Privacy Policy
Totem Technologies, Inc. (“Totem” or “we” or “us” or “Company”) deposit accounts are issued by First Pryority Bank, Member FDIC. Below are Privacy Notices and Policies applicable to your Totem account from Totem Technologies, Inc. and First Pryority Bank.
Gramm Leach Bliley Act (GLBA) Privacy Notice
FACTS
WHAT DOES TOTEM TECHNOLOGIES, INC. (“Totem”) DO WITH YOUR PERSONAL INFORMATION?
Why?
Financial companies choose how they share your personal information. Federal law gives consumers the right to limit some but not all sharing. Federal law also requires us to tell you how we collect, share, and protect your personal information. Please read this notice carefully to understand what we do.
What?
The types of personal information we collect and share depend on the product or service you have with us. This information can include:
Social security number
Income
Account balances and transaction history
Payment history
Employment information
Checking account information
When you are no longer a Totem customer, we continue to share your information as described in this notice.
How?
All financial companies need to share customer personal information to run their everyday business. In the section below, we list the reasons financial companies can share the personal information of their customers, the reasons Totem chooses to share, and whether you can limit this sharing.
Reasons We Can Share your Personal Information
For our everyday business purposes – such as to process your transactions, maintain your account(s), respond to court orders and legal investigations, or report to credit bureaus
Does Totem Share? Yes
Can You Limit This Sharing? No
For our marketing purposes – to offer our products and services to you
Does Totem Share? Yes
Can You Limit This Sharing? No
For joint marketing with other financial companies
Does Totem Share? Yes
Can You Limit This Sharing? No
For our affiliates’ everyday business purposes – information about your transactions and experiences
Does Totem Share? No
Can You Limit This Sharing? We don’t share
For our affiliates’ everyday business purposes – information about your creditworthiness
Does Totem Share? No
Can You Limit This Sharing? We don’t share
For our affiliates to market to you
Does Totem Share? No
Can You Limit This Sharing? We don’t share
For nonaffiliates to market to you
Does Totem Share? No
Can You Limit This Sharing? We don’t share
To Limit Our Sharing: Call +1 888 426 0895
Please note: If you are a new customer, we can begin sharing your information 30 days from the date we sent this notice. If you’re an existing customer and have opted out previously, you don’t need to update your privacy choices again. When you are no longer our customer, we continue to share your information as described in this notice. However, you can contact us at any time to limit our sharing using the details above.
Questions? Contact us at +1 888 426 0895 or email us at help@mytotem.app
Who We Are
Who is providing this Notice?
Totem Technologies, Inc.
What We Do
How does Totem protect my personal information?
To protect your personal information from unauthorized access and use, we use security measures that comply with federal law. These measures include computer safeguards and secured files and buildings. We restrict access to your personal information to our employees who need to know that information to provide your products and services.
How does Totem collect my personal information?
We collect your personal information, for example, when you:
Open an account or deposit money
Pay your bills
Use your Totem Card for purchases
Provide account information
Provide employment information
Request or transfer funds
We also collect your personal information from others, such as credit bureaus, affiliates and other companies.
Why can’t I limit all sharing?
Federal law gives you the right to limit only:
Sharing for everyday business purposes of our affiliates
Sharing for affiliates to market to you
Sharing for nonaffiliates to market to you
State laws and individual companies may give you additional rights to limit sharing. See below for more on your rights under state law.
Definitions
Affiliates: Companies related by common ownership or control. They can be financial and nonfinancial companies. Affiliates could include an affiliated retailer or an affiliated financial company
Non-affiliates: Companies not related by common ownership or control. They can be financial and nonfinancial companies. Non-affiliates could include tax preparation companies, insurance companies, direct marketing companies and banks.
Joint Marketing: A formal agreement between non-affiliated financial companies that together market financial products or services to you. Joint marketing partners could include financial service companies, such as banks, insurance providers, investment companies, securities broker-dealers and credit card companies.
Other Important Information
Call Monitoring and Recording: If you communicate with us by telephone, we may monitor or record the call.
Rights Under State Law: You may have privacy rights under various state laws. We will comply with these laws to the extent they apply.
For California Residents: We will not share information we collect about you with nonaffiliated third parties, except as permitted by law, including, for example, with your consent or to service your account.
