detecting fake accounts and shutting them down. So the next easiest thing for [a scammer] to do is to go to mobile.”

Is smishing a new phenomenon?

Smishing scams have been around since as early as 2008, but experts say they are becoming more prevalent. They’re also popping up on all sorts of messaging apps, not just simple text messages.

“This is impacting all systems in the mobile arena; it’s not just limited to one system,” says William Beer, who works on cybersecurity matters for professional services firm EY, previously known as Ernst & Young. “There’s never 100% security on any app, whether they be desktop or mobile.”

*Information from Fortune.com


Online Banking Privacy Statement

We recognize and respect your need for privacy and security as you visit our site.  Protecting personal information and using it in a responsible manner is a high priority for everyone associated with our Credit Union.

Website Activity:

St. Lawrence Federal Credit Union will collect only the personal information that is necessary to conduct our business.  We may gather general information about the browsing activity of site visitors.  This enables us to track how visitors navigate through the site and the areas in which they show interest.  Although this allows us to track which areas of our website our visitors are accessing and general trends, it does not identify specific individuals.

Protection of Personal Information:

St. Lawrence Federal Credit Union will protect your personal information.  Our Credit Union will maintain strong security controls to insure that member information in our files and computers is protected.  We will use security –coding techniques to protect against unauthorized access to personal records, to protect the accuracy and integrity of communications and transactions, and to protect member confidentiality.

Sharing Information:

St. Lawrence Federal Credit Union will share only information necessary to administer the products and services we provide, when required to do so by regulatory requirements, or when we partner with other businesses to offer a broader array of products and services to our members.

Illegal Activity: 

The use of St. Lawrence Federal Credit Union website or home banking system for illegal activities is strictly prohibited.

Cookies:

In order to provide service to you and to address security hazards, we will use ‘cookies’.  A cookie is a small amount of data that is transferred to your browser by a web server and can be read only by the server that gave it to you.  The cookie does not provide any personal information about you to us or to any third party, and you can surf our site and access important information without revealing your identity.

Request for Information:

When you engage in certain web activities such as home banking, applying for a loan, or other online services, St. Lawrence Federal Credit Union may ask you to provide certain information about yourself, by filling out and submitting an online form.  It is completely optional for you to engage in these activities.  Depending on the activity, some of the information that we ask you to provide is identified as mandatory and some is voluntary.  If you do not provide the mandatory data with respect to a particular activity, you will not be able to engage in that activity. 

Email:

Personal information contained in e-mails sent to St. Lawrence Federal Credit Union may be used by the Credit Union staff to answer questions or provide service.  Please be advised that e-mail may not be secured against interception by unauthorized individuals and we recommend you do not include account information via e-mail.  Therefore, if you wish to communicate sensitive or personal information, you may wish to send it by postal mail, or telephone us.

We reserve the right to change this policy at any time by posting a new privacy statement.