Skip to main content

California Consumer Privacy Policy

Effective Date: 1-1-2024  

OVERVIEW 

Thank you for visiting the Farm Credit Foundation for Agricultural Advancement (The Foundation) website and reading our California Consumer Privacy Policy (“California Privacy Notice”). This California Privacy Notice includes our notice at collection and our privacy policy pursuant to the California Consumer Privacy Act (“CCPA”).  We respect your privacy and are committed to protecting the information we collect for all customer and prospective customer interactions. Further, as a member of the Farm Credit System, we are subject to the confidentiality and privacy regulations of the Farm Credit Administration. This California Privacy Notice is designed to assist you in understanding how we collect, use, disclose and safeguard the personal information relating to California residents covered by the CCPA provided to us in using our website and the services provided through our website.  You can also view the Privacy Notice that pertains to non-California residents here. 

Under the CCPA, “Personal Information” is information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular California resident or household.  The CCPA does not apply to certain information, such as information collected, processed, sold or disclosed subject to the federal Farm Credit Act of 1971 (“Farm Credit Act”).  The specific Personal Information that we collect, use, and disclose relating to a California resident covered by the CCPA will vary based on our relationship or interaction with that individual.  For example, this California Privacy Notice does not apply with respect to Personal Information that we collect about California residents who apply for our products and services which are offered pursuant to the Farm Credit Act. 

DESCRIPTION OF THE PERSONAL INFORMATION WE COLLECT

The Foundation collects certain types of Personal Information in order to maintain and administer financial services, provide customer service, and offer new products and services that might be beneficial to you. The information collected likely identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household.  

The term “Personal Information” does not include publicly available information from government records, deidentified or aggregated consumer information, or other information specifically exempted by statute (such as health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and other sector-specific privacy laws (including the Fair Credit Reporting Act, the Gramm-Leach-Bliley Act, the California Financial Information Privacy Act, and the Driver’s Privacy Protection Act of 1994)).

In the past 12 months, we have collected each of the following categories of Personal Information relating to California residents covered by this California Privacy Notice:

  • Personal Identifiers: Identifiers such as a real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, social security number, driver’s license number, passport number, or other similar identifiers. 
  • Personal Information: Any personal information that identifies, relates to, describes, or is capable of being associated with, a particular individual, including, but not limited to, his or her name, signature, social security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information.
  • Commercial Information: Commercial information, including records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. 
  • Internet or online Information: Internet or other electronic network activity information, including, but not limited to, browsing history, search history, and information regarding a consumer’s interaction with an internet website application, or advertisement.
  • Geolocation data.
  • Audio and Visual Information: Audio, electronic, visual, thermal, olfactory, or similar information.
  • Employment Information: Professional or employment-related information.
  • Education Information: Education information, defined as information that is not publicly available personally identifiable information as defined in the Family Educational Rights and Privacy Act (20 U.S.C. Sec. 1232g; 34 C.F.R. Part 99).

 

  • Inferences: Inferences drawn from any of the personal information listed above to create a profile about a consumer reflecting the consumer’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.
  • Sensitive Personal Information: The following categories of Sensitive Personal Information:
    • Personal information that reveals:
      • A consumer’s account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account.
      • A consumer’s precise geolocation.

HOW WE COLLECT PERSONAL INFORMATION AND CATEGORIES OF SOURCES FROM WHICH PERSONAL INFORMATION IS COLLECTED

We collect the categories of Personal Information listed above both directly from you when you interact with us, indirectly from you as you interact with our website, and from third parties as further described below:

ANONYMOUS INFORMATION COLLECTED AND STORED AUTOMATICALLY 

We automatically collect general information anonymously (such as the type of browser you use, the file names you request, and the domain name from which you made your request) to improve our website and better meet your needs. When you visit our website, we collect information about your Internet connection. We use this information to help us make our site more useful to visitors and to learn about the number of visitors to our site and the types of technology our visitors use. We do not track or record Personally Identifiable Information about individuals and their visits or use targeted marketing or behavioral tracking technologies.  The information collected does not identify you personally.  When you visit our website, we automatically collect and store the following information about you:

  • The Internet domain you used to access our website (e.g., “xcompany.com”)
  • The IP address of the website from which you access our website (an IP address is a number automatically assigned to your computer when you are using the Internet)
  • The type of browser and operating system used to access our website
  • The month and day of the week you access our website
  • The pages you visit on this website
  • The time spent on the site and links you clicked on (if any)
  • The location of where you access our website
  • The address of any website from which you access our website

This information does not identify you personally and is automatically collected and stored through the use of cookies.  A cookie is a small amount of text sent from a website to your computer while visiting the site. The cookie is stored on your hard drive. We use discreet information stored in cookies in order to provide a customized user experience. However, you can set your web browser(s) to prevent cookies from being sent.  We collect aggregate data about our users through Google Analytics.  We use such aggregate demographic and general interest information to better understand our users so that we may provide better online services.  For additional information on how Google Analytics collects and processes data, please see www.google.com/policies/privacy/partners/ (“How Google Uses Information from Sites or Apps that Use Our Services”).

COOKIE USE

We use Google Analytics on this website, which may use cookies to determine location of visitors, browsers used, new/returning visitors, and other relevant information for a more seamless user experience.

INFORMATION THAT YOU PROVIDE DIRECTLY TO US

If you complete an interactive form or submit an email through our website, then your information will be used as described at the point of collection.  The information may be used or seen by the Foundation employees, but we do not give, sell, or transfer any personal information to third-parties unless required by law or for other permissible purposes as provided by law.  If you would like to provide information to us but are not comfortable doing so by email or web form, then you may contact us by calling (888) 339-3334 or by mail at 300 Winding Creek Blvd, Mechanicsburg PA 17050.  If you would like to transmit information that is more sensitive or personal, such as a Social Security number, credit card number, or bank account number, then you should only transmit such information by utilizing our secure email system, by postal mail, or by contacting us by telephone at the number provided above; such information should not be submitted through a non-secure means of communication (e.g., through our website contact form or a chat or message feature).

Through our website, we collect personally identifiable information (e.g., name, address, Social Security number) only if such information is specifically and knowingly provided by you.  We limit the use and collection of such information to that which is necessary to maintain and administer financial services, provide customer service, and offer new products and services that may be beneficial to you.  If you would like to be removed from our distribution list, then you may contact us at the telephone number or address provided above or by email at privacy@horizonfc.com.

INFORMATION RECEIVED FROM THIRD PARTIES

We may also receive your Personal Information from others in connection with your application and request for credit, such as credit bureaus, affiliates, or other companies, and we may receive information from Federal and State government databases in connection with your loan application or request for credit, including property and identity verification and eligibility to borrow. 

BUSINESS PURPOSE FOR COLLECTING THE PERSONAL INFORMATION

  • To complete the transaction for which you applied
  • To hire qualified candidates
  • To offer agricultural financial education, etc. 
  • To provide better online services for our customers and other users
  • To offer new products and services that may be beneficial to you
  • To comply with a legal obligation required by a regulatory entity

 

WHY WE USE OR DISCLOSE YOUR PERSONAL INFORMATION

We will not collect additional categories of Personal Information or use the Personal Information we collected for materially different, unrelated, or incompatible purposes without providing notice to you.

We do not use or disclose Sensitive Personal Information for purposes other than those set forth in Cal. Civ. Code § 1798.121(a).

DISCLOSURES OF PERSONAL INFORMATION FOR A BUSINESS PURPOSE.  

In the preceding twelve (12) month period, we have disclosed information within the following categories of Personal Information for a business purpose:

  • Personal Identifiers
  • Personal Information 
  • Commercial information
  • Internet or online information 
  • Geolocation data
  • Audio and Visual Information 
  • Employment Information 
  • Education information
  • Inferences
  • Sensitive Personal Information 

In the preceding twelve (12) month period, with respect to each category of Personal Information listed above we disclosed Personal Information to the following categories of third parties: Service Providers (such as technology service providers and financial service providers); attorneys, regulatory bodies; and loan participants.

