This website has been established by the Bank for the sole purpose of conveying information about the Bank’s products and services and to allow communication between the Bank and its customers. Information that appears on this website should be considered an advertisement. Nothing contained in any page on this site takes the place of the bank’s agreements and disclosures that govern its products and services. If any information on the site conflicts with that in the bank’s agreements and disclosures, the agreements and disclosures will control.

From time to time the Bank may place links to other websites on this page. The Bank has no control over any other website and is not responsible for the content on any site other than this one. Users assume all responsibility when they go to other sites via the links on this page.

The information and materials contained in this website are owned by the Bank or by others, as applicable. No material may be copied, displayed, transmitted, distributed, framed, sold, stored for use, downloaded, or otherwise reproduced except as permitted by law.

The Bank will use reasonable efforts to ensure that all information displayed is accurate; however, the Bank expressly disclaims any representation and warranty, express and implied, including, without limitation, warranties of merchantability, fitness for a particular purpose, suitability, and the ability to use the site without contracting a computer virus. The Bank is not responsible for any loss, damage, expense, or penalty (either in tort, contract, or otherwise), including direct, indirect, consequential and incidental damages, that result from the access of or use of this site. This limitation includes, but is not limited to the omission of information, the failure of equipment, the delay or inability to receive or transmit information, the delay or inability to print information, the transmission of any computer virus, or the transmission of any other malicious or disabling code or procedure. This limitation applies even if the Bank has been informed of the possibility of such loss or damage.

This agreement may be changed from time to time by posting the new Terms of Use on the website. All users agree to be subject to this agreement as it changes from time to time.

This agreement and the use of this website are governed by the laws of the State of Pennsylvania.

Internet Privacy Policy

This Internet Privacy Policy explains how we may collect information from you when you visit our web site or when you use our online financial services.

We recognize the importance our customers place on the privacy and security of their personal information. Our goal is to protect your personal information in every way that we interact with you, whether it’s on the telephone, in our lobby, or on the Internet.

We think it is important for you to be informed of the policies, procedures, and security measures that we have in place to safeguard your personal and confidential information. With that in mind, we have developed this Internet Privacy Policy to help you to understand the steps we take to protect your personal information when you utilize our online financial services.

In addition to the protections discussed within this Internet Privacy Policy, your online financial activities may also be protected by our general privacy policy.

Below are several definitions of terms used within this policy:

Customer Information – Customer Information refers to personally identifiable information about a consumer, customer or former customer of this Institution.

Internet Protocol (IP) Address – an IP address is a unique address that devices use in order to identify and communicate with each other on a computer network. An IP address can be thought of as a street address or a phone number for a computer or other network device on the Internet. Just as each street address and phone number uniquely identifies a building or telephone, an IP address can uniquely identify a specific computer or other network device on a network. We may use IP addresses to monitor login activity and for identification purposes when necessary for security investigations.

Cookie – a Cookie is a very small text file sent by a web server and stored on your hard drive, your computer’s memory, or in your browser so that it can be read back later. Cookies are a basic way for a server to identify the computer you happen to be using at the time. Cookies are used for many things from personalizing start up pages to facilitating online purchases. Cookies help sites recognize return visitors and they perform a very important function.

Cookies can be “Persistent” or “Session” Cookies. Persistent Cookies remain on your personal computer or mobile device when you go offline, while Session Cookies are deleted as soon as you close your web browser.

These Cookies are used to track information about traffic to our website and how users use the website. The information gathered via these Cookies may directly or indirectly identify you as an individual visitor. This is because the information collected is typically linked to a pseudonymous identifier associated with the device you use to access the website. We may also use these Cookies to provide direct marketing materials, promotions, test new pages, features or new functionality of the website to see how our users react to them.

We use First Party Cookies or Browser Cookies. You can instruct your browser to refuse all Cookies or to indicate when a Cookie is being sent. However, if you do not accept Cookies, you may not be able to use some parts of our service. Unless you have adjusted your browser setting so that it will refuse Cookies, our service may use Cookies.

Web Beacons – Certain sections of our website and emails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit the Company, for example, to count users who have visited those pages or opened an email and for other related website statistics (for example, recording the popularity of a certain section and verifying system and server integrity).

Service Provider – In order to provide a full range of online financial services, we may use various third party providers. These third parties provide services such as: website hosting and account aggregation. Third party providers are referred to within this policy as “Service Providers”.

Information Collected on the Internet

As part of providing online financial products or services, we may obtain information about our customers and website visitors from the following sources:

• Information we receive from you on applications, emails, or other forms;
• Information about your transactions with this Institution and our affiliates;
• Information we receive from a consumer-reporting agency; and
• Information that is generated electronically when you visit our website or use our online financial services.

Service Providers hosting our website may collect general information on our website visitors for security and statistical purposes. Such information may include:

• The Internet address (referral site) which brought you to our web site;
• The date and time you access our site;
• The name and version of your web browser;
• Your Internet Protocol (IP) address;
• The pages visited in our website;
• The duration of your online session; and
• Email address.

Our Service Providers may use Cookies to collect some of the above information. In some cases you must accept cookies in order to view our website.

When you click on advertisements in our website or advertisements on linked third party web sites, you may receive another Cookie; however, you do not have to accept any Cookies from third party advertisements.