Totem Privacy Policy
This Privacy Policy (“Policy”) has been adopted by Totem Technologies, Inc. (“Totem” or collectively “we” or “our” or “us”) to affirm its commitment to compliance with the applicable privacy provisions of the Gramm-Leach-Bliley Act (GLBA) as implemented by Regulation P (Privacy), and other applicable privacy laws and regulations. It is the policy of Totem to protect consumer and customer Personally Identifiable Information (PII), or any information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household. Examples of PII could include, but are not limited to full name, social security number, passport number, bank account information, credit card number, or driver’s license number. PII is also known as Non-Personal Public Information (NPI).
This Policy outlines the regulatory requirements and provides guidelines on Totem’s privacy practices, including how Totem collects, uses, and discloses your information. Totem takes all necessary steps to safeguard private information that has been provided by its consumers. This Policy outlines Totem’s practice regarding use of PII for consumers, those consumers who become our customers, and former customers.
Information Collection, Use, and Sharing
See below for ways in which Totem may collect, use, and share information.
Information Collection - Totem collects, retains, and uses information for the purpose of providing financial solutions and administering account relationships. We collect information from applications or other forms, which may include but is not limited to surveys and questionnaires. We may also collect information about transactions, information through cookies, and information we receive from consumer reporting agencies.
Use of Information - Totem uses personal information in ways that align with the purposes for which it was originally requested and collected. For example, Totem uses information to process customer requests and transactions, provide additional information about products and services, or to evaluate financial needs. Totem collects and uses information to administer our business and deliver quality service. This may include advising consumers and customers about our products or services, those of our affiliates and our business partners, and other opportunities Totem believes may be of interest to our customers.
Information Sharing - The primary federal regulation governing the collection, use and disclosure of customer information is Regulation P. As required by Regulation P, Totem provides the required Notice to bank customers and consumers. The Notice is provided at account opening and as changes occur.
Sharing with Totem's Third-Party Service Providers and Joint Marketers - Totem uses third-party service providers to assist with providing quality products and services to our customers. We may share the customer information we collect with third parties to facilitate the offering, administration, collection, and delivery of products and services under controlled circumstances designed to protect the privacy of our customers. We require third parties to comply with applicable laws and regulations as well as our requirements regarding security and confidentiality of such information.
There may also be occasions where we are legally required to disclose information about our customers, such as in response to a subpoena, to prevent fraud, or to comply with a legally permitted inquiry by a government agency or federal regulator.
Sharing with Totem Affiliates
Fair Credit Reporting Act (FCRA) permits Totem to share customer transaction information (i.e., number of monthly deposits made) and experience information (such as account balance) as well as information obtained from our customers.
Fair and Accurate Credit Transactions Act (FACTA) Section 214 provides consumers with the ability to limit the circumstances by which an affiliated institution may use certain information received from another affiliate to market to the consumer.
A customer can request that their information is not shared with the affiliates of Totem.
Information We Get from Others
We may also collect information from other sources. These sources include but are not limited to the following:
Banks and Financial Institutions: You may choose to link a bank account to add money to an account, receive a direct deposit, or other related services. When you link a bank account we receive financial information related to that account, including your account balance, and may also receive transaction history and information about the account owner. The amount of information we receive depends on your financial institution's own privacy policy. We use third-party bank account verification providers, such as Plaid Inc. (“Plaid”), to connect your Totem Account with your bank account(s). Plaid’s use of your personal information is governed by Plaid’s Privacy Policy.
Service Providers and Linked Account Data: We use third-party service providers to perform services for us, including to help us process and authorize your payments and to facilitate ownership of account transfers. By using our Services, you are authorizing us and our third-party service provider(s) to take actions on our behalf such as debiting your account using your selected payment method when you initiate such action.
Credit Reference Agencies: We use these services that may provide information related to your credit file, such as your credit score, credit inquiries, and payment history.
Social Media: When you interact with our Services through social media networks, we may receive information about you that you permit the social media network to share. The data we receive is dependent upon your privacy settings within the social media network.
Job Applicant-related Third Parties: we may receive personal information from job applicant-related third parties, such as job application platforms, your current employer, references, background check providers and recruiters.
Publicly Available Sources: We may also collect personal information from publicly available sources to, for example, contact you if we are otherwise unable to reach you, or, to send advertising or promotional materials or to personalize our Services.
