Securities and Insurance Products not Insured by FDIC or any Federal Government Agency — May lose value — Not a Deposit of or Guaranteed by a Bank or any Bank Affiliate High Point Bank is the trade name under which High Point Bank provides brokerage services through two registered broker/dealers: Insurance products are offered through non-bank affiliates of High Point Bank and are underwritten by unaffiliated insurance companies. Products and services are offered by High Point Bank and its affiliates.

This policy establishes guidelines regarding the sharing of customer information and strives to balance the bank's responsibility for maintaining confidentiality and its responsibility to provide accurate and reliable information about customer activities when required to do so.

The Board of Directors appoints the Compliance Officer as the Financial Privacy Coordinator. As such, the Compliance Officer is responsible for notifying management and the Board of Directors, maintaining and updating this policy, informing management and staff of regulatory changes that affect the bank's privacy policies and procedures, and coordinating all requests for financial information from government agencies.

II. Specific Goals
The goals of this policy are to identify:

The types of information the bank may gather, store and disclose to affiliated and nonaffiliated parties;
To whom such information may be disclosed;
Under what circumstances customer information may be disclosed;
Methods of initial and annual disclosure as required by law

III. Compliance with Privacy Laws and Regulations
In addition to our bank's internal customer privacy policy, we are also bound by state and federal laws to protect the information entrusted to us. It is the intent of High Point Bank and Trust Company to comply with the requirements of The Right to Financial Privacy Acts (RFPA), the N.C. Financial Privacy Act, the Fair Credit Reporting Act (FCRA), the Gramm-Leach-Bliley Act (GLBA) and other laws and regulations that provide the basis for the regulatory framework upon which we build our policies and procedures.

The Gramm-Leach-Bliley Act was signed into law in November, 1999 and governs information about individuals who obtain a financial product or service from us to be used for personal, family, or household purposes. Among other things, the law requires us to establish guidelines about the information we gather about our customers and our practices relating to information sharing with third parties. Additionally, the Act requires that we provide certain disclosures about our privacy practices 1) in a one-time initial disclosure; 2) prior to establishing an account relationship and 3) annually thereafter. The basic principles comprising our privacy program are summarized below.

IV. Collection, Use and Retention of Customer Information
The bank will collect, retain, and use information from our customers from a variety of sources for the purpose of administering our business or to provide products, services, or other opportunities for our customers. Customer information is obtained from the customer directly, is collected when recording customer activity and related transactions, or is requested with the customer's permission from outside sources (such as employment verifications, credit reports, etc.). This information is used to evaluate and manage our risks; to protect and administer customer accounts, records and funds; to comply with applicable laws and regulations; to develop and enhance our portfolio of products and services and other valid business purposes.

V. Information Accuracy
High Point Bank and Trust Company has implemented procedures to help assure that our customers' financial information is accurate, current and complete in accordance with commercial standards. In addition to the processes required by laws and regulations, we have implemented additional procedures to promptly respond to customer communication requesting edits, deletions or additions regarding the customer's relationship with our bank.

VI. Employee Access to Customer Information
High Point Bank and Trust Company maintains security levels and related procedures to assist in the prevention of unauthorized access to confidential information within our organization. Secured access is delegated upon a "need to know" basis commensurate with each employee's responsibilities. Our employees are instructed in the importance of confidentiality and are provided with written code of conduct guidelines.

VII. Maintaining Customer Privacy with Third Party Business Partners
It is necessary upon occasion to provide personally identifiable information about our customers to a party outside of our organization. High Point Bank and Trust Company is very selective in choosing vendors and service companies that assist us in servicing our customers. These relationships are maintained to perform services on our behalf including, but not limited to; the imprinting of checks, electronic data processing services, the generation of account statements, execution of securities transactions, the maintenance and servicing of transactional account information and to market our products and services. These business partners agree to safeguard our confidential customer information and may not use our customer information for a purpose other than the intended service.

VIII. Internet and Electronic Privacy
With the rapid expansion of technological capability in our industry and in our institution, High Point Bank and Trust Company is committed to maintaining and expanding effective systems to facilitate the convenient delivery of services, regardless of the method of delivery. Information gathered via the Internet or other electronic means will be used only for appropriate purposes such as the evaluation of our web pages' effectiveness and to allow us to respond more quickly to our customers' needs. To protect this information, we maintain physical, electronic and procedural safeguards that comply with federal regulations.

IX. Disclosure of Information
Responsible use of information benefits our customers by protecting privacy and by enabling us to offer improved products and services. It is our policy to prohibit the sale of customer information to outside third parties. High Point Bank and Trust Company does not reveal specific information about customer accounts or other personally identifiable data to external parties unless:

The customer request disclosure of the information;
The information is necessary to complete a transaction or perform a service at the request of the customer;
The information is provided to a credit bureau or similar information reporting agency;
The disclosure is otherwise lawfully permitted or required.

X. Providing Information to Government Authorities
The Federal Right to Financial Privacy Act, the North Carolina Financial Privacy Act and the Tax Privacy Acts govern how governmental agencies may obtain customer information from financial institutions. It is the intent of High Point Bank and Trust Company to comply with the provisions of these laws when providing customer information to government authorities. Management shall establish and follow procedures to ensure our compliance.

XI. Record Retention
High Point Bank and Trust Company will maintain records to document compliance with those laws and regulations relating to privacy. These records will be retained in accordance with the bank's retention schedule.

XII. Audit
The Internal Audit Department will periodically audit the bank's compliance with this policy and with the laws and regulations noted herein.

As adopted by the Board of Directors on Tuesday, March 13, 2001.