Safeguarding Your and Your Customers' Privacy
Noticeably the information obtained and stored by Citicorp Trust Bank, fsb ("Citi Retail Services") from our forms - your name, email address, phone number, and any other personal and financial information you provide - may be considered private and personal. Safeguarding this information is Citi Retail Services utmost priority, a non-negotiable promise from us to you.

If you submit your customers’ loan applications to us via this website , we will be obtaining personal and financial information regarding your customers (our loan applicants). So, to maintain our commitment to privacy, Citi Retail Services adheres strictly to this Privacy Promise of consumer information. In essence, this means:

.	We will not reveal personal or financial information to other organizations unless we are authorized to do so, or required by law.
.	We will not sell such information under any circumstances.
.	Your name, email address, phone number, and other personal and financial information are secured at this site and cannot be accessed by anyone, including any unauthorized Citi Retail Services employee. Citi Retail Services uses the latest security technology, Secure Socket Layer (SSL) to protect information and transmissions between you and Citi Retail Services.

To review Citigroup’s Privacy Promise for Consumers, as it relates to information we obtain from loan applicants and customers, click here . Upon request, you may print and provide a copy to any loan applicant.

Physical Security
Citi Retail Services has retained the most secure environment available at a third-party site, where security personnel monitor the system 24 hours a day and access to servers requires multiple levels of authentication.

Citi Retail Services secure network infrastructure includes the following components:

·	Firewalls
·	Intrusion detection
·	Private addressing
·	Sanitized systems
·	SSL

Firewalls
All access to the application network must go through these firewalls. Additional firewalls are used to secure access to the Citi Retail Services database from the application servers.

Intrusion Detection
Citi Retail Services entire production network is monitored and policed for intrusion attempts 24x7.

Private Addressing
Citi Retail Services application network uses private IP addressing, which protects servers that do not require access to the Internet.

Sanitized Systems
The machines on the Citi Retail Services network run only the minimum set of services required to operate Citi Retail Services applications.

SSL
To provide additional assurance of the privacy and security of personal information during Internet transfers, we use the SSL (Secure Sockets Layer) protocol that is built into most Web browsers.

Secure Sockets Layer 3.0 provides a way to verify that you are in fact logging on to our server and not a site that is impersonating our server. Our server sends the public key to your browser program before you log on with us. SSL lets you verify the identity of a server by viewing the site's certificate. A certificate is a way of associating a public key to a name. You can be sure you are logged on to our server by viewing our certificate through your browser program. This can be seen on the first page of the on-line application or login screen.

Once SSL has authenticated the server, your browser and our server will establish a secret symmetric key. This symmetric key allows your browser and our server to exchange encrypted data and is valid for a single session only. If you log out and later come back to our web site, your browser and our server will negotiate a different symmetric key automatically. The symmetric key protects all of your communications with us. Citi Retail Services employs VeriSign technology to provide this service, and is recognized as a VeriSign Secure Site.

Audits and Inspections
Citi Retail Services security infrastructure is regularly audited and inspected by industry-leading firms that specialize in security processes and technologies.

Click here to learn more about P3P.