Security Statement Our website brings together a combination of industry-approved security technologies to protect data for the bank and for you, our customer. It features a trusted digital certificate for the bank’s Internet Service Provider hosting our website, Secure Sockets Layer (SSL) or Transport Layer Security (TLS) protocol for data encryption and a router and firewall to regulate the inflow and outflow of server traffic. We recognize the importance of protecting the privacy of personally-identifying information that may be submitted to us when you visit our website. The information we receive depends on what you do when you visit our site. This is how we handle the information we learn about you from your visit to our website. If you visit our site to read or download information on our web pages such as press releases and information about available checking or savings accounts: We collect and store only the following information about you: name of the domain from which you access the Internet (for example, aol.com, if you are connecting from an America Online account, or a similar domain corresponding to your Internet Service Provider “ISP”); date and time you access our website; pages you may have visited on our site; and the internet address of the website from where you came to visit our website. We use the information we collect to measure the number of visitors to the different pages and sections of our site and to help us make our site more useful to visitors. If you visit our website to use interactive banking tools such as financial calculators: You may be asked for personal information in order to complete the requested analysis or evaluation. This information is not retained. If you identify yourself by sending an e-mail or filling forms such as applications, check reorder forms and contact forms: You may be asked for personally-identifying information in order to process your e-mail, form or application. This information may be retained by us and our business partners for processing and to facilitate decisions. Information you submit to us is treated no differently than any information you might provide in a written format such as a brochure application, reorder slip to order checks, or a letter. We protect and safeguard the privacy of users of our on-line services, just as we do throughout the rest of our business. We will use personal information to identify you, to communicate with you and to help us answer your questions. We will not sell personally-identifying information to a third party for the purpose of solicitation or provide personal information to a third party for its own use. You can help protect your privacy by using caution when disclosing your account numbers, social security numbers, etc. to other persons. If someone calls you and explains the call is on behalf of the bank and asks for your account number or any other identifying or account-related information, you should be aware; First New Mexico Bank, Las Cruces will never ask bank customers for personal information via email or phone. Anyone who receives an email or phone call that claims to be from First New Mexico Bank, Las Cruces and asks for account information should consider that contact to be a fraudulent attempt to obtain their personal account data and should not follow the instructions given. Secure Data Transfer Once a server session is established on an https secure page, the user and the server are in a secured environment. The site uses a certificate to verify its identity. This certificate also includes a public key which is used to encrypt all traffic between the server and a user's browser with the strongest form of encryption both sides understand. With this encryption, data that travels between the bank and customer is private and can only be decrypted with the public and private key pair. In short, the bank’s server issues a public key to the end user’s browser and creates a temporary private key. These two keys are the only combination possible for that session. When the session is complete, the keys expire and the whole process starts over when a new end user makes a server session. Router and Firewall Secure forms must filter through a router and firewall before they are permitted to reach the server. A router, a piece of hardware, works in conjunction with the firewall, a piece of software, to block and direct traffic coming to the server. The configuration begins by disallowing ALL traffic and then opens holes only when necessary to process acceptable data requests, such as retrieving web pages or sending customer requests to the bank. Using the above technologies and others, your activities on our webite are secure.