Use of Information Collected

• We may disclose the information that we collect, as described above, with Service Providers acting on our behalf to provide online financial services, marketing, or promotional services.
• We may share your information with Service Providers to monitor and analyze the use of our website. These third- party vendors collect, store, use, process and transfer information about your activity on our website in accordance with their Privacy Policies for direct marketing purposes.
• We may share your information with our affiliates, in which case we will require those affiliates to honor this Privacy Policy. Affiliates include our parent company and any other subsidiaries, joint venture partners or other companies that we control or that are under common control with us.
• We may also disclose Customer Information when required or permitted by law. For example, Customer Information may be disclosed in connection with a subpoena or similar legal process, fraud prevention, or security investigation.
• We may also share Customer Information outside this Institution when we have your consent, such as when you request a specific product like insurance or an investment product from a third party financial services provider.
• We may also disclose aggregate Customer Information with Service Providers or financial institutions that perform marketing and research services on our behalf and with whom we have joint marketing agreements. Our contracts require all such Service Providers/or financial institutions to protect the confidentiality of your Customer Information to the same extent that we must do.
• By submitting a form through our website, you agree to receive communication from Quaint Oak Bank and its affiliates via email, telephone, SMS, or other equivalent forms of electronic communication. We may use the information collected to contact you with marketing or promotional materials and other information that may be of interest to you. You may opt-out of receiving any, or all, of these communications from us by following the Unsubscribe link or instructions provided in any email we send or by contacting us.
• We may use your information for other purposes, such as data analysis, identifying usage trends, determining the effectiveness of our promotional campaigns and to evaluate and improve our products, services, marketing and your experience.
• We do not disclose any Customer Information about our customers, former customers, or website visitors to anyone, except as permitted or required by law.
• We do not sell any of your personal information.

Beware of Phishing Attempts and Internet Scams

While email is convenient and has a good business use, it can also be misused by criminals for scams and various other fraudulent purposes. “Phishing emails” are frequently used by criminals to entice the recipient to visit a fraudulent website where they try to convince the recipient to provide personal information, such as ATM card numbers, account numbers, Social Security numbers, access Ids and passcodes. Some of these fraudulent websites may also be virus laden and can be used to download mal-ware to your computer. Fraudulent websites often look identical to a legitimate site, so it’s important to look very closely at the website address.

Below we have listed a few tips to help protect your personal information on the Internet:

• Always be wary of links in emails, especially any links in emails purporting to be from this Institution.
• Please remember that if we send you an email, we will never ask for personal information such as your account number, ATM card number, PIN number, or social security number.
• Bookmark financial websites and use these bookmarks every time you visit the website.
• Whenever you enter personal information like your access ID or passcode, always look for the lock symbol, or https: in the address bar. Always click on the lock symbol and review the certificate details.
• Update your Internet browser! Most browsers now offer free anti-phishing tool bars that can help alert you of fraudulent websites.
• If you send us an email, please do not include any confidential, personal or sensitive information in the email message, as email messages are generally not secure. We do offer secure messaging and you may use this secure messaging feature if you need to send us sensitive or confidential information.
• Make sure that your computer always has up-to-date versions of both anti-spyware and anti-virus software.
• If you receive an e-mail that you think could be a scam, delete it immediately or forward the email to spam@uce.gov.
• If you have any questions about the legitimacy of an email, especially an email from this Institution, you can also call us at this number 866.795.4499 or forward the email to info@quaintoak.com.

External 3rd Party Links

Our website may include links to other third party web sites. These links to external third parties are offered as a courtesy and a convenience to our customers. When you visit these sites, you will leave our website and will be redirected to another site.

This Institution does not control linked third party web sites. We are not an agent for these third parties nor do we endorse or guarantee their products. We make no representation or warranty regarding the accuracy of the information contained in linked sites. We suggest that you always verify the information obtained from linked websites before acting upon this information. Also, please be aware that the security and privacy policies on these sites may be different from our policies, so please read third party privacy and security policies closely.

If you have questions or concerns about the privacy policies and practices of linked third parties, please review their websites and contact them directly. This privacy policy applies solely to the Customer Information collected by this Institution.

Security

This Institution and our Service Providers have developed strict policies and procedures to safeguard your Customer Information. Our policies require confidential treatment of your personal information. We restrict employee access to your personal information on a “need to know” basis and we take appropriate disciplinary measures to enforce employee privacy and confidentiality responsibilities. We have established training programs to educate our employees about the importance of customer privacy and to help ensure compliance with our policy requirements.

Furthermore, this Institution and our Service Providers maintain strong physical, electronic and procedural controls to protect against unauthorized access to customer information. Our computer systems are protected in the following ways:

• Computer anti-virus protection detects and prevents viruses from entering our website, email, and computer network systems.
• Firewalls and intrusion prevention systems block unauthorized access by individuals or networks.
• We use encryption technology, such as Secure Socket Layer (SSL), to protect the transmission of your confidential information. Encryption scrambles transferred data so it cannot be read by unauthorized parties.
• We use strong multi-level authentication and behavior analysis to help prevent unauthorized access to your accounts. Multi-level authentication can help prevent access by someone who may have stolen your login credentials.
• We provide secure email to help ensure that your communications with us are confidential.

We continually monitor technological advances and upgrade our systems to ensure your information remains secure.

Privacy of Children

COPPA, the Children’s Online Privacy Protection Act, protects children under the age of 13 from the collection of personal information on the Internet. This financial institution respects the privacy of children. We do not knowingly collect names, emails addresses, or any other personally identifiable information from children. We do not knowingly market to children, nor do we allow children under 13 to open online accounts.

Internet Privacy Policy Updates

This policy may be updated from time-to-time as new products and features may require changes to our Internet Privacy Policy. The effective date of our policy will always be clearly displayed. If we make any changes regarding the use or disclosure of your personal information, we will provide you prior notice and the opportunity to opt-out of such disclosure if required by law.