Privacy & Security
Bryn Mawr Bank Corporation
Bryn Mawr Bank Corporation has been committed to protecting the privacy of our customers’ personal information for more than a century. We greatly respect your privacy and we value the trust that you have placed in us to handle your financial matters and your information responsibly. With the rapid advances in technology and the manner in which information is collected and transferred, many consumers have been concerned about the proper collection and dissemination of their personal information. We welcome this opportunity to tell you about the kinds of information we have in our safekeeping and how we use that information to serve you. Please read our policy below to learn more about the ways we protect your privacy.
Thank you for banking with us. If you have any questions regarding our privacy practices, please contact the BMBC Compliance Officer, at 610-581-4981.
You can download Adobe Acrobat Reader here.
To ensure that information remains confidential, BMBC uses encryption technology on our website to transmit information between you and us.
Regular Internet e-mail is not secure. You should use regular Internet e-mail to provide only information that is non-sensitive and non-confidential. We ask that you do not provide personal or account information through e-mail. You may also contact us by telephone, U. S. mail, or by visiting any of our banking offices.
Gathering and Using Information Online
BMBC collects and uses the information you provide us online only to respond to your needs, service your accounts and provide you with information about our other services.
Respecting the Privacy of Children
We do not knowingly market to, or solicit information from, children under the age of thirteen (13) without parental consent. We recognize that protecting the identities and privacy of children online is important and that the responsibility to do so rests with both the online industry and with parents.
Linking to Other Sites
This website may contain links to third-party sites that you may find useful. If you choose to link to websites not controlled by BMBC, we are not responsible for the privacy or security of those sites, including the accuracy, completeness, reliability or suitability of their information. If you are asked to provide information on one of those websites, we strongly urge that you first study carefully their Privacy Policies.
Taking Individual Responsibility for Protecting Personal Information
Although BMBC works to protect your privacy, you also play a role in protecting your personal information. To help safeguard your personal information, we suggest the following:
- Do not share your ID or password with anyone.
- Change your password regularly.
- Remember to sign off once you have submitted an application for a product or service online, or have completed a secure online session.
- Only provide your Access ID when your browser indicates an encrypted connection, such as Secure Socket Layer (SSL), directly to BMBC’s website or to another site you have investigated and trust fully.
Aggregation sites are Internet sites that allow you to consolidate account information from several sources on one site. To do this, an aggregation provider may request access to your personal financial information. You should ensure that the aggregator company has appropriate policies to protect the privacy and security of any information you provide or to which they are gaining access, and that you trust the aggregator company. In addition, BMBC can assign a unique, non-transactional login ID and password that will limit an aggregator company’s access to your account information. We strongly urge you to take advantage of this service. To do so, please contact our Customer Service Center at 610-525-1700. Our representatives are available Monday through Friday, from 7:30 a.m. to 6:00 p.m.
If you provide information about your BMBC accounts to an aggregator company, we consider that you have authorized all transactions initiated by that aggregation site, which is using access information you have provided, whether or not you were aware of a specific transaction.
If you decide to revoke the authority you have given an aggregator company, it is important that you notify us to ensure that you can continue to access your account. In addition, we strongly encourage you to change your password once you have revoked the authority you have given to an aggregator company. You may do so directly within the Internet PC Banking product and your change will be effective immediately.
Keeping your account information accurate and up to date is very important to us. We provide you with access to your account information through various means such as account statements, telephone banking, and online banking. If you ever believe that your account information is incomplete, inaccurate or not current, please call us or write to us at the telephone number or address listed on your account statement, Bank records, or other documentation. We will update or correct any erroneous information promptly.
If you have comments and/or questions, or to obtain any updates to this Policy, please call us at 610-581-4981.
This Internet Banking System brings together a combination of industry-approved security technologies to protect data for the bank and for you, our customer. It features password-controlled system entry, a Symantec-issued Digital ID for the bank’s server, Secure Sockets Layer (SSL) protocol for data encryption, and a router loaded with a firewall to regulate the inflow and outflow of server traffic.
Secure Access and Verifying User Authenticity
To begin a session with the bank’s server the user must key in a Login ID and a password. Our system, the Internet Banking System, uses a “3 strikes and you’re out” lock-out mechanism to deter users from repeated login attempts. After three unsuccessful login attempts, the system locks the user out, requiring either a designated wait period or a phone call to the bank to verify the password before re-entry into the system. Upon successful login, the Digital ID from Symantec, the experts in digital identification certificates, authenticates the user’s identity and establishes a secure session with that visitor
Secure Data Transfer
Once the server session is established, the user and the server are in a secured environment. Because the server has been certified as a 256-bit secure server by Symantec, data traveling between the user and the server is encrypted with Secure Sockets Layer (SSL) protocol. With SSL, data that travels between the bank and customer is encrypted and can only be decrypted with the public and private key pair. In short, the bank’s server issues a public key to the end user’s browser and creates a temporary private key. These two keys are the only combination possible for that session. When the session is complete, the keys expire and the whole process starts over when a new end user makes a server session.
If you have comments and questions or to obtain any updates to this Policy, please call us at 610-581-4981.