MidFirst Privacy Policy

MidFirst Credit Union strives to protect the privacy of members and consumers alike. We place a high priority on ensuring the security and privacy of all data pertaining to each member and consumer. Under federal law, MidFirst is required to give you this privacy notice. This Privacy Notice and Disclosure describes MidFirst's privacy policy and practices concerning personal information we collect and disclose. It also includes information about parties who may receive personal and nonpublic information from MidFirst. These practices are followed by both the Credit Union and its affiliate, MidFirst Financial Services, LLC.; therefore, this notice applies to both.

MidFirst's Consumer Privacy Practices

MidFirst Credit Union is required by law to inform you of the data-protection and privacy practices that we have instituted. We have:

• Established specific security-protection practices to ensure privacy of information
• Defined control methods to limit access to consumer information
• Formalized procedures and processes to ensure the maintenance of accurate information
• Established procedures and restrictions on disclosure of member account information
• Defined standards for consumer data collection, use, and methods of storage
• Required consumer data-privacy covenants with third-party service and business arrangements
• Ensured that our staff is committed to protect a consumer's right to data privacy·
• Disclosed MidFirst privacy policies and provided an overview of institution privacy practices

Therefore, this consumer privacy notice serves as a reference guide for consumers, members, Credit Union staff, and management regarding the protection of member and consumer privacy.

Accuracy of Information

Every effort is made to ensure that our records of your information are complete and correct. If an error is noted on any statement or in any communication that you receive from us, please contact us as soon as possible at the number listed on your account materials.

Collection and Use of Information

To conduct our business relationship with you, we may need to collect certain information about you. We may collect nonpublic personal information about you from various sources, including:

• Information we receive from you on applications or other forms
• Information about your transactions with us, our affiliates, or others
• Information we receive from consumer-reporting agencies

In order to protect your information, we maintain and enforce strict security procedures. We collect only the information necessary to deliver quality products and services to our members and clients. Only authorized and trained employees have access to member information. MidFirst continually assess new technology, as it becomes available, to find ways to best protect your privacy.

Sharing of Information Within MidFirst

Under certain circumstances information about you is shared with others in our organization to better serve you. Examples might include the marketing of additional products and services, while considering your entire relationship with us in making those product recommendations (i.e., increasing a line of credit) or providing necessary services to maintain your accounts (such as data processing).

The types of information shared may include information about your identity, information about your accounts and transaction history, information about your financial status (such as your income and/or assets), and information obtained from a credit report or other sources outside of our Credit Union. We may share the following kinds of nonpublic personal information about you, including:

• Information we receive from you on applications or other forms, such as your name, address, social security number, assets, and income
• Information about your accounts and transactions with us, our affiliates, or others, such as your account balance, payment history, transaction usage, etc.
• Information we receive from a consumer-reporting agency, such as your creditworthiness and credit history

MidFirst restricts access to nonpublic personal information about you to those employees who need to know that information in order to provide the appropriate products and services. We maintain physical, electronic, and procedural safeguards that comply with both state and federal regulations to guard your nonpublic personal information.

Sharing of Information Outside of MidFirst

From time to time, MidFirst may provide information to reputable companies for the purposes of informing you about financial products and/or services offered by those companies. Unless you specifically respond to a solicitation by such a company, retention of this information is not allowed. MidFirst will never share your account number or access codes with outside companies for purposes of marketing. We may disclose nonpublic personal information about you to the following types of parties:

• Financial service providers, such as First Mortgage bankers and/or nonaffiliated insurance agents
• Nonfinancial, nonaffiliated companies such as retailers and publishers
• Others, such as nonaffiliated not-for-profit organizations

We may disclose nonpublic personal information about you to nonaffiliated third parties as permitted by law. We may disclose the following information to companies that perform marketing services on our behalf or to other financial institutions with which we have joint marketing agreements:

• Information we receive from you on applications or other forms such as your name, address, and social security number
• Information about your transaction history with us, our affiliates, or others, such as your account balance, credit card usage, payment history, etc. ·
• Information we receive from a consumer-reporting agency, such as your creditworthiness and credit history

Sharing of Information in Other Circumstances

As permitted and required by law, MidFirst may from time to time share information about your identity (such as name, social security number, etc.), transaction history (such as account numbers, repayment history, etc.), your application (such as income and/or asset information), and credit report or other similar information (such as information about your credit history). Situations with this type of sharing could include:

• When credit bureaus or others, as appropriate, ask for credit references or credit-reporting information in the course of customary business practices
• As required by law, in the instance of a sale or merger of part of our business
• When we contract with third parties on your behalf to help deliver our services to you

Confidentiality of Consumer Information

When we share information with third parties, we attempt to hold all such parties to the same or higher standards as we do ourselves with respect to privacy of your information. As an added safeguard, we may require them to allow us to audit them for compliance in this regard.

How to Limit the Sharing of Information With Others

If you prefer that we not disclose nonpublic personal information about you to nonaffiliated third parties, you may write to us and direct us to refrain from such disclosure, other than those practices permitted and required by law. If you do not want us to share information we must have a written record. Please refer to the Contact Information in this notice.

MidFirst Web Site

When you visit our web site, we want you to feel secure that we are respecting your privacy. The information we may have about you through our web site is the information you choose to give us (such as providing feedback or completing a form). We do not release that information to others without specifically notifying you on the form and getting your consent.

MidFirst may use "cookies" for the purpose of serving you better when you return to our site. A "cookie" is a small element of data that a Web site can send to a browser, which may then be stored on your system. Data collected from "cookies" can help to determine how many people visit certain pages on our site, which ultimately enables us to improve our site design and content. If you prefer, your Web browser can be set to provide you a notice before you accept a "cookie."

Password-Protected Services

Each member who has requested password-protected products and services with MidFirst (i.e.: Internet-based (Online Banking), telephone-based (TELLERPHONE), or ATM) has been provided with an authorized access code, password, or personal identification number. We use these security controls not only to protect our members using password-protected services but also to limit the risk to unauthorized data access or security problems.

E-Mail

E-mail that you may send to us is generally not secure.

Note to Joint Account Holders

If you and someone else (or others) have obtained a financial product or service from MidFirst, the joint account holder is eligible to exercise the right to opt out. If any one of you exercise the right to opt out, we will treat it as if both of you directed us not to make disclosures to nonaffiliated third parties (except those that are permitted or required by law).

Disclosure of Information About Former Members

If you terminate your membership with MidFirst Credit Union, Inc., or its affiliate, MidFirst Financial Services, LLC, we will not share information we have collected about you, except as may be permitted or required by law.

Fair Credit Reporting Act Disclosure

As affiliates, MidFirst Credit Union, Inc. and MidFirst Financial Services, LLC, are permitted by law to share any information about their transactions or experiences with you. Information taken from credit reports may also be exchanged but will not be shared for affiliate product recommendations if you notify us in writing not to do so.

How to Contact Us

If you would like additional information, or have questions regarding MidFirst Credit Union's privacy policy, please write to us at MidFirst Credit Union, Inc., 3600 Towne Blvd., Franklin, OH 45005.

Please include the name, address, social security number, and account numbers of all affected accounts, or call us at 800-633-8905 and we will send the appropriate forms to you.

CONTACT INFORMATION

Write to us at:

MidFirst Credit Union, Inc.
Member Privacy
3600 Towne Blvd.
Franklin, OH 45005