Search

Digital Privacy Policy

This Digital Privacy Policy is subject to change. 

This Digital Privacy Policy (“Policy”) applies to your interaction with Commercial Bank (the “Bank”, “we”, “us”, “our”), including any online or mobile site or application that we own (“Site”), unless a different online, mobile, or other privacy policy is posted relating to a particular site, application, product, or service, or is made available to you and by its terms supplants this Policy. We may collect, retain, use, and disclose personal and other information about you in accordance with this Policy. 

We may collect personally identifiable information, such as your name, company name, email address, postal address, and phone number. We may also collect other sensitive information such as your date of birth, gender, and username. Passwords are not stored directly; we use a hash of the password to maintain security. 

Commercial Bank does not knowingly collect any personal information from anyone under 13 years of age. 

This Policy applies to information we collect through the Site or electronic messages sent to us through the Site. It does not apply to information collected by us offline or through any other means. 

By accessing or using the Site, you agree to be bound by the terms of this Policy and also consent to how we collect, share, and otherwise use information about you as described in this Policy. If you do not agree to these terms, do not access or use the Site. 

  1. INFORMATION WE COLLECT

When you access and use the Site, we may collect the following types of information:

  • Personal Information” which is information that identifies an individual or relates to an identifiable individual or household, such as your name, address, email address, postal address, phone number, and date of birth, or company information, including name, address, email address, postal address, and phone number. “Non-Personal Information” is information about you that, on its own, does not identify you personally. When we combine information that is Non-Personal Information with Personal Information, we treat it like Personal Information for as long as it is combined. 
  • Usage Data” which is information that we automatically collect about your use of the Site, such as information about your device and how you access and interact with the Site, including location data, your internet connection, IP address, and other unique identifiers. Usage Data does not directly identify an individual but may constitute Personal Information in some instances. Usage Data is a critical part of how we improve your experience using the Site. 
  1. HOW WE COLLECT YOUR PERSONAL INFORMATION 

We use information collected from users of the Site to personalize and improve your experience with the Site, and to provide the Site to you, and for other purposes set out below. When you use the Site, we may collect Personal Information in the ways described below. 

Information You Provide to Us

You may provide information to us in various ways, such as through forms or other means offered through the Site, such as when you communicate with us about our products or services or complete and submit forms through the Site. 

Note that if you place an order or fill out any online form on the Site or send communications through the Site, you are voluntarily providing your information to us electronically through the Site. If you submit Personal Information, it will be kept confidential and will not be shared, given, or sold to any third parties unless those third parties are business partners of Commercial Bank whose services are required to provide the Site, products, or services to you. Personal Information provided to us will be used to respond to any request or questions and will be stored on secure computer systems that have technical and physical safeguards in place to protect your information. By providing us with your email address, you indicate that you wish to be contacted by us by return email.

Information We Automatically Collect

When you use the Site, we collect Usage Data subject to the settings of your device that you use to access the Site. We may use various technologies to collect and store Usage Data in connection with your use of the Site. The Usage Data we may collect include:

  • Device Information. We collect information about your device, such as unique identifiers associated with your device.
  • Log Information. We automatically collect information in system logs or similar files about how you interact with the Site, such as which buttons you click. This log information may also include things like date and time of access. 
  • Information Used to Reidentify. We may collect information in order to reidentify you across multiple use sessions. 
  • Location Information. We may use certain information to estimate your location through use of location-enabled services on your device (which typically provide GPS or Wi-Fi access point details), which are used to enhance the Site. You may adjust your privacy settings to control whether we can access your location, but if you make such changes, some parts of the Site may not function properly. 

Information from Other Sources

We may collect Personal Information from other sources such as third parties from which you authorize us to obtain Personal Information about you or on your behalf. We may also collect information made publicly available through third-party platforms such as social media websites, online databases, or online directories. 

  1. USE OF INFORMATION COLLECTED

We may use the information we collect from you and third parties except as is restricted by this Policy or applicable law.  For instance, we use this information to operate the Site and provide the Site to you. In addition, we may use your Personal Information:

  • To Respond to You. We use the information we collect to respond to user product or service requests, user questions and concerns, and to administer user accounts. We may use your information to verify your identity or provide you with information, products, and services.
  • To Provide the Site to You. We use the information we collect to provide the Site to you in a personalized way. 
  • To Communicate with You. We use the information to respond to inquiries or other communications from you. Messages or information sent by you to third parties will be recorded in information logs, which may be reviewed to monitor the overall effectiveness of the Site.
  • To Ensure the Security and Integrity of the Site. We use the information we collect to protect the Site, its users, and underlying systems from unauthorized access, misuse, fraud, disruption, or other security incidents, and to maintain the proper functionality, reliability, and availability of the Site. 
  • To Ensure the Quality of the Site. We  use the information we collect to verify and maintain the quality of the Site, improve the Site, or develop new products and services.
  • As Part of a Business Transaction. In the event of a business transaction, such as a merger, acquisition, divestiture, restructuring, reorganization, dissolution, or sale of all or a portion of our assets, we may use your information in connection with such transaction.
  • For Legal Reasons. We may disclose your information to comply with any applicable laws and/or regulations, such as to comply with valid legal processes such as a search warrant, subpoena, or order from a court or tribunal of competent jurisdiction.
  1. SHARING OF INFORMATION COLLECTED

We share information with third parties in order to provide the Site, products, and services to you and for our internal business purposes, including for the following purposes:

  • Sharing with Business Partners. We may share information with business partners to provide and improve the Site and our products and services. We may share information about you with third-party partners with whom we collaborate to provide you with our products and services. 
  • Sharing with Service Providers Acting on Our Behalf. We may share information with service providers we use to assist us in providing the Site, products, and services to you and/or to perform on our behalf any of the activities we are permitted to conduct under this Policy. We may also share with third parties deidentified or aggregated data that we collect. We share such information for a variety of purposes, including to monitor and understand your use of the Site and to improve the Site. 
  • Sharing to Complete a Transaction. We may share information with other third parties if there is a specific need to complete a transaction requested by you. 
  • Sharing with Affiliates. We may share information with any parent, subsidiary, or affiliate business entity for internal business purposes. Such parties are subject to Commercial Bank’s corporate policies regarding privacy and confidentiality and are required to employ at least the same strict standards of confidentiality and security that we employ. 
  • Sharing with Employees. We may share information with our employees in order to respond to your requests or inquiries. Certain employees will also be provided with information to monitor the effectiveness of the Site. Our employees are required by written confidentiality agreements, corporate policies, and applicable law to maintain the confidentiality of Personal Information and to use strict standards of care in handling Personal Information.
  • Sharing with Third Parties as Part of a Business Transaction. We may disclose and transfer information to a third party as part of a business transaction as described in Section 3. 
  • Sharing with Third Parties for Legal Reasons. We may disclose your information to comply with any applicable laws and/or regulations, such as to comply with valid legal processes such as a search warrant, subpoena, or order from a court or tribunal of competent jurisdiction.

We do not sell information collected through the Site to third parties.

  1. PROTECTION OF INFORMATION COLLECTED

We use commercially reasonable administrative, technical, and physical safeguards, and other appropriate security measures to protect Personal Information. For example, when you perform a transaction or provide Personal Information, we employ certain technical and organization security measures, such as encryption where appropriate. Unfortunately, no data transmission over the Internet or other data system can be guaranteed to be 100% secure. Accordingly, by using the Site and providing us with your Personal Information, you understand and agree that the security of your information is not guaranteed. To the fullest extent of the law, you agree to hold harmless Commercial Bank, its shareholders, employees, officers, directors, owners, subsidiaries, vendors, subcontractors, and agents against any claims related to your Personal Information being acquired by unauthorized third parties so long as Commercial Bank did not intentionally and knowingly breach this Policy. 

If you wish to keep your communications to us private, you should not communicate with us using the Site.  If you have reason to believe that your interaction with us is no longer secure, immediately notify us in accordance with the contact methods provided at the end of this Policy. 

You can also take steps to promote the confidentiality and security of your Personal Information.  For instance, when you establish your account, you can create strong passwords that you do not use for other accounts that require log-ins.  You can keep your password secret and do not store it in places or ways that make it vulnerable to being stolen.  Also, you can use the settings on your electronic devices so that those devices automatically log off or lock your screen when you are not actively using them. 

Additionally, if you want to, you can “opt out” of having your information collected, used, and/or shared as described in this Policy by not accessing or using the Site.  

  1. COOKIES AND OTHER TRACKING TECHNOLOGIES

We and our service providers use cookies and similar tracking technologies to support the operation, security, and functionality of the Site, to understand how users interact with the Site, and to improve the products and services we provide. These technologies may include not only traditional cookies, but also mobile-specific identifiers and technologies, such as software development kits (SDKs), application programming interfaces (APIs), device identifiers, local storage, and similar tools. 

Type of Technologies We Use

The tracking technologies used in connection with the Site may include:

  • Cookies and Local Storage. Small data files stored on your device that help maintain user preferences, session information, and Site functionality. 
  • Mobile Device Identifiers. These identifiers include device ID, advertising ID, or similar identifiers provided by your mobile operating system.
  • SDKs and APIs. Code provided by third party vendors that help us enable features, analyze Site performance, prevent fraud, and support analytics and crash reporting. 
  • Pixels, Tags, and Log Files. Technologies that collect information about how the Site is accessed and used, including usage events, error reports, and performance data. 

