FDIC Insured. Backed but the full faith and credit of the U.S. Government =
  1. Home
  2. California Consumer Privacy Act (CCPA) Privacy Notice and Policy

California Consumer Privacy Act (CCPA) Privacy Notice and Policy

Rev. 01/2026

We are required to provide California residents with a comprehensive description of our online and offline privacy policy and practices regarding the collection, use, disclosure, and retention of your personal information (our "Information Practices"); to inform you of your rights regarding your personal information; and to provide you with any information necessary for you to exercise those rights.

Your Rights Regarding Your Personal Information

  1. Right to Know. You have the right to know the personal information that we collect, use, and disclose about you, including the categories of personal information; the categories of sources from which the personal information is collected; the business or commercial purpose for collecting personal information; the categories of third parties to whom we disclose personal information; and the specific pieces of personal information that we have collected about you. Subject to certain exceptions, we will provide you with all of your personal information that we have collected or maintained. This will include any personal information that our service providers or contractors have collected pursuant to their written contract with us.
  2. Right to Delete. You have the right to request us to delete any personal information that we have collected about you. Subject to certain exceptions, we will delete the personal information that we have collected about you from our records, and we will direct any service provider or contractor to delete your personal information from their records.
  3. Right to Correct. You have the right to request us to correct any inaccurate personal information that we maintain about you. Subject to certain exceptions, we will correct the personal information that we maintain about you on our existing system, and we will direct any service provider or contractor that maintain the personal information at issue pursuant to their written contract with us to make the necessary corrections on their systems.
  4. Right to Not Receive Discriminatory Treatment. You have the right to not be retaliated against for exercising privacy rights conferred by the California Consumer Privacy Act ("CCPA"), including when a consumer is an applicant to an educational program, a job applicant, a student, an employee, or an independent contractor. A price or service difference is discriminatory and prohibited if we treat you differently because you exercised a right conferred by the CCPA or its issuing regulations. A price or service difference is non-discriminatory if it is reasonably related to the value of your data.

Types of Personal Information

Collected Personal Information

Categories of Personal Information. We collected the following categories of personal information in the preceding 12 months:

  • Identifiers such as a real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, social security number, driver's license number, passport number, or other similar identifiers
  • Any information that identifies, relates to, describes, or is capable of being associated with, a particular individual, including, but not limited to, his or her name, signature, social security number, physical characteristics or description, address, telephone number, passport number, driver's license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information.
  • Characteristics of protected classifications under California or federal law
  • Commercial information, including records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies
  • Biometric Information
  • Internet or other electronic network activity information, including, but not limited to, browsing history, search history, and information regarding a consumer's interaction with an internet website application, or advertisement
  • Audio, Electronic, Visual, Thermal, Olfactory, or Similar Information
  • Professional or Employment-Related Information
  • Personal information that reveals a consumer's social security, driver's license, state identification card, or passport number
  • Personal information that reveals a consumer's precise geolocation

Categories of Sources. We collected your personal information from the following type of people or entities:

  • Direct from the consumer
  • Internet service providers
  • Government entities
  • Operating systems and platforms
  • Social networks
  • Public record sources (Federal, State or Local Government)
  • Credit Reporting Agencies
  • Job application with us
  • Third-party verification services
  • Other persons or entities with which you may use or direct us to intentionally interact or to which you may use or direct us to intentionally disclose your Personal Information.

Business or Commercial Purposes. We collected your personal information for these business or commercial purposes:

  • Helping to ensure security and integrity to the extent the use of the consumer's personal information is reasonably necessary and proportionate for these purposes
  • Debugging to identify and repair errors that impair existing intended functionality
  • Short-term, transient use, including, but not limited to, nonpersonalized advertising shown as part of a consumer's current interaction with the institution, provided that the consumer's personal information is not disclosed to another third party and is not used to build a profile about the consumer or otherwise alter the consumer's experience outside the current interaction with the institution
  • Performing services on behalf of the institution, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing analytic services, providing storage, or providing similar services on behalf of the institution
  • Undertaking internal research for technological development and demonstration
  • Undertaking activities to verify or maintain the quality or safety of a service or device that is owned, manufactured, manufactured for, or controlled by the business, and to improve, upgrade, or enhance the service or device that is owned, manufactured, manufactured for, or controlled by the business

Personal Information Is Not Sold or Shared. We have not sold or shared your personal information to any service providers or contractors in the preceding 12 months.

