Last updated October 2009

Greystone Bank recognizes that you expect a high level of privacy and confidentiality when it comes to your financial affairs and your personal information. We are committed to providing the highest level possible.

In the normal course of business we gather nonpublic personal information about our customers and those who transact business with us. We will safeguard and protect this information at all times. In the event you close your account(s), we will follow the privacy policies and practices as described in this notice. This Statement is provided for the purpose of informing you of how we gather and protect your information.

Collection of Customer Information

We obtain nonpublic personal information about you when you establish or apply to establish an account relationship with us, such as opening a deposit account or applying for a loan. Information may be obtained directly from customers like yourself, from credit bureau agencies and from other credit references you may supply to us.

We may collect the following kinds of information about you:
* Information we receive from you on applications or other forms, such as your name, address, telephone number, Social Security number, assets, and income.
* Information about your transactions with us, such as your account balance, payment history, and parties to transactions; and,
* Information we receive from a consumer-reporting agency, such as information relating to your creditworthiness and credit history.

We collect information about you only in order to open your account, identify that you are who you say you are when you contact us to make an inquiry, and to execute the transactions agreed to when you opened your account. We obtain only information that is necessary to administer our business and is allowed by law.

Use of Customer Information

Personal and financial information about customers is used only for very specific purposes: * To identify persons involved in transactions and to guard against unauthorized access to funds or information, and to protect customer's accounts; and * To help us identify and avoid potential risks or losses to Greystone Bank.

Maintaining Information

We have established procedures and controls to ensure that information used is accurate, current and complete in accordance with commercial standards. Our procedures are designed to correct inaccurate information in a timely manner whenever it is discovered. We request that you notify us in writing of any changes in your personal information (i.e. address, phone, etc.).

Employee Access to Information

Access to your personal information is only available to those employees with a legitimate need to know. Employees are trained to handle all information in a confidential manner. All employees must adhere to our Code of Ethics as a requirement for continued employment.

Protection of Information by Established Security Procedure

Greystone Bank will make every reasonable effort to maintain the highest level of security against any unauthorized access to your financial information. In this regard we will use tight security procedures, employee training and technology. We employ high-level controls in all of our data systems, all core data is secured at off-site locations, so your data is safe. In addition, employees must adhere to the Bank’s “Clean Desk Policy”, so sensitive data is not left unsecured on employee’s desks, at printers, and the like.

Restrictions on the Disclosure of Account Information

We do not disclose information about you or your account(s) to others except for third parties that have legitimate purposes to execute transactions agreed upon between us, and are authorized by law to receive the information.

The following exceptions are necessary in order to conduct normal business:
* You have requested or authorized the disclosure, or
* The disclosure is required by or allowed by law. Examples are: subpoenas and the investigation of fraudulent activity.

Maintaining Customer Privacy in Business Relationships with Third Parties

Greystone Bank contracts with outside companies to provide certain specific services. To ensure the confidentiality of your personal information, we require these companies to adhere to the same Privacy Principles adopted by Greystone Bank. These companies are strictly prohibited from using the information for their own benefit, or allowing any other party to access the information.

Privacy and Confidentiality of Website Activity

Personal information is not collected or recorded upon visiting our website unless you logon to Internet Banking. In the event you send us an email or feedback form, we will retain the information necessary to respond to you.

We may collect information about the number of visitors to the different pages and sections of our website to help us evaluate the site and make it more useable and effective. This information does not identify individuals, but is simply numerical data.

You can help us maintain the security of your banking information by not sharing your ID or password with anyone, by changing your password regularly, and by remembering to sign off after an Internet Banking session.

More Information

For additional information about confidentiality and customer privacy, please write to us at Greystone Bank, 4700 Falls of Neuse Road, Suite 190, Raleigh, NC 27609, or call us at (866) 558-GBNC (4262).