Mobile Banking Application Privacy Notice

This Mobile Banking Application Privacy Notice (the “Notice”) applies to users of the Journey Bank Mobile Banking Application (the “App” or the “application”).

For your convenience, Journey Bank offers you the ability to access some of our products and services through mobile banking applications. The mobile application requests access to information stored on your device such as location, camera, contacts, or other features you are enrolled in to enrich and simplify your own user experience and improve our services, as well as provide additional security to protect your account(s).

Journey Bank is committed to protecting your privacy. This policy in combination with other relevant privacy notices that we provide to you (e.g., pursuant to financial privacy laws), explains how we collect, use, disclose, and protect information when you visit or use this mobile banking app.

As you review this Mobile Banking Application Privacy Notice, it is important for you to understand that:

· Before granting access to this information, you will be prompted to give the application that permission.

· If you do not wish to grant that permission, you may decline.

· If you later change your mind, those permissions can be updated in your device's settings.

1. Agreement to Notice

By downloading the Journey Bank Mobile Banking Application on your mobile device, you consent to this Privacy Notice which includes your consent to disclose and use information about you in the manner detailed in this Notice.

2. Gathering, Using and Sharing: Information that we Collect

Information that we may collect about you through mobile banking includes information that you voluntarily disclose such as your name, address, phone number, email address, and other contact information; transaction information; information resulting from your mobile activity; and your location information. We may also gather additional information associated with your mobile device through cookies and other technologies as described below.

3. Types of Information Collected in the App

In addition to the personal information described above, we may collect certain information about your use of our online services. For example, we may capture the IP address of the device you use to connect to the online service, the type of operating system and browser you use, the parts of our

online service you access, navigation paths between pages or screens, information about your activity on a page or screen, access times, and duration of access.

We will collect the financial and transaction information necessary to provide you with the services in the App, including account numbers, payment card expiration date, payment card identification, verification numbers, and transaction and payment history.

We or our third-party partners may also use cookies; web beacons, also known as pixel tags or clear GIFs, which are used to demonstrate that a webpage or email was accessed or opened, or that certain content was viewed or clicked; or, additional technologies to collect and store other information about your visit to, or use of, our online services. In addition, we may later associate the usage and other information we collect online with personal information about you.

There may be certain information transmitted to us regarding your location when you request information through applications on your mobile device, such as your physical location when accessing the App. Location data we collect from your mobile device will assist us in mitigating against any potential breaches or unauthorized access to customer information.

4. Use of Information

We use the information discussed above in a number of ways, such as:

a. Processing transactions.

b. Verifying your identity (such as when you access your account information).

c. Preventing fraud and enhancing the security of your account or our online services.

d. App functionality and personalization.

e. Responding to your requests and communicating with you.

f. Complying with and enforcing applicable legal requirements, relevant industry standards, contractual obligations, and our policies.

5. Disclosure of Information

We disclose your personal information collected through your use of the Services as described below. Other than as described in this Privacy Notice in connection with the App, this Privacy Notice does not apply to the processing of your information by us or third parties with whom we share information.

6. Safeguards and Retention

Journey Bank implements reasonable administrative, technical, and physical measures in an effort to safeguard the information in our custody and control against theft, loss, and unauthorized access, use, modification, and disclosure. Our employees who have access to your non-public personal information are trained in the proper handling of your information. When your account information is transmitted via our services, it will be protected using encryption technology.

While we take steps to protect your nonpublic personal information and keep it secure, you also play a role in protecting your information. Transmission via the internet is not completely secure and we cannot guarantee the security of your information. You can help to maintain the security of your transactions by not sharing your Use ID and Password with anyone. User IDs and Passwords are used to help safeguard against unauthorized access to your information through the Mobile Banking App. Journey Bank recommends that you change your password every 180 days.

As an added layer of security, Journey Bank’s Mobile Banking App contains a strong login safeguard in the form of a phone call or text to retrieve a one-time secure code. This feature ensures that you are the person actually accessing your accounts online by contacting you at a number on file with the bank whenever your computer, tablet, or phone is not recognized. Any attempt to access your accounts from an unknown device triggers the security process. This secure code feature prevents logins by thieves who have stolen your login information. The banking term for this security is “out-of-band authentication,” and it is the strongest in the industry.

The application information is retained in accordance with state and federal record retention laws. Please contact us to determine specific timeframes for your personal stored information and if that information may be deleted.

7. Protecting Children's Privacy

The App is not designed nor intended to be attractive to use by children under the age of 18 ("Minors"). We do not knowingly collect information from or market to Minors.

8. Notice Updates and Effective Date

This Policy is subject to change and any changes to this Policy will become effective when posted on this App. Your use of the App following these changes means you accept the revised Notice.

9. Contact Us

If you have any questions regarding privacy while using the App, or have questions about our practices, you can write to us at Journey Bank, PO Box 240, Bloomsburg, PA 17815, call us at 570-784-1660 or 570-546-2211, or you can email us at [email protected].

You can also access the bank’s full Privacy Policy at: https://www.journeybank.com/privacy-policy