  • We collect, use and disclose for our business purposes, Personal Information to allow for your application to be completed and evaluated, to hire qualified candidates, to offer agricultural financial education, provide a productive and pleasant online experience for you as the user and to comply with applicable Federal regulatory requirements or other laws.

 

SALES OF PERSONAL INFORMATION.

The Foundation does not sell to or share with any Third Parties (as defined under California Civil Code section 1798.140) any categories of Personal Information and has not sold or shared any Personal Information in the preceding twelve (12) months.  For purposes of this California Privacy Notice, “sold” means selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, Personal Information to a third party for monetary or other valuable consideration.

“Share” means sharing, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, Personal Information to a third party for cross-context behavioral advertising.

We do not knowingly collect, share or sell Personal Information of minors under 16 years of age.

THIRD-PARTY WEBSITE LINKS

We may periodically offer links to third-party websites. While we do our best to provide you with helpful, trustworthy resources, we cannot endorse, approve, or guarantee information, products, services, or recommendations provided at a third-party website. Because we may not always know when information on a linked website changes, we are not responsible for the content or accuracy of any third-party website. We will not be responsible for any loss or damage of any sort resulting from the use of a link on its website, nor will we be liable for any failure of products or services advertised or provided on these linked websites.

We offer links to you on an “as is” basis. When you visit a third-party website by using a link on our website, you will no longer be protected by our privacy statement or security practices. The data collection, use, and security practices of the linked website may differ from the practices of our website. You should familiarize yourself with the privacy statement and security practices of the linked website, as those are the policy and practices that will apply to your use of the linked website – not our policy and procedures.

The Foundation website provides a link for you to access the Whistleblower Hotline.  The link directs you to an entity that has an overlapping business purpose with the Foundation.

SECURITY AND INTRUSION DETECTION

We use industry standard data encryption to ensure the security of our systems and of any information that you provide us through this website. We employ software programs to monitor network traffic to identify unauthorized attempts to upload or change information, or otherwise cause damage. However, no security measure or modality of data transmission over the Internet is 100% secure. Although we strive to use commercially acceptable means to protect your Personal Information, we cannot guarantee absolute security. Unauthorized attempts to access, alter, or damage this website and our customers’ Personal Information are strictly prohibited and may subject wrongdoers to civil and criminal penalties under applicable law.

CHILDREN’S ONLINE PRIVACY PROTECTION ACT

Our website is not intended for children under the age of 13 and we do not knowingly collect, use, or disclose personal information from children under 13. If a parent or guardian becomes aware that his or her child has provided personal information without their consent, then he or she should promptly inform us through one of the methods described in the contact section below and we will use reasonable efforts to comply with the request. For more information about the Children’s Online Privacy Protection Act (COPPA), visit ftc.gov.

“DO NOT TRACK” SIGNALS

Some internet browsers incorporate a “Do Not Track” feature that signals to websites you visit that you do not want to have your online activity tracked.  Given that there is not a uniform way that browsers communicate the “Do Not Track” signal, the website does not currently interpret, respond to, or alter its practices when it receives “Do Not Track” signals.

CONSUMER REQUESTS: YOUR RIGHTS AND CHOICES ABOUT PERSONAL INFORMATION UNDER CALIFORNIA LAW

The CCPA provides California residents with specific rights regarding their Personal Information. If you are a California resident covered by the CPPA, this section describes your CCPA rights and how to exercise those rights by submitting a consumer request (“Consumer Request”).

ACCESS TO SPECIFIC INFORMATION AND DATA PORTABILITY RIGHTS

You have the right to request that the Foundation disclose certain or all of the following information to you about our collection and use of your Personal Information over the past twelve (12) months.  Once we receive a verifiable Consumer Request, we will be able to disclose to you any of the following information if we have it:

  • The categories of Personal Information we collected about you.
  • The categories of sources for the Personal Information we collected about you.
  • Our business or commercial purposes for collecting that Personal Information.
  • The categories of third parties to whom we disclosed that Personal Information for a business purpose.
  • The specific pieces of Personal Information we collected about you (also may be called a data portability request).

