Montecito Bank & Trust is committed to protecting the privacy and security of your information

Last updated January 11, 2021

This Online Privacy Policy describes how Montecito Bank & Trust (the "Bank") collects and uses information from or about you through its Internet banking interfaces (e.g. website or mobile application) owned and controlled by the Bank.

Our Consumer Privacy Policy describes our information sharing practices and your choices in limiting that sharing.

Personal Information We Collect Online

Personal Information means personally identifiable information such as name, address, telephone number, taxpayer identification number, or account numbers. We collect this information online when you complete one of our online forms, surveys, applications or other online fields that request this type of information:

  • To respond to your inquiries and fulfill your requests
  • To send you important information regarding our online site ("Sites"), changes to our terms, conditions, and policies and/or other administrative information
  • To send you marketing communications that we believe may be of interest to you
  • To personalize your experience on the Sites by presenting products and offers tailored to you
  • To allow you to apply for one of our products and evaluate your eligibility for such a product
  • To verify your identity and/or location in order to allow access to your accounts, conduct online transactions and to maintain measures aimed at preventing fraud and protecting the security of account and Personal Information
  • To allow you to participate in surveys, sweepstakes, contests and similar promotions and to administer these activities. Some of these activities have additional rules, which could contain additional information about how we use and disclose Personal Information
  • For our business purposes, such as data analysis, audits, developing new products, enhancing our Sites, improving our services, identifying usage trends and determining the effectiveness of our promotional campaigns
  • For risk control, to comply with laws and regulations and to comply with other legal process and law enforcement requirements.

Other Information We Collect Online

Other Information is any information other than Personal Information that does not reveal your specific identity or does not directly relate to an individual, such as:

  • Browser information
  • Information collected through cookies, pixel tags and other technologies
  • Aggregated and De-identified data

Other Information We Collect Through Email

Other Information is any information other than Personal Information that does not reveal your specific identity or does not directly relate to an individual, such as:

  • Browser information
  • Information collected through cookies, pixel tags and other technologies
  • Aggregated and De-identified data

How We Collect and Use Other Information

We and our third-party service providers may collect and use Other Information in a variety of ways, including:

  • Through your browser: Certain information is collected by most browsers, device type, screen resolution, operating system version and internet browser type and version. We use this information to ensure that our Sites function properly and for security purposes.
  • Using cookies: Cookies are pieces of information stored directly on the device you are using. Cookies we use do not contain or capture unencrypted Personal Information. Cookies allow us to collect information such as browser type, time spent on the Sites, pages visited, and language preferences. We use the information for security purposes, to facilitate navigation, to display information more effectively, to personalize your experience while visiting the Sites, and to recognize your device to allow your use of our online products. We also gather statistical information about the usage of the Sites in order to continually improve the design and functionality, to monitor responses to our advertisements, to understand how customers use the Sites and to assist us with resolving questions regarding the Sites.
  • You can refuse to accept these cookies and most devices and browsers offer their own privacy settings for cookies. You will need to manage your cookie settings for each device and browser you use. However, if you do not accept these cookies, you may experience some inconvenience in your use of the Sites and some online products. For example, we will not be able to recognize your device and you will need to answer a challenge question each time you log on.
  • Using pixel tags, web beacons, clear GIFs or other technologies: These may be used in connection with some Site pages, downloadable mobile applications and HTML-formatted email messages to measure the effectiveness of our communications, the success of our marketing campaigns, compile statistics about usage and response rates, and to assist us in resolving customers' questions regarding use of our Sites.
  • IP Address: Your IP Address is a number that is automatically assigned to the device that you are using by your Internet Service Provider (ISP). An IP Address is identified and logged automatically in our server log files whenever a user visits the Sites, along with the time of the visit and the page(s) that were visited. Collecting IP Addresses is standard practice on the internet and is done automatically by many web sites. We use IP Addresses for purposes such as calculating Site usage levels, helping diagnose server problems, and administering the Sites.
  • Aggregated and De-identified Data: Aggregated and De-identified Data is data that the bank may create or compile from various sources, including accounts and transactions. This information, which does not identify individual customers, is used by the bank for its business purposes, which may include offering products or services, research, marketing or analyzing market trends, and other purposes consistent with applicable laws.
  • We may collect information regarding your mobile device such as device settings, unique device identifiers, information about your location, and analytical information that may assist with diagnostics and performance. For your convenience, you may be asked to grant permission for access to your mobile device's geolocation data. This information may be collected when you use certain services that are dependent on your mobile device’s location (such as the location of an ATM or in store transactions).

Social Media Sites

The Bank provides experiences on social media platforms, such as Facebook®, that enable online sharing and collaboration among users who have registered to use them. Any content you post, such as pictures, information, opinions, or any Personal Information that you make available to other participants on these social platforms, is subject to the Terms of Use and Privacy Policies of those platforms. Please refer to them to better understand your rights and obligations with regard to such content.

Online Banking

Montecito Bank & Trust safeguards your personal information online by using Secure Socket Layer (SSL) technology to encrypt your personal information such as User Ids, Passwords, and account information over the internet. As a security measure, you may access your account information online from our website only if you have registered with Montecito Bank & Trust online banking. For more information on the security of our online banking solutions, visit our Online Demos & Customer Education page where you will find user guides about this and other topics.

Protecting Children's Privacy Online

The Site is not directed to individuals under the age of thirteen (13), and we request that these individuals do not provide Personal Information through the Site. We do not knowingly collect information from children under 13 without parental consent. For more information about the Children's Online Privacy Protection Act (COPPA), visit the Federal Trade Commission website.