Information Automatically Collected
Some information is automatically collected. This includes but may not be limited to the following:
Information about you and your computer or mobile device such as your hardware model, operating system info, unique device identifier, mobile network information, device performance information, and information about the device’s interaction with our Services. Note that the Totem App may periodically recollect this information in order to stay up to date. You can review and change permissions for some information the Totem App has access to in your device privacy settings.
Transaction data, when you use our Services, including if you give us access to collect your financial data from your other accounts, for example payments into and out of such accounts including the date, time, amount, merchant or beneficiary details, or ATMs associated with the transaction.
Usage data, including the electronic path you take to our Services, through our Services and when exiting our Services, as well as your activity information on our services.
Location information. We use your information to protect against fraud. If you have location services in the Totem App enabled, we may track your geolocation and your IP address. You can withdraw your consent at any time by disabling location permission for the Totem App within your device settings. We may use third-party providers to help provide location-based services through mobile systems and we may make information available to such providers to enable them to provide their location-based services, provided that such third-party providers may use the information only in accordance with this Privacy Policy.
Sharing Personal Information
We may share personal information with our affiliates, subsidiaries, or entities that share a common ownership in Totem, partners, other Totem App customers designated by you for the purposes of customer referrals or managing shared pockets, and to third-party service providers for purposes such as risk detection and prevention, customer service, email delivery and other similar services.
We may also be required to share personal information in the event of a corporate restructuring (e.g., merger, sale, joint venture, or other disposition) or when we deem it necessary or appropriate to:
Comply with applicable laws, including disclosing information to fraud prevention agencies
Comply with lawful requests and legal process, including to respond to requests from public and government authorities to meet national security or law enforcement requirements
Enforce our Privacy Policy
Protect the rights, privacy, safety, or property of you, Totem, or others
We may also share anonymized or de-identified aggregate information (this means information that is no longer personal information because it is no longer attributable to a specific individual) with third parties to help deliver products, services, and content that are tailored to the users of the Totem App and for other purposes. We may also disclose personal information about an individual to certain other third parties or publicly with their consent or direction.
Third-Party Online Advertising & Cookies
Advertising - We participate in interest-based advertising and use third party advertising companies to serve you targeted advertisements based on your browsing history. We permit third party online advertising networks, social media companies and other third-party services, to collect information about your use of our online services over time so that they may play or display ads on our Services, on other websites or services you may use, and on other devices you may use. Typically, though not always, the information used for interest-based advertising is collected through tracking technologies, such as cookies, web beacons, embedded scripts, location-identifying technologies, and similar technology, which recognize the device you are using and collect information, including clickstream information, browser type, time and date you visited the Totem App, AdID, precise geolocation and other information. We may share a common account identifier (such as a hashed email address or user ID) with our third-party advertising partners to help identify you across devices. We and our third-party partners use this information to make the advertisements you see online more relevant to your interests, as well as to provide advertising-related services such as reporting, attribution, analytics and market research. We may also use services provided by third parties (such as social media platforms) to serve targeted ads to you and others on such platforms. We may do this by providing a hashed version of your email address or other information to the platform provider.
Social Media Widgets and Advertising - Totem may use social media platforms like Instagram, Facebook, Twitter, and LinkedIn. We may display targeted advertising to you through these social media platforms. These companies have interest-based advertising programs that allow us to direct advertisements while those users are on the social media platform. We may share a unique identifier, such as a user ID or hashed email address, with these platform providers or they may collect information from our website visitors through a first-party pixel. These activities are governed by the privacy policies of those social media companies that provide them.
Third Party Partners - We may use third-party analytics on our Services. For example, we use Google Analytics to better understand how you interact with our Services. The information we obtain through our Services may be disclosed to or collected directly by these third parties. To learn more, see Google Analytics.
Cookies - We and our third-party partners may also use cookies and tracking technologies for advertising purposes. Totem uses various technologies to collect information, and this may include sending cookies to your computer or mobile device. “Cookies” are small text files that are stored on your device or hardware by a website. Cookies can be stored on your computer for different periods of time. Some cookies expire after a certain amount of time, or upon logging out (session cookies), others survive after your browser is closed until a defined expiration date set in the cookie (as determined by the third party placing it), and help recognize your computer when you open your browser and browse the Internet again (persistent cookies). For more details on cookies please visit All About Cookies (https://www.allaboutcookies.org/).