DELETION REQUEST RIGHTS

You have the right to request that we delete your Personal Information that we collected from and about you, subject to certain statutory exceptions.  Once we receive a verifiable Consumer Request, we will identify the Personal Information, confirm that you want that Personal Information deleted, and then delete (and direct our service providers to delete) your Personal Information from our records, unless an exception applies.

We may be unable to comply with, or may deny, your deletion request if retaining the Personal Information is necessary for us or our service provider(s) to:

  • Complete the transaction for which we collected the Personal Information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract(s) with you.
  • Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
  • Debug products to identify and repair errors that impair existing intended functionality.
  • Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
  • Comply with the California Electronic Communications Privacy Act (Cal. Pen. Code §§ 1546, et seq.)
  • Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.
  • Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us and that are compatible with the context in which you provided it..
  • Comply with a legal obligation.

CORRECTION OF INACCURATE PERSONAL INFORMATION

You have the right to request we correct inaccurate Personal Information we maintain about you.

OPT-OUT OF SALE RIGHTS

California residents have the right to direct a business that sells or shares (or may in the future sell or share) your Personal Information to stop selling or sharing your Personal Information and to refrain from doing so in the future. The Foundation does not and will not sell or share Personal Information as defined in the CCPA.

NON-DISCRIMINATION

You have the right not to receive discriminatory treatment for exercising your rights under the CCPA.  We will not take any of the following actions solely because you chose to exercise any of your legal rights under the CCPA regarding your Personal Information:

  • Deny you goods or services.
  • Charge you different prices or rates for goods or services, including through granting discounts or other benefits or imposing penalties.
  • Provide you a different level or quality of goods or services.
  • Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.

HOW TO EXERCISE YOUR RIGHTS AND SUBMIT A CONSUMER REQUEST

To exercise your access, data portability, correction and deletion rights, please submit a Consumer Request to the contact information below.  The Consumer Request must describe the request with sufficient detail that allows us to properly understand, evaluate and respond to it.  Please specify if your Consumer Request pertains to all specific pieces of your Personal Information, or only with respect to the categories of Personal Information.  We are not obligated to respond to a Consumer Request for access or data portability for the same consumer more than twice within a twelve (12) month period. 

HOW WE WILL VERIFY CONSUMER REQUESTS

Only you, or a natural person or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a Consumer Request related to your Personal Information.  To designate an authorized agent, we will ask you provide us with legal documentation (such as a power of attorney created pursuant to the California Probate Code) or do either of the following: (1) verify your own identity directly with us, (2) directly confirm with us that you provided the authorized agent permission to submit the request.

We reserve the right to require you to provide additional information to enable us to reasonably verify that you are the person about whom the Personal Information pertains in order to release the requested information to you (or your authorized agent).  If we are unable to verify your identity, we may be unable to provide you with information responsive to the request.

HOW WE WILL RESPOND TO CONSUMER REQUESTS

We will acknowledge receipt of your request within 10 days after its receipt. We endeavor to respond to verifiable Consumer Requests to correct inaccurate Personal Information or delete Personal Information within forty-five (45) days after receipt.  If we require more time (up to an additional 45 days), then we will inform you of the reason and extension in writing. Any disclosures we provide will cover the 12-month period preceding receipt of the Consumer Request (or longer period if requested and required to be provided under applicable law).  If we deny (or cannot comply with) the Consumer Request, we will explain why.  For data portability requests, we will select a format to provide your Personal Information that is readily useable and should allow you to transmit the information from one entity to another entity.  We do not charge a fee to process or respond to your Consumer Request unless such request is excessive, repetitive, or manifestly unfounded.  If we determine that the request warrants a fee, we will tell you why and provide you with a cost estimate before completing your request.

