At Northern State Bank, we are committed to treating non-public personal information responsibly. We have built physical, electronic and procedural safeguards that comply with federal standards to protect non-public personal information. The employees of Northern State Bank have access to a variety of confidential personal and business information about its customers. This policy statement addresses our philosophy and standards designed to protect proprietary information and respect the confidentiality of our customers. We do not disclose non-public personal information, about current or former customers, to anyone except as permitted or required by law. We do not sell customer lists or individual customer information. We know that our customers entrust us with highly confidential information and expect that we will protect that information. We maintain strict standards on safeguarding that information.

• Information we receive from you on applications or other forms,
• Information about your transactions with us, our affiliates, or others,
• Information we receive from a consumer-reporting agency
• We collect and retain non-public personal information about you to protect and administer your records, accounts and funds; to comply with federal and state laws and regulations; to help us design or improve our products and services; and to understand your financial needs. We also use this information to assist us in determining your eligibility for products.

Northern State Bank will never divulge any confidential customer information except as required to conduct normal business. We do not sell information about our customers or former customers to nonaffiliated third parties.

There are certain circumstances in which disclosure of customer or former customer information is required and permitted by law. We may disclose information to third parties about your accounts or transactions you perform; (a) where it is necessary for completing transfers or transactions that you requested; (b) in order to verify the existence and condition of your account for a third party, such as a credit reporting agency or merchant; (c) in order to comply with government authorities or court orders; or (d) if you give us written authorization.

Each department of Northern State Bank maintains strict policies and procedures regarding customer information and data protection. Employee access to customer information is restricted to information necessary to perform their individual job function in the normal course of business.

Employees are educated on the importance of maintaining confidentiality of customer information and employees who violate these principles are subject to disciplinary measures. There are established policies on data security relating to mainframe (database) access and personal computer use. In all forms of access to customer information, whether in person, telephone, ATMs, the Internet, etc., there are strict procedures in place to ensure that a customer's identity is verified prior to providing any information, whether through personal passwords, or other form of identifying information.

We maintain physical, electronic, and procedural safeguards that comply with federal standards to guard your nonpublic personal information.

A copy of our privacy policy will be provided to you annually, as long as you maintain a continuing relationship with us. This policy is also posted in our offices, on our website and is available upon request. Customers who have specific questions regarding this policy, may contact us either in writing or by telephone during regular business hours. This policy may be revised from time to time, and without notice, to reflect current practice. However, should we decide to disclose information to an affiliate or nonaffiliated third party other than permitted by law, we will provide you with a revised notice and reasonable time to tell us that you prefer that we did not disclose that information.