On most web browsers, you will find a “help” section on the toolbar. Please refer to this section for information on how to receive a notification when you are receiving a new cookie and how to turn cookies off. Please refer to this section for guidance on how to modify your web browser’s settings. Please note that if you limit the ability of websites to set cookies, you may be unable to access certain parts of the Site and you may not be able to benefit from the full functionality of the Site.
Advertising networks may use cookies to collect Personal Information. Most advertising networks offer you a way to opt out of targeted advertising. If you would like to find out more information, please visit the Network Advertising Initiative’s online resources at http://www.networkadvertising.org and follow the opt-out instructions there.
If you access the Site on your mobile device, you may not be able to control tracking technologies through the settings.
Email Pixels - We use pixels in our email campaigns that allow us to collect your email and IP address as well as the date and time you open an email or click on any links in the email.
Analytics - We may also use analytics tools such as Google Analytics to collect information regarding visitor behavior and visitor demographics on our Site and develop website content. This data is not tied to any Personal Information. For more information on how Google uses this data, go to www.google.com/policies/privacy/partners/. You can opt out of Google’s collection and Processing of data generated by your use of the Site by going to http://tools.google.com/dlpage/gaoptout.
Online Tracking and “Do Not Track” Signals - We and our third party service providers, including Facebook, may use cookies, pixels, or other tracking technologies to collect information about your browsing activities over time and across different websites following your use of the Site and use that information to send targeted advertisements. Our Site currently does not respond to “Do Not Track” (“DNT”) signals and operates as described in this Privacy Policy whether or not a DNT signal is received. If we do respond to DNT signals in the future, we will update this Privacy Policy to describe how we do so
Control Over Your Information
You always have the ability to control the way your information is used. Below are some ways to manage your information with Totem.
Updating your Information - Once you have registered for an Account, you may be able to update or correct your profile information details and preferences by accessing your account settings through the Totem App, or by contacting us at help@mytotem.app or write to us at: Totem Technologies, Inc., PO Box 33188, Tulsa ok 74133-3188
Deactivating your Account - We do not delete information about you upon deactivation of your Account. Although your deactivated status is reflected promptly in our user databases, we may retain the information you submit for a variety of purposes, including legal compliance, backups and archiving, prevention of fraud and abuse, and analytics. Upon deactivation, you will no longer receive emails from Totem and links to third-party financial accounts and services will automatically terminate. If you have a money transfer transaction pending at the time you deactivate your account, your link to this service from Totem will terminate but your pending transfer will continue to completion and your bank account will remain open.
Correcting Credit Reports - Information related to your creditworthiness is maintained by the credit bureaus. If you find that there is an error or you want to dispute the information found in your credit report, please contact the credit reporting bureaus: Experian, Transunion, and Equifax.
Opting-Out of Certain Online Ads - To learn more about interest-based advertising and how you may be able to opt-out of some of this advertising, you can visit the Digital Advertising Alliance (DAA) and/or the Network Advertising Initiative’s (NAI) at www.aboutads.info/choices or http://www.networkadvertising.org/choices/. You may also be able to limit interest-based advertising through the settings menu on your mobile device by selecting “limit ad tracking” (iOS) or “opt-out of interest-based ads” (Android). You may also be able to opt-out of some — but not all — interest-based advertising served by mobile ad networks by visiting http://youradchoices.com/appchoices and downloading the mobile AppChoices app. Please note: When you opt out of receiving interest-based advertisements, this does not mean you will no longer see advertisements from us. It means that the online ads that you see from DAA program participants should not be based on your interests. We are not responsible for the effectiveness of, or compliance with, any third-parties’ opt-out options or programs or the accuracy of their statements. In addition, third parties may still use cookies to collect information about your use of our online services, including for analytics and fraud prevention as well as any other purpose permitted under the DAA’s Principles.
GLBA-Covered Data - OurGLBA Privacy Notice (scroll to top) provides information about how you can limit your sharing options for our financial services and GLBA-covered data.
Applicable State Laws
Applicable state laws must be taken into consideration when marketing to customers via a third party. For example, Vermont and California state laws prohibit financial institutions from sharing customer PII unless the customer takes affirmative action authorizing the institution to do so. Therefore, customers with Vermont or California addresses must be removed from campaigns that involve information sharing with unaffiliated third parties under the Regulation P joint marketing agreement exception.