Disclosed Personal Information

Categories of Personal Information. We disclosed the following categories of personal information to service providers or contractors in the preceding 12 months:

  • Identifiers such as a real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, social security number, driver's license number, passport number, or other similar identifiers
  • Any information that identifies, relates to, describes, or is capable of being associated with, a particular individual, including, but not limited to, his or her name, signature, social security number, physical characteristics or description, address, telephone number, passport number, driver's license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information.
  • Commercial information, including records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies
  • Biometric Information
  • Internet or other electronic network activity information, including, but not limited to, browsing history, search history, and information regarding a consumer's interaction with an internet website application, or advertisement
  • Audio, Electronic, Visual, Thermal, Olfactory, or Similar Information
  • Geolocation Data
  • Professional or Employment-Related Information
  • Inferences drawn from any of the information to create a profile about a consumer reflecting the consumer's preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes
  • Personal information that reveals a consumer's precise geolocation

Business or Commercial Purposes. We disclosed your personal information for these business or commercial purposes:

  • Helping to ensure security and integrity to the extent the use of the consumer's personal information is reasonably necessary and proportionate for these purposes
  • Debugging to identify and repair errors that impair existing intended functionality
  • Short-term, transient use, including, but not limited to, nonpersonalized advertising shown as part of a consumer's current interaction with the institution, provided that the consumer's personal information is not disclosed to another third party and is not used to build a profile about the consumer or otherwise alter the consumer's experience outside the current interaction with the institution
  • Performing services on behalf of the institution, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing analytic services, providing storage, or providing similar services on behalf of the institution
  • Undertaking internal research for technological development and demonstration
  • Undertaking activities to verify or maintain the quality or safety of a service or device that is owned, manufactured, manufactured for, or controlled by the business, and to improve, upgrade, or enhance the service or device that is owned, manufactured, manufactured for, or controlled by the business

How to Submit A Request Regarding Your Personal Information

You can submit to us a verifiable request to know, request to delete, or request to correct your personal information. We will verify that you are the person who we have collected information about by Your Right to Know About Personal Information (PI) Collected, Disclosed, or Sold: A consumer has the right to request that we disclose to them what personal information we collect, use, disclose and sell.

If you wish to submit a verifiable consumer request for personal information we collect, use, disclose or sell you should:

  • submit an email request at inquires@redwoodcapitalbank.com
  • by phone: 707-444-9800
  • or visit any of our locations – Eureka, Arcata, Fortuna or Henderson Center

In order to verify your identity, we will attempt to associate the information you provide in your request with any personal information previously collected about you by us. In order to fulfill your request, we may require additional identity verification and will contact you. However, in no circumstance will we ask you for your social security number, your driver’s license number (or similar identifying number), your account or debit card number or PIN. We will respond to a verifiable consumer request within forty- five days of its receipt. If we require additional time (up to 45 days), we will inform you of the reason and extension period in writing. We will deliver our written response by mail or electronically, at your option. No later than 10 business days after receiving your request(s), we will confirm that we received your request(s) and provide you with information on how we will process your request(s). We will respond to your request to know, request to delete, or request to correct no later than 45 calendar days after receiving your request(s). If we cannot verify your identity within this time period, we may deny your request(s) in whole or in part and will inform you that your identity cannot be verified. If we need more time, we will inform you of the reason for the delay during this time period and may extend the time to respond up to an additional 45 calendar days. Our response will cover the 12-month period preceding our receipt of your request.

You can submit your request to know, request to delete, and request to correct by calling us toll-free at 707-444-9800. You can also submit your request(s) by using any of the following methods:

  • Visiting our online form at: www.redwoodcapitalbank.com
  • Mailing a request to: Redwood Capital Bank
    Attn: Compliance Department
    P.O. Box 1401
    Eureka, CA 95502
  • Visit any of our branches - Eureka, Fortuna, Arcata or Henderson Center

Authorized Agents. We may allow an authorized agent to make a request to know, request to delete, or request to correct on your behalf. We may require written proof that you have given the agent permission to submit a request on your behalf, require the agent to verify their identity with us, or require you to confirm with us that you have provided the agent permission to submit the request. If you are an authorized agent, you may make these requests by following these instructions:

You may designate an authorized agent to make a request under the California Consumer Privacy Act on your behalf by providing your authorized agent with written authorization to do so. If you are an online banking customer, you may submit your agent designation through online secure messaging. We may, at our sole discretion, choose to verify the identity of the person for whom the agent is submitting the request.

Contact Information

For information about our privacy policy and Information Practices, you can contact us by
Online: www.redwoodcapitalbank.com
By mail: Redwood Capital Bank
Attn: Compliance Department
PO Box 1401
Eureka, CA 95502