How We Use These Technologies

We use cookies and tracking technologies for the following purposes:

  • Essential and Operational Purposes. To enable core Site functionality, maintain user sessions, authenticate users, and ensure the security and integrity of the Site. 
  • Analytics and Performance. To understand how users interact with the Site, monitor usage trends, identify errors, diagnose technical issues, and improve Site performance and user experience. 
  • Security and Fraud Prevention. To detect, prevent, and investigate suspicious or unauthorized activity, protect user accounts, and safeguard our systems. 
  • Preferences and Settings. To remember user preferences and settings, such as language or configuration choices, where applicable. 

We do not use cookies or tracking technologies to collect personal information beyond what is reasonably necessary for these purposes. 

Third Party Technologies

Some tracking technologies may be provided and operated by our third party service providers, such as analytics, cloud hosting, or security vendors. These providers may collect information on our behalf and process it subject to contractual obligations that limit their use of the information and require appropriate safeguards. We do not permit third parties to use these technologies for their own independent marketing or advertising purposes unless expressly disclosed to you.

Your Choices and Controls

You may be able to control or limit certain tracking technologies through your device or operating system settings, including:

  • Adjusting privacy or advertising settings on your mobile device
  • Limiting or resetting your device’s advertising identifier
  • Managing Site permissions or uninstalling the Site, as applicable

Please note that disabling or limiting certain technologies may affect the availability or functionality of some features of the Site. 

  1. MOBILE PLATFORM PROVIDERS

Our mobile application is made available through mobile operating systems and app distribution platforms operated by third parties, including Apple (iOS and the App Store) and Google (Android and Google Play). When you download, install, or use the application, these platform providers may independently collect information about you or your device, such as device identifiers, operating system information, and mobile usage data, in accordance with their own privacy policies and terms. We do not control how Apple or Google collect or use this information. To learn more about how these platforms handle personal information, please review Apple’s and Google’s respective privacy policies. 

  1. RETENTION OF INFORMATION COLLECTED

We keep Personal Information only for as long as required to fulfill the purposes for which it was collected. However, in some circumstances we may retain Personal Information for longer periods of time, for instance, where we are required to do so in accordance with legal, tax, and accounting requirements. We may also retain your Personal Information for longer periods of time so that we have an accurate record of your dealings with us in the event of any complaints or challenges. When we have no ongoing legitimate business need to process your Personal Information, we will either delete or anonymize it.

  1. CHILDREN’S PRIVACY 

The Site is not directed to persons under the age of 13. We do not seek to or knowingly collect or solicit information about children under the age of 13 except as permitted by law. If we learn that we have collected Personal Information from a child under 13 without verifiable parental consent where required, we will delete such information promptly in accordance with applicable law. 

In certain circumstances, we may maintain accounts for consumers under 13 years of age when those accounts are opened with a parent or guardian in accordance with bank policy and applicable law. Such accounts may only be opened with appropriate parental or guardian involvement. We collect, use, and disclose Personal Information only for purposes necessary to provide requested financial products or services, to verify identity, to prevent fraud, and to comply with legal and regulatory obligations (including Customer Identification Program (CIP) and customer due diligence (CDD) requirements). We do not sell or share Personal Information for behavioral advertising or other commercial purposes.

Parents or guardians who believe that their child has provided Personal Information to us may review, correct, or request deletion of that information, subject to legal and regulatory recordkeeping requirements, by contacting us by:

  • Emailing us at privacy@myCBstl.bank with the subject line “Privacy Rights Request”, or
  • Calling us at (314) 434-4141, or
  • Writing to us at the following address:

Commercial Bank

2330 West Port Plaza Dr

St. Louis, MO 63146

10. CONTACT INFORMATION 

If you have other questions, comments or concerns about our privacy practices, or if you wish to issue a request to exercise your rights where applicable by law, please contact us at privacy@myCBstl.bank or at the address below. Please provide your name and contact information along with the request.

Commercial Bank

2330 West Port Plaza Dr

St. Louis, MO 63146

 11. YOUR STATE PRIVACY RIGHTS

State privacy laws may provide their residents with additional rights regarding our use of their personal information. This section applies to residents of such states (“State Privacy Laws”) and supplements the other disclosures of this Policy. 

State Privacy Laws include those consumer privacy laws in California, Colorado, Connecticut, Delaware, Florida, Indiana, Iowa, Kentucky, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Rhode Island, Tennessee, Texas, Utah, and Virginia, and other state privacy laws enacted in the future.

