About Us Services Learning Center Contact Us Communications
Contact

Privacy Notice

Affidavit Regarding Part 1016 (Regulation P) and Part 748

Catalyst Corporate places a high priority on security, and utilizes security measures to protect not just nonpublic personal information, but all types of confidential information that it receives from its member credit unions.

Under Part 1016 (Regulation P) of the Consumer Financial Protection Bureau’s Regulations and Part 748 of the NCUA’s Regulations, Catalyst Corporate is deemed to be a “service provider” to its member credit unions. Catalyst Corporate is providing this Affidavit in order to assist member credit unions in their compliance with Part 1016 and Part 748. The Affidavit is written in general language so that member credit unions can utilize the Affidavit regardless of the level of complexity of their security programs.

Catalyst Corporate agrees not to use nonpublic personal information about any credit union’s members, or about any other person, for any purpose other than those purposes for which the credit union disclosed the information to Catalyst Corporate, including servicing and processing of transactions in the ordinary course of business.

Catalyst Corporate will utilize security measures that Catalyst Corporate deems to be appropriate for the protection of nonpublic personal information about credit union members and other persons, with particular attention to protection against unauthorized access to or unauthorized use of such information that could result in substantial harm or inconvenience to any credit union’s members or to any other person. Catalyst Corporate’s security program establishes standards for the protection of information assets. These standards are intended to be consistent with Part 748 of the NCUA rules and regulations. The program includes a data classification to protect information assets. In addition, Catalyst has a risk assessment process in place to evaluate risks, including security related risks.

Catalyst Corporate has an Incident Response Plan in place that provides guidance for our response if a security breach occurs. If an incident occurs that involves unauthorized access to or unauthorized use of nonpublic personal information about any credit union’s members or about any other person, Catalyst Corporate will take actions that Catalyst Corporate deems to be appropriate, including notification to the affected credit union as soon as possible of any such incident.

Catalyst Corporate will utilize security measures designed to accomplish the proper disposal of nonpublic personal information held by Catalyst Corporate. If immediate deletion or disposal of the nonpublic personal information held by Catalyst Corporate is not feasible, then until the date when deletion or disposal of the information occurs, Catalyst will continue to utilize security measures designed to protect the information against unauthorized access and against unauthorized use.

 

Contact


About Us Overview General Contact Information Business Hours & Holidays Calendar Employment