FIRST FEDERAL SAVINGS & LOAN ASSOCIATION of VAN WERT, OHIO

PRIVACY POLICY

Purpose:
At First Federal Savings & Loan Association of Van Wert, our mission is to meet the desires of our customers. As financial service professionals entrusted with sensitive financial information, we respect the privacy of our customers and are committed to treating customer information responsibly.

It is First Federal's primary objective to protect the privacy of our customers. We will maintain standards to ensure that our customer's information is private and secure at all times. The board of directors and the management committee has set forth procedures and guidelines to ensure that non-public personal information is secured and remains confidential at all times.

Objectives

The objectives of this policy are to:

• Serve as a reference and guide to bank management and staff involved in providing First Federal's products and services impacted by customer information.
•  
• Establish guidelines and procedures to ensure that nonpublic personal information remains confidential and secured. By setting such guidelines and procedures, customer information will remain limited to employees with a business reason to access such information.
•  
• Assess risks to the privacy of customer's information. It is important that First Federal knows where the possibilities of breaches of security are.
• Ensure that privacy notices are provided to customers.

Collection of Information

In order to better serve our customers, and to conduct a business relationship with them, First Federal needs to collect information from our customers. However, in order to protect our customers' privacy, First Federal maintains and enforces strict security procedures.

Nonpublic personal information is nonpublic information about customers that First Federal obtains in connection with providing a financial product or service to our customers. Examples of nonpublic personal information that we may obtain from our customers include: Name, Address, Telephone Number, Social Security Number, Place of Business, Assets, Liabilities and Account Balances.

First Federal employees ask for a valid driver's license when opening a deposit account. The license is used to verify the identification. The license may also be used for cashing an on-us check when an individual does not have an account with First Federal.

First Federal also uses signature cards to collect and retain customer information including the customer's signature. This information is collected at the time an account is opened. First Federal requests a copy of legal written documents for trust accounts, accounts with power of attorneys, accounts with court ordered withdrawals, and estate accounts.

First Federal's loan department may ask for a valid driver's license when completing a loan application. The driver's license is used to verify the applicant's identification. Loan information is obtained at the time of application and may be verified through credit bureaus, county auditors, county treasurers, financial institutions, employers, landlords, realtors, attorneys and others.

Use of Information

First Federal employees use nonpublic personal information to identify a customer or contact a customer by telephone or mail. First Federal employees also use nonpublic personal information for the following: verifying who has access to an account; check cashing; checking balances on accounts; Automatic Clearinghouse (ACH) deposits; and electronic withdrawals. First Federal employees use nonpublic personal information for mailings to inform customers of products and services, and for mailings to provide year-end tax reports.

First Federal provides nonpublic personal information to 3rd party vendors only in the course of business use. Information is passed daily through secured systems with First Federal's 3rd party vendors. This information allows the institution to transact daily business (deposits and withdrawals), retrieve account information, and update information on accounts. Nonpublic personal information is also used by 3rd party vendors for First Federal customers' ATM and Debit Card activity.

Retaining of Information

First Federal retains nonpublic personal information through various means. The institution retains signature cards, transaction tickets, loan information, and data processing information. First Federal also retains the copies of the following information: cashier checks, money orders, certificate of deposits, resolutions, signature cards, legal papers, loan documents, closed loan files and other necessary business information. Nonpublic personal information may also be retained by the institution on CD-ROMs and fiche.

Safeguarding of Information

First Federal does not release any nonpublic personal information without the account holder's authorization. Employees safeguard nonpublic personal information by using such confidential information for business purposes only. Nonpublic personal information is to be accessed only by employees with business reasons to use such information. First Federal employees also safeguard customer information by:

• Placing all discarded documents with any customer information in marked shredder bins.
• Clearing computer screens after each transaction and when an employee is out of their work area.
• Properly verifying the identity of the account holder before releasing any information over the telephone. Employees ask for the account holder's account number, Social Security number, date of last deposit and/or amount of last deposit. Employees may also ask for the account holder's address, telephone number and date of birth to assist in verifying an identity and updating account holder information.
• Properly verifying the identity of the account holder before releasing any information when an account holder is in the institution. Employees request a valid driver's license and/or account number.

It is First Federal's policy not to reveal nonpublic personal information to unaffiliated third parties for their independent use, except for the exchange of information with reputable reporting agencies to maximize the accuracy and security of such information or in the performance of bona fide corporate due diligence or business matter, unless:

1. )The information is provided to help complete a customer initiated transaction.
2. )The customer requests or permits it.
3. )The disclosure is required by or allowed by law. (I.e. subpoena, investigation of fraudulent activity, request by regulator, etc.)

Securing Data Transfer

First Federal utilizes a 128-bit encryption server for its On-Line Banking purposes provided by Fiserv Corporation. Any data that transfers between the user and the server is encrypted with Secure Sockets Layer protocol. Such data transfers must pass through a firewall before reaching the server. Once a First Federal customer establishes an On-line Banking session, the user (customer) and the server are in a secured environment. First Federal also uses Dual Authentication to maintain the security of our customers' data information.

Electronic Mail or Email

Unless explicitly stated, email is not secure. First Federal recommends that customers do not send any confidential information through email. If you send email to First Federal, we may retain the contents of your email message, your email address, and our response.