Updates to this Privacy Policy

This Online Privacy Policy is subject to change. Please review it periodically. If we make changes to the Online Privacy Policy, we will revise the "Last Updated" date at the top of this Notice. Any changes to this Notice will become effective when we post the revised Notice on the Sites. Your use of the Sites following these changes means that you accept the revised Notice.

Last Updated: January 1, 2020

California Consumer Privacy Act Notice

Your privacy is important to us. This California Consumer Privacy Act Disclosure explains how Montecito Bank & Trust’s ( “we,” or “us”) collect, use, and disclose personal information relating to California residents covered by the California Consumer Privacy Act of 2018 (“CCPA”). This notice is provided pursuant to the CCPA.


Under the CCPA, “Personal Information” is information that identifies, relates to, or could reasonable be linked directly or indirectly with a particular California resident. The CCPA, however, does not apply to certain information, such as information subject to the Gramm-Leach-Bliley Act (“GLBA”).

The specific Personal Information that we collect, use, and disclose relating to a California resident covered by the CCPA will vary based on our relationship or interaction with that individual. For example, this Disclosure does not apply with respect to information that we collect about California residents who apply for or obtain our financial products and services for personal, family, or household purposes; or to information that we collect about California residents for business-to-business communications purposes.

Keeping Personal Information secure is one of our most important priorities. Consistent with our obligations under applicable laws and regulations, we maintain physical, technical, electronic, procedural, and organizational safeguards and security measures that are designed to protect personal data against accidental, unlawful, or unauthorized destruction, loss, alteration, disclosure, or access, whether it is processed by us or elsewhere.

Collection and Disclosure of Personal Information

We collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device (“personal information”). In particular, we have collected the following categories of personal information relating to California residents within the last twelve (12) months:

  • Identifiers, such as name and government-issued identifier (e.g., Social Security number, legal first name, last name, etc.);
  • Personal information, as defined in the California safeguards law, such as contact information and financial information (email address, current address, phone number, date of birth);
  • Characteristics of protected classifications under California or federal law, such as sex and marital status, or beneficiary information;
  • Commercial information, such as transaction information and purchase history;
  • Internet or network activity information, such as browsing history and interactions with our website;
  • Geolocation data, such as device location and Internet Protocol (IP) location;
  • Audio, electronic, visual and similar information, such as call and video recordings; and
  • Professional or employment-related information, such as work history and prior employer.

The categories of sources from whom we collected this Personal Information are:

  • Directly from a California resident or the individual’s representatives
  • Service Providers, Consumer Data Resellers and other third parties
  • Public Record Sources (Federal, State or Local Government Sources)

The categories of third parties to whom we disclosed Personal Information for our business purposes described in this privacy disclosure are:

  • Vendors and Service Providers who provide services such as website hosting, data analysis, payment processing, order fulfillment, information technology and related infrastructure, customer service, email delivery, auditing, marketing and marketing research activities
  • Partners and Third Parties who provide services such as payment, banking and communication infrastructure, storage, legal expertise, tax expertise, notaries and auditors, who promote the bank and its financial services and products to customers and other prospective buyers
  • Government Agencies as required by laws and regulations

Sale of Personal Information

In the past 12 months, we have not sold Personal Information subject to the CCPA, including Personal Information of minors under the age of 16. For purposes of this Disclosure, sold means the disclosure of Personal Information to a third-party for monetary or other valuable consideration.

Your Rights under the CCPA

If you are a California resident, you have the right to:

  • Request we disclose to you, free of charge, the following information covering the 12 months preceding your request;
    • the categories of Personal Information we have collected about you;
    • the categories of sources from which the Personal Information was collected;
    • the purpose for collecting Personal Information about you;
    • the categories of third parties to whom we disclosed Personal Information about you and the categories of Personal Information that was disclosed (if applicable) and the purpose for disclosing the Personal Information about you; and
    • the specific pieces of Personal Information we have collected about you.
  • Request we delete Personal Information we collected from you, unless the CCPA recognizes an exception; and
  • Be free from unlawful discrimination for exercising your rights under the CCPA.

We will acknowledge receipt of your request and advise you how long we expect it will take to respond if we are able to verify your identity. Requests for specific pieces of Personal Information will require additional information to verify your identity. If you submit a request on behalf of another person, we may require proof of authorization and verification of identity directly from the person for whom you are submitting a request.

In some instances, we may not be able to honor your request. For example, we will not honor your request if we cannot verify your identity or if we cannot verify that you have the authority to make a request on behalf of another individual. Additionally, we will not honor your request where an exception applies, such as where the disclosure of Personal Information would adversely affect the rights and freedoms of another consumer or where the Personal Information that we maintain about you is not subject to the CCPA’s access or deletion rights.

We will advise you in our response if we are not able to honor your request. We will not provide social security numbers, driver’s license numbers or government issued identification numbers, financial account numbers, health care or medical identification numbers, account passwords or security questions and answers, or any specific pieces of information if the disclosure presents the possibility of unauthorized access that could result in identity theft or fraud or unreasonable risk to data or systems and network security.

We will work to process all verified requests within 45 days pursuant to the CCPA. If we need an extension for up to an additional 45 days in order to process your request, we will provide you with an explanation for the delay.

How to Exercise Your Rights

If you are a California resident, to exercise the rights described above, please submit a verifiable consumer request to us by either:

Changes to This Disclosure

This Disclosure is subject to change. Please review it periodically. If we make changes to this Disclosure, we will revise the “Last Updated” date at the top of this Disclosure.

Questions or Concerns

You may contact us with questions or concerns about this Disclosure and our practices by:

Phone: 805-963-7511 or 800-348-0146

Email: [email protected]

Montecito Bank & Trust
Attn: Risk and Compliance
P.O. Box 2460
Santa Barbara, CA 93120