Financial institutions choose how they share your personal information. Federal laws require financial companies to handle information about consumers securely and give consumers the right to limit some, but not all, sharing. Federal law also requires us to tell you how we collect, use, share, and protect your personal information. Please read this Policy carefully to understand how we manage customer data.
We collect, retain and utilize information about you:
- To operate our business and make products, services and other opportunities available;
- To create and verify your account and update and maintain your account profile; and
- To be in compliance with legal and regulatory requirements.
What Personal Information We Collect
We collect only the necessary personal information to enable us operate our business; to make products, services and other opportunities available to you; and to be in compliance with this Policy and with legal and regulatory requirements. We are the sole owners of the information collected on our website, through account usage, and through our business relationships with our customers.
If you choose to become a customer, we will request certain information about you, including personal information such as: your name, mailing and/or email address, bank information, Driver’s License, passport and/or other photographic identification, without which we cannot open your account. We may also obtain information from your transactions with us and other information for payment purposes, to provide our products and services, or to comply with legal requirements.
Federal law requires us to obtain, verify and record your personal information – such as your name, address and date of birth – in order to confirm your identity. We may share this information with our service providers in order to evaluate whether to maintain your account. The information provided by you and the results of the verification process will be retained by Commonwealth and/or our service providers, for the amount of time required by law, for audit and fraud prevention purposes.
Sources of Personal Information
Some of the information we collect is of a personal nonpublic nature. “Personal nonpublic information” means all personal information on applications to obtain financial services (account applications), account histories (transaction history) and the fact that an individual is or was a customer.
We collect this information from the following sources:
- Personal information provided to us in an Account application, such as your name, address, Social Security number, birth date, bank information, assets, and income;
- Personal information we obtain while verifying your identity, including credit reports and public records;
- Personal information resulting from Orders you submit, such as confirmations and ACH authorizations; and
- Information derived from navigation and usage of our website and online platform
How We Use Personal Information
We utilize your personal nonpublic information to:
- Comply with applicable laws and regulations, most notably anti-money laundering and counter-terrorism financing legislation;
- Conduct our business;
- Create and verify new account profiles;
- Develop and maintain existing account profiles;
- Maintain customer accounts and carry out customer-related requests;
- Conduct internal risk assessments and audits;
- Design new products/services or improve existing products/services;
- Understand your financial needs so that we can provide you with quality products and superior service; and
- Protect against fraud.
While some personal information may be collected over the telephone, if we ever record or monitor telephone calls, it is for use as evidence of business transactions, to ensure quality control and to improve internal training measures.
Disclosure of Personal Information
We do not share nonpublic personal information about our customers (present, former and potential) with anyone, except as required by law, or as follows:
- To any person when you authorize such disclosure;
- To computer services consultants and technicians or other security consultants, in order to ensure the confidentiality and security of customer records;
- To financial service providers or consultants to carry out requested services, and/or to protect against or prevent actual or potential fraud, unauthorized transactions, claims, or other liability;
- To independent auditors or consultants in order to carry out institutional risk control;
- To government or regulatory agencies, including self-regulatory organizations and to comply with a legal summons, court order, subpoena or a similar legal process, audit or investigation;
- To customer due diligence and investigations vendors;
- To swap data repositories; and
- To comply with any other laws or regulations.
All companies that act on our behalf are contractually obligated to keep information that we provide to them confidential, and use the information only to provide services we have asked them to perform for you and us.
We do not sell our customer information to anyone or any company. We do not share your information with non-affiliated third parties for their independent use. We may report the credit history of your transactions with us to the appropriate credit reporting agencies.
We do not disclose any nonpublic information about our customers or former customers to anyone other than in connection with the administration, processing and servicing of customer accounts as described above or to our accountants, attorneys and auditors or as otherwise permitted or required by law.
How We Protect Personal Information
We restrict access to information about you to those employees who need to know that information as part of their job responsibilities. We also educate our employees about the importance of confidentiality and customer privacy through standard operating procedures, special training programs, and our Code of Conduct. We take appropriate disciplinary measures to enforce employee privacy responsibilities.
We have developed precautions that comply with federal regulations to ensure the security and confidentiality of customer records and information, to guard against any anticipated threats or hazards to the security or integrity of such records, and to protect against unauthorized access to or use of such records or information which could result in substantial harm or inconvenience to our customers.
Commonwealth maintains strict information security procedures, including physical, electronic and procedural safeguards, to protect the confidentiality of your information. We will continue to test and update our technology to improve the protection of your information.
We protect your nonpublic personal information by:
- Restricting access to customer information to only those personnel for whom the information is necessary;
- Entering into written confidentiality/non-disclosure agreements with third party service providers for certain disclosures;
- Maintaining physical, electronic, and procedural safeguards that comply with the relevant laws and regulations; and
- Conducting an Information Security Training and Awareness training program to communicate and educate employees about information security policies and procedures in order to make them aware of their roles and responsibilities in safeguarding information resources.
Personal Information and Our Website
Commonwealth uses firewall barriers and digital certifications to maintain the security of your online session and information. We will not collect any non-public personal information about visitors to our website, unless information is provided it to us voluntarily or derived from website navigation and usage of the Commonwealth website and online platforms. Please note that by providing Commonwealth with non-public personal information, a customer or potential customer consents for us to use the data to conduct our business, to make available products and services that may be of interest to our customers and for the development of web statistics.
We have established procedures to keep your information current and complete. These procedures include responding to requests to correct inaccurate information in a timely manner. If you believe our customer records contain incorrect information about you, call us at 1-800-239-2389 or send an email to firstname.lastname@example.org.
Data Privacy For European Union Residents