Categories of Personal Information Collected

Depending on how you interact with the Site, we may collect the following categories of personal information, as defined under applicable State Privacy Laws:

  • Identifiers, such as name, email address, phone number, device identifiers, or online identifiers
  • Commercial Information, such as transaction-related information or usage
  • Protected classification characteristics, such as age or gender
  • Commercial information, such as product and service interests
  • Internet or other electronic activity information, including Site usage data, log data, and interaction information
  • Geolocation data, such as your general geographic location derived from device settings (where enabled) or more precise location when using the Site
  • Inferences, drawn from usage data to improve Site functionality and user experience

We collect sensitive personal information, which may include, without limitation, government identifiers (such as Social Security or tax identification numbers), geolocation information in limited circumstances, account log in username, and other information that State Privacy Laws may classify as “sensitive” (“Sensitive Personal Information”). We use and disclose Sensitive Personal Information only as reasonably necessary to provide requested financial products and services, to complete or process transactions you initiate, to verify your identity and comply with applicable Customer Identification Program (CIP) and customer due diligence (CDD) requirements, to detect and prevent fraud, to maintain the security and integrity of our systems, and to comply with legal and regulatory obligations. We do not sell or share Sensitive Personal Information for behavioral advertising or other commercial purposes. We may disclose Sensitive Personal Information to service providers and other third parties solely for the limited purposes described in this Policy and pursuant to written agreements that restrict their use of such information. 

Purposes for Processing Personal Information 

We collect and process personal information for the purposes described in this Policy, including to:

  • Provide, operate, and maintain the Site
  • Authenticate users and manage accounts
  • Ensure the security and integrity of the Site
  • Detect, prevent, and investigate fraud or unauthorized activity
  • Improve Site performance, functionality, and user experience
  • Comply with legal, regulatory, and contractual obligations

Disclosure of Personal Information

We may disclose personal information to:

  • Our third party service providers and processors that perform services on our behalf, such as hosting, analytics, security, customer support, and compliance services
  • Affiliates, where permitted by law and consistent with this Policy
  • Law enforcement or other third parties where required or permitted by law 

We do not disclose personal information to third parties for their own independent purposes except as described in this Policy. 

Sale, Sharing, and Targeted Advertising

We share personal information with third parties for business purposes and we may sell your personal information to third parties, subject to your right to opt-out of those sales. The categories of third parties to whom we disclose your personal information may include marketing, business strategy, advertising, analytics, and payment providers and certain third parties where you have provided consent or where we are required by law.  

We allow certain third party providers to collect information about consumers for purposes of analyzing and optimizing our products, services, delivering ads, providing content, measuring statistics and the success of ad campaigns, and detecting and reporting fraud. To the extent this practice is interpreted to constitute a “sale” under applicable State Privacy Laws, please refer to Right to Opt-Out of Personal Information Sales section below.

Right to Opt-Out of Personal Information Sales

You have the right to direct us not to sell personal information we have collected about you to third parties. If you are under the age of 16, you have the right not to have your information sold, unless you, or your parent or guardian, affirmatively authorize such sales.

Submitting Requests: To exercise your right to opt-out, please use this link. For us to respond to your request, it’s necessary that we know who you are. Therefore, you can only exercise the above rights by making a verifiable request which must:

  • provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative; and
  • describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

Rights Under State Privacy Laws

Subject to certain limitations and exceptions, residents of states with enacted privacy laws may have the right to:

  • Confirm whether we process their personal information
  • Access personal information we have collected about them
  • Correct inaccuracies in their personal information
  • Delete personal information, subject to legal retention requirements
  • Obtain a copy of their personal information in a portable format
  • Opt out of certain processing activities, where appliable
  • Appeal a decision regarding a privacy rights request

Exercising Your Rights

You may submit a request to exercise your state privacy rights by using the contact information provided in this Policy. We will verify your request as required by law and respond within the timeframes mandated by applicable State Privacy Laws.

Authorized agents may submit requests on your behalf where permitted by law and subject to verification requirements. 

Please submit a request specifying the right you wish to exercise by:

  • Emailing us at privacy@myCBstl.bank with the subject line “Privacy Rights Request”, or
  • Calling us at (314) 434-4141, or
  • Writing to us at the following address:

Commercial Bank

2330 West Port Plaza Dr

St. Louis MO 63146

Non-Discrimination 

We will not discriminate against you for exercising your rights under appliable State Privacy Laws, including by denying products, services, or providing a different level or quality of product or service, except as permitted by law. 

Data Retention

We retain personal information for only as long as reasonably necessary to fulfill the purposes described in this Policy, unless a longer retention period is required or permitted by law. 

Updates to this Section

We may update this section to reflect changes in applicable State Privacy Laws or our data practices. Any material changes will be posted in this Policy. 

  

HOW TO CONTACT US

If you have other questions, comments or concerns about our privacy practices, or if you wish to issue a request to exercise your rights where applicable by law, please contact us at privacy@myCBstl.bank or at the address below. Please provide your name and contact information along with the request.

Commercial Bank

2330 West Port Plaza Dr

St. Louis, MO 63146