Mobile and Online Banking Privacy Policy

Drake Bank’s Online Banking and Mobile Banking platforms (“Electronic Banking”) – powered by Fiserv – help you manage your money, view your transactions and accounts, making it easy to manage your finances on the go.

Depending on the services offered to you by Drake Bank (the “Bank”), Electronic Banking may allow you to:

  • Get real-time balances for your accounts
  • Manage your money
  • View your transactions and statements
  • Make transfers
  • Pay your bills and manage billers
  • Pay other people
  • Deposit a check
  • Locate branches and ATMs
  • Receive alerts
  • Communicate with the Bank via email or chat

This Privacy Policy, in combination with relevant privacy notices that the Bank provides to you (e.g., pursuant to financial privacy laws), informs you of the policies and practices regarding the collection, use, and disclosure of any personal information that the Bank and its service providers (collectively, “we” or “us”) collect from or about users in connection with the Electronic Banking website and mobile application (the “Services”).

The Types of Information Collected

a.) Personal Information You Provide to Us

Through your use of Electronic Banking, we may collect:

  • Personal information from you, such as your first and last name, address, email, User IDs, telephone number, and social security number when you open an account or register for other services.
  • Device images, videos, and/or contacts may be accessed when you deposit a check or make payments using Zelle or other payment functionality.
  • Device location may be accessed to detect and prevent fraud, or to provide branch and ATM locations.
  • Financial and transaction information necessary to provide you with the Services, including account numbers, payment card expiration dates, payment card identification numbers, verification numbers, and transaction and payment histories.

If you provide feedback or contact the Bank via email, we will collect your name, email address, and any other content included in your email messages to us in order to respond to you.

We also collect other types of personal information that you provide voluntarily, such as any information requested by Electronic Banking if you contact the Bank via email regarding support for the Services.

b.) Personal Information Collected from Third Parties

We may collect certain information from identity verification services and consumer reporting agencies, including credit bureaus, in order to provide some of our Services.

c.) Personal Information Collected Via Technology

We may automatically log information about you, your computer or mobile device, and your interaction over time with our Services, our communications, and other online services, such as:

  • Device Data: such as your computer’s or mobile device’s operating system type and version, manufacturer and model, browser type, screen resolution, RAM and disk size, CPU usage, device type (e.g., phone, tablet), IP address, unique identifiers, language settings, mobile device carrier, radio/network information (e.g., WiFi, LTE, 3G), and general location information such as city, state or geographic area.
  • Online Activity Data: including pages or screens viewed, time spent on a page or screen, navigation paths between pages or screens, information about activity on a page or screen, access times, and duration of access.
  • Cookies: which are text files that websites store on a visitor’s device to uniquely identify the visitor’s browser or to store information or settings in the browser for the purpose of helping you navigate between pages efficiently, remembering your preferences, enabling functionality, and helping us understand user activity and patterns.
  • Location Information: If you have enabled location services on your phone and agree to the collection of your location when prompted by the Services, we will collect your location information when you use the Services; for example, to provide our fraud detection services. If you do not want us to collect this information, you may decline the collection of your location when prompted or adjust the location services settings on your device.

Disclosure of Your Personal Information

We disclose your personal information collected through your use of the Services as described below.

a.) In Accordance with Our Other Privacy Policies
Other than as described in this Privacy Policy in connection with the Services, this Privacy Policy does not apply to the processing of your information by the Bank or third parties with whom we share information.

b.) Third-Party Service Providers
We may share your personal information with third party or affiliated service providers that perform services for or on behalf of us for the purposes described in this Privacy Policy, including: to provide you with the Services; to conduct quality assurance testing; to facilitate the creation of accounts; to optimize the performance of the Services; to provide technical support; and/or to provide other services to Electronic Banking.

c.) Corporate Restructuring
We may share your personal information in connection with any merger, financing, acquisition, or transaction involving the sale, transfer, divestiture, or disclosure of all or a portion of the Bank’s business or assets. If another company acquires our business or assets, that company will possess the personal information collected by us, and the company will assume the rights and obligations regarding your personal information as described in this Privacy Policy.

d.) Authorities and Others
Regardless of any choices you make regarding your personal information, we may disclose your personal information to law enforcement, government authorities, and private parties for compliance and protection services described above.

Links to Other Sites

Electronic Banking may contain links to third-party websites. When you click on a link to any other website or location, you will leave the Services and go to another site. On that site, another entity may collect personal and/or anonymous information from you. The Service’s provision of a link to any other website or location is for your convenience and does not signify our endorsement of such other website or location or its contents. We have no control over, do not review, and cannot be responsible for these outside websites or their content. Please be aware that the terms of this Privacy Policy do not apply to these outside websites. We encourage you to read the privacy notice of every website you visit.

Your Choices Regarding Your Information

You have several choices regarding the use of information on the Services.

a.) How We Respond to Do Not Track Signals

Some web browsers transmit “do not track” signals to the websites and other online services with which your web browser communicates. There is currently no standard that governs what, if anything, websites should do when they receive these signals. We currently do not respond to these signals. If and when a standard is established, we may revise our policy on responding to these signals.

b.) Access, Update, or Correct Your Information

You can access, update, or correct your information by changing your account preferences. For additional requests, please contact the Bank at (651) 224-5000.

c.) Opting Out of SMS Communications

If you provide your phone number through the Services, we may send you notifications by SMS, such as fraud alerts. You may opt out of SMS communications by unlinking your mobile phone number through the Services.

d.) Opting Out of Location Tracking

If you initially consented to the collection of geo-location information through the Services, you can subsequently stop the collection of this information at any time by changing the preferences on your mobile device. Please note, however, that if you withdraw consent to our collection of location information, you may no longer be able to use some features of the Services.

Safeguards and Retention

We implement reasonable administrative, technical, and physical measures in an effort to safeguard the information in our custody and control against theft, loss, and unauthorized access, use, modification, and disclosure. Nevertheless, transmission via the internet is not completely secure, and we cannot guarantee the security of your information.

Federal laws and regulations require U.S. financial institutions to retain original, active, and historical records. Your personal and financial data will be retained for a period of five to ten years, as required by applicable laws, regulations, and legitimate business needs.

A Note About Children

The Services are not directed towards individuals under the age of 18, and we do not, through Electronic Banking, intentionally gather personal information about visitors who are under the age of 18. If a child under 18 submits personal information to us through Electronic Banking and we determine that the information belongs to a child under 18, we will attempt to delete it as soon as possible.

Privacy Policy Updates

This Privacy Policy is subject to occasional revision. We may notify you, at our sole discretion, of any material changes in our collection, use, or disclosure of your personal information by posting a notice on the Services. Any changes to this Privacy Policy will be effective immediately. If you object to any such changes, you must notify the Bank that you wish to deactivate your account. Continued use of the Services after any such changes shall indicate your acknowledgement of such changes.

Contact Us

If you have any questions or complaints about this Privacy Policy or the Service’s data collection or processing practices, or if you want to report any security violations, please contact the Bank at:

customerservice@drake-bank.com

(651) 224-5000

Drake Bank
60 E Plato Blvd, Suite 100
St. Paul, MN 55107

Rev 07/2025