California Consumer Privacy Act (CCPA) covers California residents about whom Totem has collected personal information (PI) from and is applicable to any business that collects and stores PII of California residents, regardless of if the business is located in California. For purposes of this section the term “personal information” means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular California consumer/resident or household. Personal information does not include information that has been de-identified or that does not fall within the above definition of personal information.
As a consumer financial services company, Totem has developed and implemented privacy and security controls to protect your personal information and comply with United States federal law, including but not limited to the Gramm-Leach-Bliley Act and the Fair Credit Reporting Act. As such, most of the personal information about you that we may collect and use is exempt from the CCPA.
California Privacy Rights
Under the California Consumer Privacy Act, California residents, subject to certain limitations and exceptions, have the right to:
Right to Know- The right to request the following information from us about our use of your personal information:
The specific pieces of personal information we have collected about you
The categories of personal information that we have collected about you
The categories of sources from which your personal information was collected
The business or commercial purpose for collecting or selling your personal information
The categories of third parties with whom we may share personal information
Right to Delete - You have the right to request the deletion of your personal information that is collected or maintained by us.
Right to Opt-Out of Sale - You have the right to opt-out of the sale of your personal information by us. We do not sell personal information.
Right to Non-Discrimination -You have the right to not receive discriminatory treatment by us for the exercise of the privacy rights described above.
In some instances, we may not be able to honor your request. For example, we will not honor your request if we cannot verify your identity or if we cannot verify that you have the authority to make a request on behalf of another individual. Additionally, we will not honor your request where an exception applies, such as where the disclosure of personal information would adversely affect the rights and freedoms of another consumer or where the personal information that we maintain about you is not subject to your rights under the CCPA.
We will advise you in our response if we are unable to honor your request. Additionally, if you request access to the specific pieces of personal information we have collected about you, we will not provide social security numbers, driver’s license numbers or government issued identification numbers, financial account numbers, account passwords or security questions and answers, or any other specific pieces of information if the disclosure presents the possibility of unauthorized access that could result in identity theft, fraud, or unreasonable risk to data, systems, and network security.
How to Exercise Your Rights under the CCPA
If you are a California resident, you may make a request to exercise your rights under the CCPA by either of the following methods:
Submitting a request via email to help@mytotem.app, or
Calling us at +1 888 426 0895.
Children Online Privacy Protection Act (COPPA) is a federal law that imposes specific requirements on operators of websites and online services to protect the privacy of children under 13. It is Totem’s policy NOT to (i) sell any customer or consumer PII to third parties, and (ii) collect PII from individuals under the age of 13, as defined by COPPA (Children Online Privacy Protection Act), and under the age of 16 (per the CCPA). The Totem App is not directed to, and we do not intend to, or knowingly, collect or solicit personal information from children under the age of 13. If you believe that a child under age 13 may have provided us with personal information without parental consent, please contact us.
Vermont State Law - Totem does not share information of customers with a Vermont address with affiliated companies.
Privacy and Opt-Out Notice - Our customers provide private information to Totem during daily business, and we are committed to treating such information responsibly. Our customers expect privacy and security for their banking and financial affairs. To that end, we provide the Privacy and Opt-Out Notice (Notice) to all consumers at account opening, enrollment for a new service, if there are changes to our privacy practices, and annually thereafter, if required by law.
Reporting Unauthorized Disclosure of Personal Information
The trust of our customers is Totem’s most valuable asset. When an unauthorized disclosure of PII occurs, how Totem responds and communicates to customers and regulatory agencies can be the difference between a potential compliance penalty or action lawsuit and an opportunity to reinforce our commitment to care.
The negative impact of an information breach can create reputational risk and cause noncompliance with laws and regulations. Incidents may include any situation in which customer personal, financial or health information or records (whether in paper, electronic, or other form that is maintained by or on behalf of Totem) may potentially be lost, misdirected, or in any way accessed by unauthorized individuals or parties. Any incidents or suspected incidents involving data security and disclosure of customer information should be reported immediately to the IT Department and/or Senior Management in accordance with the Information Security Policy’s standards and associated procedures. Totem’s unaffiliated third-party service providers are instructed to report all unauthorized access to, and disclosure of, any customer information.