Digital Banking Privacy Statement
Digital Banking Privacy Statement
First National Bank North
Digital Banking Privacy Statement
Last Updated: January 2026
This Digital Banking Privacy Policy (“Policy”) describes how First National Bank North (“FNB North,” “we,” “us,” or “our”) and our service providers collect, use, disclose, and protect information when you use our Digital Banking Services through (1) our online banking website or web portal and (2) our mobile banking application (the “App”). This Policy is intended to be used as a single, consistent policy for both platforms.
This Policy supplements (and does not replace) the Bank’s Gramm-Leach-Bliley Act (GLBA) / Regulation P customer privacy notice (the “GLBA Privacy Notice”), which explains how we collect and share nonpublic personal information (“NPI”) in connection with our financial products and services and any applicable opt-out rights.
1. Scope and Applicability
This Policy applies to information collected in connection with the Digital Banking Services described below. It does not apply to: (a) information collected offline (for example, at a branch) except where specifically stated; (b) information collected on third-party websites or apps that you access via links; or (c) information collected by third parties that are not acting as our service providers.
2. Definitions
For purposes of this Policy:
- “Digital Banking Services” means the online and mobile services we make available to allow you to access eligible accounts, view balances and transactions, transfer funds, pay bills, deposit checks, manage cards, receive alerts, and perform related banking functions.
- “Online Banking Services” means Digital Banking Services accessed through an Internet browser via our website or secure web portal (the “Web Portal” or “Website”).
- “Mobile App” or “App” means our mobile banking application provided for iOS and Android devices (including any updates).
- “Services” refers collectively to the Online Banking Services and the Mobile App.
- “Nonpublic Personal Information” or “NPI” has the meaning provided under GLBA/Regulation P and generally includes personally identifiable financial information about an individual customer that is not publicly available.
3. Information We Collect
We may collect information from and about you in the following ways:
3.1 Information you provide to us (Web and Mobile)
- Identifiers and contact details (e.g., name, mailing address, email address, phone number).
- Authentication and account access information (e.g., username, password, security questions/answers, multifactor authentication tokens or codes).
- Financial and transaction information necessary to provide Services (e.g., account numbers, transaction history, payee/biller information, debit/credit card details such as expiration date and verification values, and payment history).
- Communications (e.g., messages you send through secure messaging, chat, email, or phone; and information you provide when requesting support).
3.2 Information from third parties (Web and Mobile)
- Identity verification and fraud prevention information from service providers.
- Credit reporting information or other consumer reporting information, as permitted by law and as applicable to the Services you use.
- Information from payment networks, core processors, or other banking partners to process transactions and provide requested Services.
3.3 Information collected automatically via technology
When you use the Services, we and our service providers may automatically collect certain information, which may differ depending on whether you are using the Website/Web Portal or the Mobile App.
A. Website / Web Portal (Online Banking Services)
- Device and browser data (e.g., browser type, operating system, device type, language settings, screen resolution).
- Network and log data (e.g., IP address, access times, pages viewed, referring/exit pages, clickstream data, error logs).
- Session and security data (e.g., login timestamps, session identifiers, security events, and risk signals used for fraud prevention).
- Cookies and similar technologies (see Section 6) used for security, site functionality, preferences, and analytics.
B. Mobile App
- Device data (e.g., device manufacturer and model, operating system version, device identifiers, mobile carrier, network type, language settings).
- App usage and diagnostics (e.g., app screens viewed, feature usage, crash logs, performance data).
- Mobile security and risk data (e.g., device integrity or risk signals used to detect fraud, including indicators of compromised devices).
- Push notification tokens (if you enable push notifications) used to deliver security or account alerts.
- Geolocation (only if you enable location services and consent when prompted). If enabled, the App may collect location data, including when the App is closed or not in use, to support features such as fraud prevention and security controls. You can disable location sharing in your device settings.
C. Both Web and Mobile
- Account activity and transaction metadata necessary to provide the Services.
- Security monitoring data (e.g., attempts to authenticate, device/browser changes, and suspicious activity indicators) used to protect you and the Bank.
4. How We Use Information
We use information for the following purposes (as applicable):
- Provide, operate, and maintain the Services (including verifying your identity, processing transactions, and enabling features you request).
- Authenticate users and secure access to accounts, systems, and data; detect, prevent, and investigate fraud, unauthorized activity, and cybersecurity incidents.
- Personalize and improve user experience (e.g., remembering preferences and improving performance).
- Respond to inquiries and provide customer support.
- Comply with applicable laws, regulations, and legal process; enforce agreements; and protect the rights and safety of customers, the Bank, and others.
- Create de-identified or aggregated data for analytics and service improvement, where permitted.
