|
CUSOURCE, LLC dba Southwest Corporate Investment Services (hereinafter referred to as “SCIS”) places a high priority on security, and utilizes security measures to protect not just nonpublic personal information, but all types of confidential information that it receives from its client credit unions.
Under (A) the Gramm-Leach-Bliley Act, (B) Parts 716 and 748 of NCUA’s Regulations, and (C) SEC Regulation S-P (Privacy of Consumer Financial Information), SCIS is deemed to be a “service provider” to its client credit unions. We are providing this Affidavit in order to assist our client credit unions in their compliance with applicable statutes and regulations as to the privacy and security of nonpublic personal information. The Affidavit is written in general language so that our client credit unions can utilize the Affidavit regardless of the level of complexity of their security programs.
Each credit union for which SCIS is a “service provider” is hereby authorized to consider this Affidavit to be a contractual agreement with SCIS or to be an amendment of any agreement or agreements that the credit union has entered into with SCIS.
- SCIS agrees not to use nonpublic personal information about any client credit union’s members for any purpose other than those purposes for which the credit union disclosed the information to SCIS, including servicing and processing of transactions, and provision of financial and advisory services, in the ordinary course of business.
- SCIS will utilize security measures that SCIS deems to be appropriate for the protection of nonpublic personal information about each client credit union’s members, with particular attention to protection against unauthorized access to or unauthorized use of such information that could result in substantial harm or inconvenience to any of the credit union’s members.
- From time to time, if requested by a client credit union, SCIS will make available to the credit union information deemed by SCIS to be appropriate as to the security measures, controls, systems and procedures that SCIS uses for the protection of nonpublic personal information.
- If an incident occurs that involves unauthorized access to or unauthorized use of nonpublic personal information about any of a client credit union’s members, SCIS will take actions that SCIS deems to be appropriate, including notification to the credit union as soon as possible of any such incident.
- SCIS will utilize security measures designed to accomplish the proper disposal of nonpublic personal information held by SCIS. If immediate deletion or disposal of the nonpublic personal information held by SCIS is not feasible, then until the date when deletion or disposal of the information occurs, SCIS will continue to utilize security measures designed to protect the information against unauthorized access and against unauthorized use.
|
|
