Last Updated: May 20, 2016
We take the security of your information seriously and have adopted this Security Policy which outlines the physical, electronic and operational policies and practices we have implemented to safeguard your personal and sensitive information.
Among other security procedures, we equip our servers with Secure Socket Layer (SSL) certificate technology that is designed to ensure that all data entered into the Site is encrypted. To verify that SSL is being used, look for the key or padlock icon on your browser. For further encryption protection, we use a 128-bit secure browser for logins and transactions. We also subject our systems to periodic security audits.
We store all sensitive financial information, including Social Security numbers and bank account numbers in one or more secure data centers that adhere to SSAE 16 standards. Physical access to the data center is strictly controlled. We also use threat prevention technologies including firewall, VPN, antivirus, Web filtering and anti-spam technologies.
We employ session time-outs to help protect your account. You will be logged out of the Site automatically after a specified period of inactivity. This time-out feature reduces the risk of others being able to access your account if you leave your computer unattended.
When we contact you about your account, we reference only the last four digits of your account number. We do this for your protection so that you will recognize the source or destination account as one you own.
We will never ask for your password as a means of identifying yourself and you should never share your password with anyone. If you ever receive an email purporting to come from BorrowersFirst that asks for your password, you should not respond. Instead, you should immediately report such an email to minimize the risk of fraud or other unauthorized access to your account.
Although BorrowersFirst has a careful process in place to prevent criminals from using stolen identities to acquire loans, there are times when identity theft occurs. BorrowersFirst will cooperate with law enforcement authorities to track down and prosecute persons who have committed identity theft.
In addition to our efforts, you can take several precautions to protect the security of your computer and personal information. For instance, you can start by using a well-chosen password. You should avoid using any information that others can easily learn about you, such as a family member’s name or birthday. You can also use special characters in place of letters. We further recommend that you change your password frequently.
You should install and regularly update antivirus and firewall software to protect your computer from external attacks by malicious users. When you are finished with a session on our Site, be sure to log out and close the browser window.
To protect your account, we send automatic notifications confirming certain actions taken on your account, such as changes to a password or an external linked account. However, the security offered through these notifications can be undermined if other people have access to your email account. Therefore, you should not permit anyone else to access the email account you registered with on the Site.
If you use a computer that is accessed by other people, such as in a public library or Internet cafe, we recommend that you take special precautions to protect the security of your account and personal data. When you are finished using our Site, you should log out completely, then close the browser window and clear the browser’s cache files.
You should also be aware of fraudulent attempts to gain access to your account information known as "phishing." Phishing is a tactic used by scammers in which unsuspecting people are brought to a website by a genuine-looking email purporting to be from a legitimate company. The phony or "spoof" email takes the person to a website that looks legitimate but in fact is not. Either in the email itself or on this fake website, scammers will ask for login information to gain access to people’s accounts and withdraw their money. BorrowersFirst will never ask you for your login information in the context of any email. In general, you can protect yourself against phishing by never providing personal or login information via an email—instead, go the website directly. You might also make it a habit to check the URL of a website to be sure that it begins with the correct domain. In the case of BorrowersFirst, you should always ensure the URL begins with http://www.borrowersfirst.com or https://www.borrowersfirst.com.
If we make changes to this security policy, we will update the “last updated” date posted at the top of this security policy. Any changes become effective when we post the updates on the Site.
For additional information, or if you have any questions regarding this Security Policy, please contact us at firstname.lastname@example.org.
You can also send questions or comments to:
Attn: Compliance Department
P.O. Box 163207
Austin, Texas 78716
BorrowersFirst loans are unsecured, personal loans made by Cross River Bank, a New Jersey State chartered bank, Member FDIC. Eligibility for a loan is not guaranteed. To receive a loan, you must be a US citizen or permanent resident and at least 18 years old (or 19 years old in Alabama). At this time, we do not accept loan applications from residents of Colorado, Connecticut, Hawaii, Idaho, Iowa, Mississippi, Nevada, New York, Vermont, West Virginia, or Wisconsin.