Digital Privacy Policy


Your trust and confidence in BankFinancial, National Association is very important. This Digital Privacy Policy (the "Digital Policy") applies to the establishment and access to accounts and services, transaction processing, electronic communications (including telephonic, electronic mail, electronic data interchange or video communications), marketing, or other related products, services or activity we offer or provide by our Online Banking application (BankFinancial.com), Mobile Banking application or other related applications, or other electronic capabilities established by BankFinancial National Association (the "Digital Services") for or by individuals and households. Use of our Digital Services is also governed by our Privacy Policy, our Customer Account Agreement and Disclosure Statement and other enrollment or use terms, conditions, and limitations specific to accounts or services you selected.

In this Digital Policy, we refer to BankFinancial, National Association, its Trust Department and its subsidiary, Financial Assurance Services, as the "Bank", "BFNA", "BankFinancial", “we” or “us."  We refer to an individual customer, or a household of more than one customer, as "you." By necessity, we use third-party technology and communications vendors to provide Digital Services and we refer to such third parties as "Technology Providers."

You consent to the practices set forth in this Digital Policy when you visit, access, or use any of our Digital Services; if you do not wish to consent to our Digital Policy, please do not access or utilize our Digital Services.

INFORMATION WE COLLECT

By your use of Digital Services, the Bank or its Technology Providers may collect information about you.  Information not available from publicly available or unrestricted sources that is directly related and specific to you is considered "personal information." Examples of personal information include tax identification information, biometric information, or authentication information. In some cases, such as personal identification numbers, biometric or other authentication information, a Technology Provider may obtain information from the Digital Services, but the Bank may not possess or retain such information.  Any information that is not "personal information" is considered "non-personal information."  


The following are categories and usage of information the Bank or its Technology Providers may collect through your access or use of Digital Services:

Contact Information. Contact information includes your name, address, e-mail address, phone number, or other information used to contact you by any method. We use this information to establish and maintain your accounts and services with us, conduct transactions and provide services, deliver Relationship Information to you by any lawful and authorized method, and conduct lawful and authorized marketing activities.   

Relationship Information. Relationship Information includes account numbers, account transaction information, Digital Services user information or other information related to your conduct of banking, trust, insurance, or other financial services with us. We use this information to provide services and information to you, including legally required disclosures, account statements or activity notices and tax information, and conduct marketing activities by any lawful method, including in-person delivery, paper delivery or by Digital Services. 

Location Information. If you choose to enable Location Services through your access device, the Bank or a Technology Provider may obtain precise real-time geographic location data. We use this data to provide assistance to you, such as the location of the nearest branch office, automated Teller Machine or appointment scheduling services, or to provide emergency services.  

Biometric Information. Fingerprints, recognition by facial, vocal, or retinal patterns or other bio-specific identifiers are considered "Biometric Information." Photographs, physical descriptions and written or electronic signatures are not considered Biometric Information.  You may choose to use Biometric Information with your device provider to enable a device to access or use Digital Services.

Signature, Image & Voice Information. We may use signatures, photographs, video recordings, video transmissions, telephone calls or other information in connection with accounts, services or transactions conducted by or for you, including the Digital Services.

Financial Information. Financial information includes financial statements, tax returns, other information related to banking, trust or insurance products or services you provide to us. We use this information to establish and maintain your accounts and services with us, for risk management and regulatory compliance purposes and to determine whether new, additional, or alternative accounts, products, or services that we offer may be valuable to you.

Other Information. We use other information you provide to us, including information related to job applications, to establish and maintain accounts and services, conduct transactions, or provide services, and consider employment applications you submit to us.     

Information About Others. You may provide information about others to us, including requests to add authorized transactors or holders of a beneficial interest in accounts, conduct transactions with others, consider charitable donations or community support activities, provide, or receive business referral opportunities or for other lawful purposes.

Cookies, Tags and Other Tracking Technology Information.  A "cookie" is a text information file that is downloaded to your device allowing us or a Technology Provider to recognize your device when you access or use Digital Services or respond to marketing efforts and store your Digital Services preference choices. Our Digital Services and electronic mail messages may also use tags or web beacons, and other tracking tools in our Digital Services and electronic mail marketing activities to: (1) deliver cookies; (2) determine responses to electronic mail messages with embedded website links or to monitor access to Digital Services; and (3) determine the effectiveness of our marketing and deliver marketing appropriate to your interests.  Cookies, tags, and other tracking technologies we use do not contain any personal information. 

We may use cookies and JavaScript associated with analytics services by our Technology Providers, including Adobe and Google, to monitor inbound traffic to BankFinancial.com and gather usage statistics and patterns. For more information about these analytics services, including any opt-out rights offered by Adobe and Google, please visit their websites.

Depending on your access device, you may be able to control your acceptance of cookies, tags and other tracking technology used in our Digital Services, including the establishment of privacy settings.  Each device requires separate configuration of your cookie and other tracking technology controls and preferences.  If you do not accept cookies, or block or delete cookies necessary to the function of Online Banking or other Digital Services, you may need to provide additional security information each time you access or use Digital Services and certain functions of our Digital Services may not work properly.  

