Shannell & Associates
Legal

Privacy Policy

Effective Date: April 13, 2026 · Last Updated: April 13, 2026

This Privacy Policy describes how Shannell & Associates ("Shannell," "we," "our," or "us") collects, uses, discloses, and safeguards information in connection with the website located at shannell.com (the "Site") and the services we provide to financial institutions.

By accessing or using the Site, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with the practices described herein, you should refrain from using the Site.

1. Information We Collect

We collect information in three categories: information you provide to us directly, information collected automatically when you visit the Site, and information received from third-party services integrated with the Site.

1.1 Information You Provide Directly

When you submit a contact form, request a consultation, or otherwise communicate with us through the Site, telephone, or electronic mail, we may collect and retain the following categories of information:

  • Full name and professional title;
  • Name of the financial institution with which you are affiliated and its approximate asset size;
  • Business email address and telephone number;
  • Information regarding your current core processing vendor and contract status;
  • The substantive content of any message, inquiry, or correspondence you direct to us; and
  • Any additional information you voluntarily disclose in connection with a prospective or active engagement.

1.2 Information Collected Automatically

When you visit the Site, certain information is collected automatically through cookies, server logs, and similar technologies, including:

  • Internet Protocol (IP) address and approximate geographic location derived therefrom;
  • Browser type, version, operating system, and device identifiers;
  • Pages accessed, time and duration of visits, referring URLs, and navigation patterns within the Site;
  • Date and time of access; and
  • Anonymous or pseudonymous identifiers used for analytics purposes.

1.3 Information from Third-Party Services

The Site integrates with the following third-party services, each of which may collect information governed by its own privacy policy:

  • Google Analytics 4 — used to analyze aggregate Site usage patterns. See Google's privacy policy at policies.google.com/privacy.
  • Google Search Console — used to monitor Site performance in search results.
  • Web3Forms — used to transmit contact form submissions to our personnel. See web3forms.com/privacy-policy.
  • Cloudflare — provides hosting, content delivery, and security services. See cloudflare.com/privacypolicy.

2. How We Use Information

We process the information described above for the following purposes and lawful bases:

  • To respond to inquiries, schedule consultations, and provide information regarding our services;
  • To perform contractual obligations in connection with active client engagements;
  • To maintain, analyze, and improve the Site and our professional services;
  • To detect, prevent, and respond to fraudulent activity, technical misuse, or unauthorized access;
  • To comply with applicable legal, regulatory, and professional obligations; and
  • For such other purposes as may be disclosed to you at the time the information is collected.

3. Legal Basis for Processing

We process personal information where we have a legitimate business interest in doing so (including the operation of our Site and the provision of professional services), where necessary to perform a contract with you or your institution, where you have provided consent, and where required or permitted by applicable law.

4. How We Share Information

We do not sell, rent, lease, or otherwise trade personal information to third parties for their independent marketing purposes. We may disclose information only in the following limited circumstances:

  • Service Providers. We may share information with vendors and service providers that perform functions on our behalf, including web hosting, email delivery, analytics, and similar operational services. Such parties are contractually obligated to use information only for the purposes for which it was disclosed and consistent with this Policy.
  • Professional Advisors. We may disclose information to our legal, accounting, insurance, and other professional advisors where reasonably necessary.
  • Legal Compliance. We may disclose information where we believe in good faith that such disclosure is required by law, subpoena, court order, or other legal process, or to protect our rights, property, or safety or that of others.
  • Business Transactions. In the event of a merger, acquisition, reorganization, sale of assets, or similar corporate transaction, information may be transferred to the successor entity, subject to the protections described in this Policy.
  • Consent. We may share information in any other manner with your consent or at your direction.

5. Confidentiality of Client Information

Information shared with us in the course of a prospective or active engagement — including details regarding your institution's vendor relationships, contract terms, pricing, and strategic plans — is held in the strictest confidence. Such information is accessed only by personnel with a legitimate need to know in connection with the engagement and is not disclosed to third parties without your express authorization, except as may be required by law.

6. Cookies and Tracking Technologies

The Site uses cookies and similar tracking technologies to maintain session state, understand Site usage, and improve user experience. Cookies are small text files stored on your device by your web browser. You may configure your browser to refuse cookies, delete existing cookies, or notify you when cookies are being sent. Disabling cookies may affect the functionality of the Site.

We do not respond to "Do Not Track" browser signals at this time, as no uniform industry standard has been established for such signals.

7. Data Retention

We retain personal information for as long as reasonably necessary to fulfill the purposes described in this Policy, including to comply with our legal, accounting, or reporting obligations, to resolve disputes, and to enforce our agreements. When information is no longer required, we will take reasonable steps to delete or anonymize it.

8. Data Security

We maintain reasonable administrative, technical, and physical safeguards designed to protect personal information from unauthorized access, disclosure, alteration, and destruction. However, no method of transmission over the Internet or electronic storage is completely secure, and we cannot guarantee absolute security. You are responsible for maintaining the confidentiality of any credentials used to access our services.

9. Your Rights and Choices

Depending on your jurisdiction of residence, you may have certain rights with respect to your personal information. These rights may include the right to access, correct, delete, or restrict the processing of your personal information, as well as the right to object to certain processing activities and the right to data portability.

9.1 California Residents

If you are a California resident, the California Consumer Privacy Act, as amended by the California Privacy Rights Act (collectively, the "CCPA"), provides you with the following rights:

  • The right to know what personal information we have collected about you;
  • The right to delete personal information we have collected;
  • The right to correct inaccurate personal information;
  • The right to opt out of the sale or sharing of personal information (we do not sell or share personal information as those terms are defined under the CCPA);
  • The right to limit the use of sensitive personal information; and
  • The right to be free from discrimination for exercising your CCPA rights.

To exercise any of these rights, please contact us using the information in Section 14. We will respond to verifiable requests within the timeframe required by applicable law.

9.2 Other State Privacy Laws

Residents of other U.S. states with comprehensive privacy laws (including, where applicable, Colorado, Connecticut, Virginia, Utah, Texas, and other states that enact similar legislation) may have comparable rights. We honor requests to exercise such rights to the extent required by law.

10. Children's Privacy

The Site and our services are directed to professionals at financial institutions and are not intended for use by individuals under the age of eighteen. We do not knowingly collect personal information from children. If we learn that we have inadvertently collected personal information from a child, we will take reasonable steps to delete such information.

11. International Users

The Site is operated from the United States and is intended for users located within the United States. If you access the Site from outside the United States, you acknowledge that your information may be transferred to, stored in, and processed in the United States, which may have data protection laws that differ from those of your country of residence.

12. Third-Party Links

The Site may contain links to third-party websites, resources, and services that are not operated by us. We are not responsible for the privacy practices or content of such third parties. We encourage you to review the privacy policies of any third-party websites you visit.

13. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, applicable law, or other factors. When we make material changes, we will revise the "Last Updated" date at the top of this Policy and, where appropriate, provide additional notice. Your continued use of the Site following the posting of any changes constitutes your acceptance of the revised Policy.

14. Contact Information

If you have questions, concerns, or requests regarding this Privacy Policy or our information practices, or if you wish to exercise any of the rights described herein, please contact us:

Shannell & Associates
Attention: Privacy Inquiries
Email: joechimera@shannell.com
Telephone: 858-205-0088