5. How We Share Information
We share information only as permitted by law and consistent with our GLBA Privacy Notice. In connection with Digital Banking Services, we may share information:
- With service providers that perform services on our behalf (e.g., core processing, online and mobile banking platform providers, fraud detection, check deposit processing, customer support, hosting, and analytics) subject to contractual confidentiality and security requirements.
- To process transactions you request or authorize (e.g., bill pay, transfers, card controls, mobile check deposit).
- With joint marketing partners, if applicable, as described in our GLBA Privacy Notice.
- With government authorities, regulators, law enforcement, or other parties when required or permitted by law or legal process, or to protect rights and prevent harm.
- In connection with a corporate transaction (e.g., merger, acquisition, or asset sale) subject to applicable law and confidentiality protections.
We do not sell your NPI. If we engage in online analytics or measurement services that involve third-party cookies or similar technologies, those uses are described in Section 6 and are intended for security, functionality, and service improvement (not for selling personal data).
6. Cookies, Website Tracking, and Similar Technologies (Website / Web Portal)
Cookies are small text files stored on your device that help websites function and remember information. We may use the following types of cookies and similar technologies in connection with the Website/Web Portal:
- Strictly Necessary Cookies: Used to enable core site functionality and security (e.g., session management, authentication, and fraud prevention).
- Preference Cookies: Used to remember your settings and preferences.
- Analytics Cookies: Used to understand how customers use our Website/Web Portal so we can improve performance and user experience. [If applicable: identify analytics providers, e.g., “Google Analytics.”]
- Web beacons/pixels: Used to help understand whether pages or emails were accessed or opened, where permitted.
Your cookie choices: You can control cookies through your browser settings. If you block or delete certain cookies, some parts of the Website/Web Portal may not function properly (for example, you may not be able to stay signed in).
Do Not Track (DNT): Some browsers transmit “Do Not Track” signals. There is no uniform standard for responding to DNT signals. At this time, we do not respond to DNT signals.
7. Mobile-Specific Features and Permissions (Mobile App)
The Mobile App may request access to certain device features to provide functionality you choose to use. For example:
- Camera: for mobile check deposit or document capture.
- Biometrics (Face ID / Touch ID): to enable convenient sign-in if you turn it on.
- Notifications: to deliver account alerts and security messages.
- Location Services: if you enable location, it may be used for fraud detection and security controls.
You can manage these permissions in your device settings. If you disable a permission, related features may not be available.
8. Security
We maintain administrative, technical, and physical safeguards designed to protect information used in connection with the Services. These safeguards may include encryption in transit, access controls, monitoring and logging, and authentication controls (such as multi-factor authentication for certain activities). No method of transmission over the Internet or method of electronic storage is 100% secure, and we cannot guarantee absolute security.
9. Retention
We retain information for as long as necessary to provide the Services, comply with legal and regulatory requirements, resolve disputes, enforce agreements, and for legitimate business purposes. Retention periods vary depending on the type of information and why we collected it.
10. Links to Other Sites
The Services may contain links to third-party websites or applications. We are not responsible for the privacy practices of those third parties. We encourage you to review the privacy policies of any third-party site or app you visit.
11. Your Choices
- Account information: You can review and update certain information through the Services or by contacting us.
- Marketing communications: You may opt out of marketing emails by using the unsubscribe link in the email or by contacting us. Certain service-related or security communications are necessary and cannot be opted out of.
- SMS/text messages (if applicable): You can opt out by following the instructions in the message or by updating your preferences, where available.
- Location tracking (Mobile App): You can disable location sharing through your device settings; some security-related features may be impacted.
- Cookies (Website/Web Portal): You can manage cookies through your browser settings. Blocking cookies may affect functionality.
12. Children’s Privacy
The Services are not directed to children, and we do not knowingly collect personal information from children under the age of 13. If we learn that we have collected personal information from a child under 13, we will take steps to delete it as required by applicable law.
13. Changes to This Policy
We may update this Policy from time to time. If we make material changes, we will post a notice within the Services or otherwise provide notice as required by law. The “Last Updated” date at the top of this Policy indicates when it was last revised.
14. Contact Us
If you have questions about this Policy or our Digital Banking privacy practices, please contact us:
First National Bank North
PO Box 520
600 Minnesota Ave West
Walker, MN 56484
Email: bank*AT*fnbnorth.com
Phone: (218) 547-1160
15. GLBA Privacy Notice
For information about how we share nonpublic personal information under GLBA/Regulation P, including any applicable opt-out rights, please review our GLBA Privacy Notice available at: https://fnbnorth.com/privacy-notice/ or request a copy at any branch or by contacting us.
Exceptional In-Person and Online Banking Services