Device and Other Technical Information. Non-personal information may be aggregated in our Digital Services systems for various purposes, including collection of device event information such as browser crashes, system activity and referral website Uniform Resource Locator (URL) address.  Session cookies record your browser version, hardware and operating system, Internet Protocol (IP) address, MAC address, Internet Service Provider (ISP) and the region from which you are accessing Digital Services. We also receive information from search engines and other referral services based on your interaction with the referring site or content. 

Types of Information Sharing

As governed by our Privacy Policy, we share certain information for various business purposes.  We may share personal and non-personal information that we obtain from you and any device you use to access or use the Digital Services with:

  1. Technology Providers. The Bank's “Technology Providers” as defined in the second paragraph of this Policy.
  2. Product and Service Providers. Other vendors or organizations with whom we jointly offer products, accounts, or services.
  3. Security Providers. Individuals or entities, when we believe that disclosure is necessary to report suspicious activity, prevent physical harm, financial loss, and violations of our policies or agreements.
  4. Regulatory Organizations and Other Business Services Providers. Regulators, legal representatives or other entities or individuals who are legally entitled or specifically authorized by the Bank to receive such information for a lawful business purpose.
  5. Marketing Providers. Advertising and marketing entities, when subject to legally binding information security agreements prohibiting the sharing of information with unauthorized parties.

Use of Information by Others

  1. Online Authentication Services. Some Digital Services or marketing activities may require you to perform an online authentication process from a Technology Provider, which may involve collection of personal or non-personal information.  Some of these processes utilize information services from a Technology Provider to verify your identity. For example, you may be asked to confirm details about a previous financial transaction. The information that you provide in response to such questions will be used for the sole purpose of verifying your identity. Our online authentication processes may collect a unique device identifier, IP address, and related data associated with your mobile device, and/or use cookies, tags, and JavaScript, to identify the device for accessing or using Digital Services or responding to marketing efforts. These processes are used to protect both you and us from fraud and unauthorized transactions.

  2. Social Media. The Bank participates in social media platforms, such as LinkedIn®, which enable online sharing and collaboration among their users. Any information or other content you post on these platforms, such as pictures, opinions, or personal information, is subject to the platforms’ terms of use and privacy and security policies; please refer to their policies to better understand your rights and obligations with regard to such content. 
  1. Links to Third-Party Sites. We may provide links to other websites, applications, or services for your convenience; however, these information sources are not subject to this Policy. Please refer to the posted privacy policies of any linked information source.

Options To Opt-Out of Information Sharing

Depending on your access device and the specific use of Digital Services, or response to our marketing efforts, you may have options to opt-out of certain Types of Information Sharing. 

Although we do not respond to "Do Not Track" signals transmitted by browsers or similar mechanisms, you may opt-out of the use of non-personal information used in digital advertising and marketing of our products and services through marketing websites and other marketing vendors by contacting us:

BankFinancial National Association
Attention:  Marketing Department
5140 Main Street 
Downers Grove IL 60515
CustomerService@BankFinancial.com

You may also terminate your use of Online Banking or Mobile Banking via a request submitted by Secure Electronic Mail within our Online Banking application, in person at a branch office, or by written request to: 

BankFinancial National Association
Attention:  Customer Service Center
48 Orland Square Drive
Orland Park, IL 60462

For information security and account protection purposes, we do not accept requests to terminate Online Banking or Mobile Banking by telephone or electronic mail, except as noted above.

Accuracy of Your Information

The accuracy of your account and other personal information is important. If you find that any personal information we have or have reported to another party does not appear to be accurate, please contact our Compliance Department as set forth below.

Protecting Children’s Online Privacy

In accordance with the Children’s Online Privacy Protection Act, we do not knowingly collect personal information from children (i.e., persons under age 13). We do not knowingly collect, store, use or share personal information about children, unless the information has been provided by an adult in connection with the opening of a deposit account for or with the child. We do not accept applications directly from children and will not send unsolicited promotions to users who indicate they are less than 13 years of age except in connection with an account opened by an adult. This does not prevent parents from opening deposit accounts on behalf of their children. We will obtain parental consent prior to the creation of an account on behalf of a child.     

 Visitors Residing Outside the United States

If you visit or use our online services, your personal or non-personal information may be collected, stored, used and processed in and transferred to, from, and within the United States. In such instances, applicable U.S. federal and state laws shall govern. If you are a non-U.S. resident, such laws may not provide the same level of protection as the laws of the country of your residence.

Changes to this Policy

We reserve the right to update this Policy from time to time to comply with applicable laws and to reflect changes in our online services. For this reason, we encourage you to periodically review this Policy. If we make changes to this Policy, we will revise the “Effective/Revised” date shown at the bottom of the Policy and post the revised Policy on BankFinancial.com and through our other online services. The changes will be effective when we post the revised Policy. Upon our posting of a revised Policy to BankFinancial.com, if you access or use Digital Services, or respond to marketing efforts, after the effective date of the Policy, you accept the revised Policy.

How to Contact Us About This Policy and Your Information

If you have any questions or comments on our Digital Privacy Policy, or you wish to notify us about the accuracy of information in our records provided by you or a third party, please contact us at:

BankFinancial National Association
Attention:  Compliance Department
60 North Frontage Road
Burr Ridge, IL 60527

Please include your contact and account information to help ensure timely processing and responses.