CONTACT FOR CONSUMER REQUESTS AND EXERCISE OF CCPA RIGHTS 

If you are a California resident and would like to exercise your CCPA rights, change your information, unsubscribe from an email subscription, then please just contact us in one of the following methods:

  • Click to Exercise Your CCPA Rights
  • Email: privacy@horizonfc.com
  • Telephone: (888) 339-3334
  • Mail:  300 Winding Creek Blvd, Mechanicsburg PA 17050
  • Attn: Privacy Response Team

QUESTIONS OR CONCERNS

You may contact us with questions or concerns about this California Privacy Notice and our information practices by:

  • Email: info@horizonfc.com
  • Telephone: (888) 339-3334

 

FRAUD PREVENTION AND SUSPICIOUS ACTIVITY

The Foundation website should never be accessed from a link provided by a third party. It should be accessed directly by typing the site name or URL into the address bar of the web browser or by using a “bookmark” specifically created to access the Foundation website.

The Foundation does not send email messages or make phone calls to request Personal Information such as account numbers, passwords, PIN numbers, Social Security numbers, or other Personal Information. Such requests are of a suspicious nature and should be reported immediately:

Customer Service - Reporting Suspicious Activity

Call (888) 339-3334 to report:

  • Suspicious or unauthorized transactions on your account  
  • Suspicious activity with online banking
  • Suspicious email or phone call received

Contact us immediately if you think your Personal Information or one of your Foundation accounts or services has been compromised. Have your account information and details about the suspected fraud available when you call.

CHANGES TO THIS CALIFORNIA PRIVACY NOTICE 

As the Foundation continues to improve the services, products and the features we provide, this policy is subject to change. 

By using the Foundation site and services, you signify your acceptance of this California Privacy Notice. If you do not agree or are not comfortable with any policy described in this California Privacy Notice, your only remedy is to discontinue use of the Foundation website. We reserve the right to modify this California Privacy Notice at any time. Your continued use of any portion of the Foundation site following notification or posting of such changes, will constitute your acceptance of those changes.

 

Notice at Collection

This notice explains the categories of Personal Information that we collect about residents of California and the business or commercial purposes for which we use such Personal Information.

Categories of Personal Information that We Collect:

We collect the following categories of Personal Information.  We do not sell or share Personal Information, including Sensitive Personal Information.

  • Identifiers such as a real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, social security number, driver’s license number, passport number, or other similar identifiers.
  • Any personal information that identifies, relates to, describes, or is capable of being associated with, a particular individual, including, but not limited to, his or her name, signature, social security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. 
  • Commercial information, including records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
  • Internet or other electronic network activity information, including, but not limited to, browsing history, search history, and information regarding a consumer’s interaction with an internet website application, or advertisement.
  • Geolocation data.
  • Audio, electronic, visual, thermal, olfactory, or similar information.
  • Professional or employment-related information.
  • Education information, defined as information that is not publicly available personally identifiable information as defined in the Family Educational Rights and Privacy Act (20 U.S.C. Sec. 1232g; 34 C.F.R. Part 99).
  • Inferences drawn from any of the personal information listed above to create a profile about a consumer reflecting the consumer’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.
  • The following categories of Sensitive Personal Information:
    • Personal information that reveals: A consumer’s account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account; A consumer’s precise geolocation.

Why we collect Personal Information and How We Use It

The business and commercial purposes for which we collect and use Personal Information depend on, among other things, our relationship or interaction with a specific California resident. Following are the purposes for which we collect and use Personal Information:

  • To complete the transaction for which you applied
  • To hire qualified candidates
  • To offer agricultural financial education, etc. 
  • To provide better online services for our customers and other users
  • To offer new products and services that may be beneficial to you
  • To comply with a legal obligation required by a regulatory entity
  • To support our everyday operations, including to meet risk, legal and compliance requirements

Information Retention

We will keep Personal Information no longer than necessary to fulfill the purposes described in this Notice at Collection.  In accordance with our records retention policy, we will destroy Personal Information after we are no longer required to retain it according to specific retention periods.  However, in some instances we may need to retain Personal Information beyond a specified retention period due to regulatory requirements or in response to a regulatory audit or other legal matter.

Privacy Policy

Our general business privacy policy is available for review or download by clicking Privacy & Security Policy.