Mercantile Internet Privacy Statement
Visitors to this bank website remain anonymous. We do not collect identifying information about visitors to our site. We may use standard software to collect non-identifying information about our visitors, such as:
- Date and time our site was accessed
- IP address (a numeric address given to servers connected to the internet)
- Web browser used
- City, state, country
The bank uses this information to create summary statistics and to determine the level of interest in information available on our site. Visitors may elect to provide us with personal information via Email, online registration forms, or other means. This information is used internally, as appropriate, to handle the sender's request. It is not disseminated or sold to other organizations. Some areas of our website may use a "cookie" temporarily stored in the visitor's computer memory (RAM) to allow the web server to log the pages you use within the site and to know if you have visited the site before.
We may collect information regarding your mobile device such as device settings, unique device identifiers, information about your location, and analytical information that may assist with diagnostics and performance. For your convenience, you may be asked to grant permission for access to your mobile device's geolocation data. This information may be collected when you use certain services that are dependent on your mobile device’s location (such as the location of an ATM or in store transactions).
Please note that by using some of the links on our pages, you may be leaving Mercantile Bank of Michigan's website. As a service and for informational purposes only, Mercantile Bank of Michigan (the "Bank") may provide listings of and/or links to third party web pages/publications maintained by the U.S. government, internet retailers, non-Bank organizations and others. The Bank does not share any confidential or private information about our website users or customers with any of these outside organizations. The Bank also takes no responsibility and makes no warranties, either expressed or implied, for any of the services, products or other merchandise offered via these outside websites. The Bank is not responsible for and does not monitor the content or administration of these outside websites or pages. These outside pages and their content, including but not limited to factual statements and opinions, are the sole responsibility of their creators and do not represent, explicitly or implicitly, positions, policies or opinions of Mercantile Bank of Michigan or Mercantile Bank Corporation, its staff or its Board of Directors.
Children under 13 should not send any information about themselves to us, including information like your name, address or email address. The Bank does not knowingly collect personally identifying information from children under the age of 13. In the event that we learn that we have collected such information from a child under 13 without parental consent, the information will be deleted from our database as soon as reasonably possible.
Mercantile Bank has purchased an Extended Validation (EV) SSL Certificate for the website, which provides an additional layer of protection. This enables customers to trust that the Mercantile Bank site is what it claims to be, rather than a fraudulent mirror site operated by perpetrators of phishing schemes. This is new technology designed specifically to address widespread phishing schemes that have been targeting the financial services industry.
When you visit a site with this new EV SSL Certificate, new high-security browsers will trigger the address bar to turn green and display the name of the organization listed in the certificate as well as the Certificate Authority.
Internet Banking System
This Internet Banking System brings together a combination of industry-approved security technologies to protect data for the bank and for you, our customer. It features password-controlled system entry, a VeriSign-issued Digital ID from the bank's server, Secure Sockets Layer (SSL) protocol for data encryption, Multifactor Authentication Technologies, and a router loaded with a firewall to regulate the inflow and outflow of server traffic.
Secure Access and Verifying User Authenticity
To begin a session with the bank's server the user must key in a Log-in ID and a password. Our system, the Internet Banking System, uses a "three strikes and you're out" lock-out mechanism to deter users from repeated failed login attempts. After three unsuccessful login attempts, the system locks the user out, requiring a phone call to the bank to unlock the account before re-entry into the system. Upon successful login, the Digital ID from VeriSign, the experts in digital identification certificates, authenticates the user's identity and establishes a secure session with that visitor.
Mercantile Bank has instituted additional technologies to help protect you against multiple forms of fraud. Upon your initial login into the online banking or mobile systems you will be presented a Temporary Access Code (TAC). The TAC can be received as a phone call or text. For convenience, you are offered the ability to register any and as many devices as you desire. After which we will recognize your device and you will no longer be required to enter a TAC upon subsequent logins on those devices. However, if you desire added security, refrain from registering any device to continue to receive a TAC upon subsequent logins. Note: On our website, Mercantile Bank will never ask you for your, Social Security Number, Credit, Debit or ATM Card numbers or your PIN.
Secure Data Transfer
Once the server session is established, the user and the server are in a secured environment. Because the server has been certified as a 128-bit secure server by VeriSign, data traveling between the user and the server is encrypted with Secure Sockets Layer (SSL) protocol. With SSL, data that travels between the bank and customer is encrypted and can only be decrypted with the public and private key pair. In short, the bank's server issues a public key to the end user's browser and creates a temporary private key. These two keys are the only combination possible for that session. When the session is complete, the keys expire and the whole process starts over when a new end user makes a server session.
Router and Firewall
Requests must filter through a router and firewall before they are permitted to reach the server. A router, a piece of hardware, works in conjunction with the firewall, a piece of software, to block and direct traffic coming to the server. The configuration begins by disallowing ALL traffic and then opens holes only when necessary to process acceptable data requests, such as retrieving web pages or sending customer requests to the bank.
Using the above technologies, your Internet banking transactions are secure.
Policy Changes and Website Maintenance
As our business grows and changes, and as technology and Internet use and practices change, the Bank may, from time to time, determine that changes in its policies, including the Internet Privacy Statement and Security Statement, are prudent. If any such changes are made, they will be posted on this website. Therefore you should review the Mercantile Internet Privacy Statement, Security Statement and other policies posted on this site for potential changes when you return to the site for future visits.
Mercantile Bank is strongly committed to our relationship with you. We want to help you protect yourself and your accounts from fraudulent methods to gain access to your information.
If you have any questions or concerns, please do not hesitate to contact us.
For any inquiries about Mercantile Bank's online privacy or security practices:
- Email Privacy Officer
- Call us at 800.453.8700
Once you have received a secure email from Mercantile Bank and have registered and received a user ID and password, you will be able to initiate and send secure emails to Mercantile Bank by selecting 'Secure Email' from the 'Sign on to Other Services' box when choosing Login from the top of the page.
Fraudulent Emails & Websites
Internet Fraud Compliant Center- www.ic3.gov
Suspicious Online Transactions
Mercantile Bank Loss Prevention Department
Lost or Stolen Debit/ATM Cards
During Bank Hours: 616.406.3870
During Non-Bank Hours: 800.472.3272
Lost or Stolen Credit Cards
During Bank Hours: 616.406.3870
During Non-Bank Hours: 866.839.3485