California Privacy Rights Act (CPRA) Policy and Notice
This California Privacy Rights Act Policy and Notice at Collection (this "Policy") is for California Residents ("consumers" or "you") only. This Notice describes the personal information that Monet Bank d/b/a Beal Bank, Beal Service Corporation, Beal Bank USA, MGC Mortgage, Inc., Monet Service, Inc., and Beal Nevada Service Corporation (collectively, "we", "our", or "us") collects in the course of our business operations, your customer relationship with us, and/or through your job application and employment with us. This Policy explains how such information is collected, used, shared, disclosed, describes rights provided by the California Privacy Rights Act of 2020 (California Civil Code § 1798 et seq.) (“CPRA”) to consumers regarding their personal information, and how consumers can exercise those rights granted under the CPRA.
This policy and notice at collection is available here https://www.monet.bank/cpra-policy.
- NOTICE AT COLLECTION: What is Personal Information?
- Personal Information We Collect, Use, or Share
- Retention of Personal and Sensitive Personal Information
- Disclosing Your Personal Information for a Business or Commercial Purpose
- Selling Your Personal Information for a Business or Commercial Purpose; Right to Opt-out; Do Not Sell my Personal Information
- Access by Persons with Disabilities
- Our Full CPRA Policy
NOTICE AT COLLECTION: What is Personal Information?
We may collect, use, or share your Personal Information (California Civil Code 1798.140(v)(1)), including Sensitive Personal Information (as defined in California Civil Code 1798.140(ae)). We do not and will not sell personal information for monetary consideration. Personal information is information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with you or your household (personal information). Personal information does not include: (1) publicly available information, such as information that is lawfully made available from federal, state, or local records, and (2) de-identified or aggregate consumer information.
With a limited exception, and as noted in other sections of this Notice, certain provisions of the CPRA do not apply to:
Certain personal information covered by or collected under industry-specific privacy laws including, but not limited to, the Health Insurance Portability and Accountability Act of 1996, the California Confidentiality of Medical Information Act, the Fair Credit Reporting Act, the Gramm-Leach-Bliley Act, the California Financial Information Privacy Act, and the Driver's Privacy Protection Act of 1994.
Personal Information We Collect, Use, or Share
The CPRA requires us to disclose certain information regarding our collection, use, and sharing of personal information. The following table outlines the categories of personal information that we have collected about consumers in the last 12 months. For each category, if applicable, we have identified the categories of sources from which that information was collected, the business or commercial purpose(s) for which the information was collected, and the categories of third parties and service providers with whom we share personal information.
Where you are a business and the Personal Information or Sensitive Personal Information relates to your directors, shareholders, beneficial owners, employees, agents, associates, or family members, it is not reasonably practicable for us to provide to them the information set out in this Notice. Accordingly, where appropriate, you are responsible for providing this information to any such person.
Business or commercial purposes are defined as follows:
- Account Services: We use personal information to offer our account services, including: (1) establishing, maintaining, supporting, and servicing an account you may have opened with us and for which you provided the information or that you may have applied for or established with us; (2) providing services, products, or information you may have requested from us; and (3) performing services such as maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing analytic services, or providing similar services on our own behalf or on the service provider s behalf.
- Security and Fraud Detection: We use personal information for our security and fraud detection services including: detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity; and prosecuting those responsible for that activity.
- Debugging: We use personal information to engage in debugging to identify and repair errors that impair existing intended functionality.
- Improvement of Products and Services: We use personal information to verify, maintain, and improve our products and services.
- Internal Research: We use personal information for our internal research related to technological development and demonstration.
- Advertising and Marketing Services: We use personal information to provide advertising or marketing services on our own behalf.
- Legal Obligations: We use personal information to comply with legal obligations.
- Audits: We use personal information to audit current interactions with you and related transactions (e.g., counting and verifying ad impressions, auditing compliance).
- Merger/Acquisition/Bankruptcy, etc.: We may use your personal information as part of a merger, acquisition, bankruptcy, or other transaction where a third party assumes control of us.
- Commercial/Economic Interests: We use personal information to advance our commercial or economic interest.
| Categories of Personal Information and Sensitive Personal Information | Categories of Sources From Which the Personal Information and Sensitive Personal Information Is Collected | Business or Commercial Purpose(s) for Which the Information Is Collected, Used, and/or Shared | Categories of Third Parties / Service Providers With Whom We Share Personal and Sensitive Personal Information |
|---|---|---|---|
| Identifiers. This may include a real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers. |
|
|
|
| Personal Information. This may include a name, signature, physical characteristics or description, address, telephone number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. |
|
|
|
| Sensitive Personal Information. This may include a Social Security number, passport number, driver’s license or state identification card number, and precise geolocation. |
|
|
|
| Characteristics of Protected Classification under California or Federal Law, including Cal. Civ. Code 1798.80(ae). This may include age, race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth, and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information). |
|
|
|
| Commercial Information. This may include records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. |
|
|
|
| Biometric information. This may include genetic, physiological, biological, or behavioral characteristics that can be used, singly or in combination with each other or with other identifying data, to establish your identity, including deoxyribonucleic acid (DNA), fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data. | We do not collect, use, or share biometric information. | We do not collect, use, or share biometric information. | We do not collect, use, or share biometric information. |
| Internet or other similar network activity. This may include browsing history, search history, or information on a consumer s interaction with a website, application, or advertisement. |
|
|
|
| Geolocation Data. This may include physical location, movements, or precise geolocation. |
|
|
|
| Sensory Data. This may include audio, electronic, visual, thermal, olfactory, or similar information. |
|
|
|
| Professional or employment-related information. This may include current or past job history or performance evaluations. |
|
|
|
| Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. 1232g; 34 C.F.R. Part 99)). This may include education records directly related to a student maintained by an educational institution or party acting on its behalf, such as report cards, transcripts, class lists, student schedules, student identification codes, student financial information, and student disciplinary records. |
|
|
|
| Inferences drawn from other personal information. This may include information, data, assumptions, or conclusions derived from facts, evidence, or another source of information or data reflecting your preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, or aptitudes. |
|
|
|
Retention of Personal and Sensitive Personal Information
We will retain your information as identified above, including personal and sensitive information, for each disclosed purpose for a period that is reasonably necessary and proportionate to the stated purpose or for such period as required by applicable law, regulation, or rule.
We retain personal information for as long as needed or permitted in light of the purposes for which it was obtained and consistent with applicable law. The criteria used to determine our retention periods include:
- The length of time we have an ongoing relationship with you and provide our products and services to you (for example, for as long as you have an account with us or keep using our products and services);
- Whether there is a legal obligation to which we are subject (for example, certain laws require us to keep records of your transaction or communications for a certain period of time before we can delete them); and
- Whether retention is advisable in light of our legal rights (such as in regard to applicable statutes of limitations, litigation, or regulatory investigations).
Disclosing Your Personal Information for a Business or Commercial Purpose
We may disclose your personal information to third parties in order to carry out specific business or commercial purposes. In the preceding 12 months, we have disclosed consumer personal information for business or commercial purposes to our service providers and the following categories of third parties:
- Web and data analytics service providers;
- Financial and payment technology providers;
- Consumer reporting agencies;
- Background check companies;
- Identity verification services;
- Asset verification services;
- Security and fraud detection;
- Government entities; and
- Operating systems and platforms.
In the last 12 months, we have disclosed the following categories of personal information (as described in more detail above) for a business or commercial purpose:
- Identifiers;
- Personal information described in the California Customer Records Statute (see description above);
- Characteristics of Protected Classification under California or Federal Law;
- Internet or other similar network activity;
- Commercial information;
- Geolocation data;
- Sensory data;
- Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. 1232g, 34 C.F.R. Part 99));
- Professional or Employment Related Information; and
- Inferences drawn from other personal information.
Selling Your Personal Information for a Business or Commercial Purpose; Right to Opt-out; Do Not Sell my Personal Information
We have not sold consumer personal information to third parties for a business or commercial purpose in the preceding 12 months. We do not and will not sell your personal information for monetary consideration. We do not offer an opt-out from the sale of personal information because we do not engage in the sale of personal information as contemplated by the CPRA.
We are a financial institution and do not sell the personal information of minors under 16 years of age.
Access by Persons with Disabilities
Persons with disabilities who need assistance accessing this Notice may contact us as provided for below, and depending on your individual needs, we will grant reasonable requests to furnish this Notice in an alternative format.
Phone: 888-222-3902
Email: info@monet.bank
Postal Address: 6000 Legacy Dr., Plano, Texas 75024
Attn: CPRA Information Request
Submit Inquiry: Here
Changes to Our Full CPRA Policy and Notice
This Policy was last updated on January 6, 2026.