Our primary regulator is the Office of the Comptroller of the Currency (OCC). Should you have any questions we cannot adequately answer for you, you can contact the OCC here.
Digital Privacy & Cookies Policy | Online Banking Security Statement
Security Tips | Additional Resources
Date most recently updated: January 25, 2022
To the extent permitted by applicable law, by using a Site or interacting with a BankSouth advertisement or page or account on a third-party site, you consent to this Policy, including your consent to our use and disclosure of information about you in the manner described in this Policy.
Types of information
You may interact with us in a variety of ways online, including through a mobile device. We may offer sites or applications that permit browsing and do not require registration. We may also offer the ability to enroll, register or access your accounts online. Information that we may collect about you through online interaction includes information that you input, such as your name, address, email address, and other contact information; data resulting from your activity, such as transaction information and the pages you visit on Site; location information; and biometric information, such as facial recognition, for example, if you choose to enroll in facial recognition. We may also gather additional information, such as the type of device and browser you are using, the IP address of your device, information about your device’s operating system, and additional information associated with your device. We may also gather information collected through cookies, tags, and other technologies, as described further below.
About “cookies” and Ad Choices on third party sites
If you use multiple browsers or devices, information that we collect about you from one particular browser or device may be used to provide advertising or collect information on another browser or device. Information may also be transferred to a third party for advertising or information collection on behalf of BankSouth. Please note that your choice to opt out on a particular browser or device will apply only to the collection and use of information from that particular browser or device. Opting out on a particular device will not opt you out of information collection on other devices, nor will it limit cross-device sharing on those other devices. If you use different browsers on a device or multiple devices, for each browser and device you wish to opt out, please opt out each device and browser separately at http://www.aboutads.info/choices.
Industry standards are currently evolving, and we may not separately respond to or take any action with respect to a “do not track” configuration set in your internet browser.
You may be able to set your browser to reject browser cookies. However, if you set your browser options to disallow cookies, you will limit the functionality we can provide when you visit our Site including online banking features and options. The latest versions of internet browsers provide cookie management tools, such as the ability to delete or reject cookies or only retain cookies for a specific browsing session. We recommend that you refer to information supplied by browser providers for more specific information, including how to use these tools.
Cookies is a term also used to describe other locally stored objects, such as cookies stored in an Adobe folder on your device. These cookies will not be deleted when you clear cookies from your browser. We may use this technology for purposes such as information security and fraud prevention. We do not use this technology for online behavioral advertising purposes. Please refer to information provided by Adobe for information on how to disable and control Flash objects. If you choose those options, you may limit the functionality we can provide when you visit our Site.
We may also use additional technologies such as pixel tags, web beacons, and clear GIFs, and may permit our third-party service providers to use these technologies. We use these technologies for purposes such as measuring the effectiveness of our advertisements or other communications, determining viewing and response rates, and determining which offers to present to you on our own or on third party sites.
In addition to the uses described above, we use information for purposes as allowed by law such as: servicing; communicating with you; improving our Site, products, or services; legal compliance; risk control; information security; anti-fraud purposes; marketing or personalizing the presentation of our products and services to you; or tracking email access or website usage, such as number of hits, pages visited, and the length of user sessions in order to evaluate the usefulness of our sites. Location data collected in the background by the BankSouth Mobile Banking App is used to provide location-based messages, offers, and interactions if you have authorized that collection and use in the BankSouth Mobile Banking App and enabled location services on your mobile device.
We may share information with service providers with whom we work, such as data processors and companies that help us market products and services to you. When permitted or required by law, we may share information with additional third parties for purposes including response to legal process. As applicable, please see the additional privacy policies referenced above, such as the BankSouth Privacy Notice, for more information on how we may share information with affiliates and third parties.
Our Sites are not directed to children under the age of 13, and we do not knowingly collect personal information from such children.
If we make updates to this Policy, we will update the Policy with the changes and revise the “date of most recent update” posted at the top of this Policy. Any updates to the Policy become effective when we post the updates on the Site. To the extent permitted by applicable law, your use of the Site following the update to the Policy means that you accept the updated Policy.
The Online Banking System brings together a combination of industry-approved security technologies to protect data for the bank and for you, our customer. It features password-controlled system entry, a VeriSign-issued Digital ID for the bank’s server, Secure Sockets Layer (SSL) protocol for data encryption, a router loaded with a firewall to regulate the inflow and outflow of server traffic.
To begin a session with the Online Banking server, the user must key in a Log-in ID and a password. Our IBS system uses a “3 strikes and you’re out” lock-out mechanism to deter users from repeated login attempts. After three unsuccessful login attempts, the system locks the user out, requiring either a designated wait period or a phone call to the bank to verify the password before re-entry into the system. Upon successful login, the Digital ID from VeriSign, the experts in digital identification certificates, authenticates the user’s identity and establishes a secure session with that visitor.
Once the server session is established, the user and the server are in a secured environment. Because the server has been certified as a 128-bit secure server by VeriSign, data traveling between the user and the server is encrypted with Secure Sockets Layer (SSL) protocol. With SSL, data that travels between the Online Banking System and you is encrypted and can only be decrypted with the public and private key pair. In short, the Online Banking server issues a public key to the end user’s browser and creates a temporary private key. These two keys are the only combination possible for that session. When the session is complete, they keys expire and the whole process starts over when a new end user makes a server session. Whenever, SSL is securing your communications, the browser will typically indicate the “secure session” by changing the appearance of a small padlock icon at the bottom of the screen from “open” to “locked.” What this means to you is that your communications are scrambled from your browser to the Online Banking servers at all times, so no unauthorized party can read the information as it is carried over the Internet.
Requests must filter through a router and firewall before they are permitted to reach the server. A router, a piece of hardware, works in conjunction with the firewall, a piece of software, to block and direct traffic coming to the server. The configuration begins by disallowing ALL traffic and then opens holes only when necessary to process acceptable data requests, such as retrieving web pages or sending customer requests to the Online Banking System.
During your use of the IBS, the Online Banking System will pass a “cookie” to your browser to identify you. We do not (and cannot) use our cookies to obtain new information about you. A “cookie” is security data given to a browser by a web server and returned by the browser on subsequent transmissions to identify the user and encryption information. When you log onto the system, this cookie enables us to process multiple transactions during the session without you having to provide your Login ID and password for each individual transaction. After a predetermined amount of time set by our security system or when you log off, the session cookie is no longer accepted and the password must be re-entered. A new cookie is used for each session, so that no one can use the cookie to access your account. For Cash Management users, a cookie may also be used to restrict access to a specific PC for conducting business transactions.
Phishing is a form of e-mail fraud that criminals use to solicit your personal information to steal your identity. These fraudulent e-mails often bear the logo of legitimate businesses and even link to fake corporate websites. BankSouth will NEVER ask for your password or social security number in an e-mail or over the phone. If an e-mail asks for this information delete the email immediately and then run a virus scanner to protect your system.
Our Online Banking service has several effective security techniques that we encourage you to implement when using Online Banking: