A credit union is a member-owned financial cooperative, democratically controlled by its members, and operated for the purpose of promoting thrift, providing credit at competitive rates, and providing other financial services to its members. Data collection, processing and use are conducted for the purpose of facilitating the above-mentioned objectives. This Privacy Notice is to provide you with information regarding the processing of information about you for account related purposes and other general purposes and further processing that may be necessary if you apply for a loan with us.
Our contact details are:
Main Street, Slane, Co. Meath
Phone: 041 9824812
Email: info@slanecreditunion.ie
Slane Credit Union is committed to protecting the privacy and security of your personal data. This privacy notice describes how we collect and use personal data about you during and after your relationship with us.
What personal data do we use?
We may collect, store, and use the following categories of personal data about you:
The purposes for which we use your personal data:
The credit union will use your personal data to assist it in carrying out the following:
We may also collect, store and use the following “special categories” of more sensitive personal data:
[Information about your health, including any medical condition, health and sickness (See Insurance for further details)
We need all the categories of information in the list above to allow us to; identify you and contact you and in order that we perform our contract with you.
We also need your personal identification data to enable us to comply with legal obligations. Some of the above grounds for processing will overlap and there may be several grounds which justify our use of your personal data.
How we use particularly sensitive personal data
” Special categories” of particularly sensitive personal data require higher levels of protection. We need to have further justification for collecting, storing and using this type of personal data. We may process special categories of personal data in the following circumstances:
Less commonly, we may process this type of information where it is needed in relation to legal claims or where it is needed to protect your interests (or someone else’s interests) and you are not capable of giving your consent, or where you have already made the information public.
How secure is my information with third-party service providers?
All our third-party service providers are required to take appropriate security measures to protect your personal data in line with our policies. We do not allow our third-party service providers to use your personal data for their own purposes unless they are deemed to be controllers in their own right. We only permit them to process your personal data for specified purposes and in accordance with our instructions. Usually, information will be anonymised, but this may not always be possible. The recipient of the information will also be bound by confidentiality obligations.
If you fail to provide personal data
If you fail to provide certain information when requested, we may not be able to perform the contract we have entered into with you or we may be prevented from complying with our legal obligations.
Change of purpose
You can be assured that we will only use your data for the purpose it was provided and in ways compatible with that stated purpose. If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
Profiling
We sometimes use systems to make decisions based on personal data we have (or are allowed to collect from others) about you such as credit score. This information is used for loans assessment and anti-money laundering purposes and compliance with our legal duties in that regard. We aim to process the minimum of personal data possible in accordance with Data protection principles.
Data Retention Periods
We will only retain your personal data for as long as necessary to fulfil the purpose(s) for which it was obtained, taking into account any legal/contractual obligation to keep it. Where possible we record how long we will keep your data, where that is not possible, we will explain the criteria for the retention period. This information is documented in our Retention Policy.
Once the retention period has expired, the respective data will be permanently deleted. Please see our retention periods below.
Planned data transmission to third countries
We do not process any of your personal data outside the EEA.
Explaining our use of your information
We will collect and use relevant information about you, your transactions, your use of our products and services, and your relationships with us. We will typically collect and use this information for the following purposes:
Fulfilling Contracts: This basis is appropriate where the processing is necessary for us to manage your accounts and credit union services to you
Administrative Purposes: We will use the information provided by you, either contained in this form or any other form of application, for the purpose of assessing this application, processing applications you make and to maintain and administer any accounts you have with the credit union.
Security: In order to secure repayment of the loan, it may be necessary to obtain security such as a charge on your property or other personal assets.
Third Parties: We may appoint external third parties to undertake operational functions on our behalf. We will ensure that any information passed to third parties conducting operational functions on our behalf will be done with respect for the security of your data and will be protected in line with data protection law.
Guarantors: As part of your loan conditions, we may make the requirement for the appointment of a guarantor a condition of your loan agreement in order that the credit union ensures the payment of your loan. Should your account go into arrears, we may need to call upon the guarantor to repay the debt in which case we will give them details of the outstanding indebtedness. If your circumstances change it may be necessary to contact the guarantor.
Irish League of Credit Unions (ILCU) Affiliation: The ILCU (a trade and representative body for credit unions in Ireland and Northern Ireland) provides professional and business support services such as marketing and public affairs representation, monitoring, financial, compliance, risk, learning and development and insurance services to credit unions. As this credit union is affiliated to the ILCU, the credit union must also operate in line with ILCU Standard Rules (which members of the credit unions are bound to the credit union by) and the League Rules (which the credit union is bound to the ILCU by).We may disclose information in your application or respect of any account or transaction of yours from the date of the original membership to authorise employees or officers of the ILCU for the purpose of the ILCU providing these services to us.
The ILCU Savings Protection Scheme (SPS): We may disclose information in any application from you in respect of any account or transaction of yours from the date of the original membership to authorised officers or employees of the ILCU for the purpose of the ILCU providing these services and fulfilling requirements under the affiliation of the ILCU, and the SPS.
CUSOP: For the processing of electronic services on your account (such as credit transfers, standing orders and direct debits), the credit union is a participant of CUSOP (Payments) DAC (“CUSOP”). CUSOP is a credit union owned, independent, not-for-profit company that provides an electronic payments service platform for the credit union movement in Ireland. CUSOP is an outsourced model engaging third party companies, such as a Partner Bank, to assist with the processing of payment data.
Insurance: As part of our affiliation with the ILCU, we purchase insurance from ECCU Assurance DAC (ECCU), a life insurance company, wholly owned by the ILCU. This includes Life Savings (LS), Loan Protection (LP), and optional related riders (when applicable). If you choose to take out a loan with us, it is a term of your membership, by virtue of our affiliation with the ILCU that the credit union will apply to ECCU for Loan Protection (LP). In order that we apply for LP it may be necessary to process ‘special category’ data which includes information about your health. This information will be shared with ECCU to allow it to deal with insurance underwriting administration and claims on your behalf.
Credit Assessment: When assessing your application for a loan, the credit union will take several factors into account and will utilise data provided from:
The credit union then utilises this information to assess your loan application in line with the applicable legislation and the credit unions lending policy.
Legal Basis: This basis is appropriate when we are processing personal data to comply with Irish or EU law.
Tax Liability: We must share information and documentation with domestic and foreign tax authorities to establish your liability to tax in any jurisdiction. Where a member is tax resident in another jurisdiction the credit union has certain reporting obligations to Revenue under the Common Reporting Standard. Revenue will then exchange this information with the jurisdiction of tax residency of the member. We shall not be responsible to you or any third party for any loss incurred as a result of us taking such actions. Under the “Returns of Payments, (Banks, Building Societies, Credit Unions and Savings Banks) regulations 2008” credit unions are obliged to report details to the Revenue in respect of dividend or interest payments to members, which include PPSN where held.
Regulatory and statutory requirements: To meet our duties to the Regulator, the Central Bank of Ireland, we may allow authorised people to see our records (which may include information about you) for reporting, compliance and auditing purposes. For the same reason, we will also hold the information about you when you are no longer a member. We may also share personal data with certain statutory bodies such as the Department of Finance, the Department of Social Protection, the Financial Services and Pension Ombudsman Bureau of Ireland, the appropriate Supervisory Authority if required by law.
Purpose of the Loan: We are obliged to ensure that the purpose of the loan falls into one of our categories of lending.
Compliance with our anti-money laundering and combatting terrorist financing obligations: The information provided by you to be used for compliance with our customer due diligence and screening obligations under The Money Laundering provisions of the Criminal Justice (Money Laundering and Terrorist Financing)Act 2010, as amended by Part2 of the Criminal Justice Act 2013 (“the Act”) (and any subsequent legislation).
Audit: To meet our legislative and regulatory duties to maintain audited financial accounts, we appoint an external and internal auditor. We will allow the internal and external auditor to see our records (which may include information about you) for these purposes.
Nominations: The Credit Union Act 1997 (as amended) allows members to nominate a person(s) to receive a certain amount from their account on their death, subject to a statutory maximum. Where a member wishes to make a nomination, the credit union must record personal data of nominees in this event.
Incapacity to act on your account: The Credit Union Act 1997 (as amended) provides, in the circumstances where you become unable to transact on your account, due to a mental incapability and no person has been legally appointed to administer your account, that the Board may allow payment to another who it deems proper to receive it, where it is just and expedient to do so, in order that the money be applied in your best interests. In order to facilitate this, medical evidence of your incapacity will be required which will include data about your mental health. This information will be treated in the strictest confidentiality.
Credit Reporting: Where a loan is applied for in the sum of €2,000 or more, the credit union is obliged to make an enquiry of the Central Credit Register (CCR) in respect of the borrower. Where a loan is granted in the sum of €500 or more, the credit union is obliged to report both personal details and the credit details of the borrower to the CCR.
Connected/Related Party Borrowers: We are obliged further to Central Bank Regulations to identify where borrowers are connected in order to establish whether borrowers pose a single risk. We are also obliged to establish whether a borrower is a related party when lending to them, i.e. whether they are on the Board/Management Team or a member of the Board/Management teams family or a business in which is a member of the Board/Management Team has a significant shareholding.
Legitimate Interest: A legitimate interest is when we have a business or commercial reason to use your information. But even then, it must not unfairly go against what is right and best for you. If we rely on our legitimate interest, we will tell you what that is.
Credit Assessment and Credit Reference Agencies: When assessing your application for a loan, as well as the information referred to in the above credit assessment, the credit union also utilises credit data from credit reporting agencies such as the Irish Credit Bureau and the Central Credit Register. Our legitimate interest : The credit union, for its own benefit and therefore the benefit of its members, must lend responsibly and will use your credit scoring information in order to determine your suitability for the loan applied for. When using the service of a credit referencing agency we will then pass them your personal details and the details of your credit performance.
The ICB using Legitimate Interest (GDPR Article 6 (f)) as the legal basis for processing of your personal and credit information. These legitimate interests are promoting greater financial stability by supporting a full and accurate assessment of your loan applications, aiding in the avoidance of over-indebtedness, assisting in lowering the cost of credit, complying with and supporting compliance with legal and regulatory requirements, enabling more consistent , faster decision-making in the provision of credit and assisting in fraud prevention.
Please see ICB’s Fair Processing Notice which is available at http://www.icb.ie/pdf/Fair Processing Notice.pdf. It documents who they are, what they do, details of their Data Protection Officer, how they get their data, why they take it, what personal data they hold, what they do with it, how long they can retain it, who they share it with, what entitles them to process the data, (legitimate interests), what happens if your data is inaccurate and your rights i.e. right to information, right of access, right to complain, right to object, right to request erasure and right to correction of your personal data.
Debt Collection: When you breach the loan agreement, we may use the service of a debt collection agency, solicitors or third parties to recover the debt. We will pass them details of the loan application in order that they make contact with you and details of the indebtedness in order that they recover the outstanding sums.
CCTV:We have CCTV footage installed on the premises with clearly marked signage. The purpose of this for security, public safety and the prevention of and detection of fraud. The footage is held for 28 days unless the need to deal or investigate with incidents that have been brought to the attention of management. Access to CCTV images are carefully restricted with the Credit Union and only used for the stated purposes.
Voice Recording: We record phone conversations both incoming and outgoing for the purpose of verifying information and quality of service.
Your Consent: We will carry out the below processing when we have obtained your consent and will cease processing once you withdraw such consent.
Market Research: To help us improve and measure the quality of our products and services we undertake research from time to time. This may include using the Irish league of Credit Unions and/specialist market research companies.
Art Competition: This credit union is involved with the Art competition in liaison with ILCU. Upon entry you will be given further information and asked for your consent to the processing of personal dat. Your information is processed only where you have given consent. Where the person providing consent is below 16* then we ask that the parent/legal guardian provide the appropriate consent. A separate privacy notice in included in all Art Competition Forms.
Schools Quiz: The Credit Union is involved in the Schools Quiz in liaison with the ILCU. The Schools Quiz is open to entrants aged 4 to 13 years. Upon entry parent/legal guardians will be given further information and asked for their consent to the processing of their child’s personal data. This information is processed only where consent has been given. Where the person providing consent is below 16* then we ask the parent/legal guardian provide the appropriate consent. A separate privacy notice is included in all School Quiz entry forms.
Cookies
Cookie policies are changing over time and this policy will be updated as required, meaning that notices and consent requirements may change and your experience using the website will change.
Cookies are used on our website to enhance the experience of visitors, to provide marketing and statistical information on users and site traffic, while some are necessary for the basic functioning of the site and some are discretionary.
Cookies are categorised in the following way:
Necessary:
These cookies are essential to enable you to browse around our website and use the features. Without these cookies we cannot offer you some of our services.
Statistics:
These cookies collect information on how you use our website, for example, what pages you open. The data from the cookies may be used to help optimize the website and make it easier for you to use.
We do not have affiliates and you cannot buy any services or products though the site.
These cookies do not identify you, all they do is collect aggregated information where individuals are anonymous.
Marketing:
These cookies allow our website to remember the choices you make while browsing. They may store information on geographic area and preferences. The information collected is not used identify you and cannot track your browsing history or activity online.
We do not allow third parties to use information from our website.
We use the following cookies:
| Cookie | Purpose | Category |
| CookieConsent | Stores the user’s cookie consent state for the current domain | Necessary |
You can accept or reject our cookies by clicking “Change your consent” in the website footer.
The GDPR requires a website to only collect personal data from users after they have provided their explicit consent to the specific purposes of its use with a user action (ticking a box, adjusting a slider etc).
This is why you have to make a selection on cookies when you first use the site.
Websites must comply with the following GDPR cookie consent requirements:
It is at the data controller’s discretion to identify what cookies may be deemed to be within the above categories.
Our cookie policy included the following that are excluded from consent requirements due to communication exemption:
The following are strictly necessary:
| CookieConsent | Stores the user’s cookie consent state for the current domain | Necessary |
Your Rights in connection with your personal data are to:
You have a right to complain to the Data protection Commissioner (DPC) in respect of any processing of your data by:
Telephone +353 57 8684800 +353(0)761 104 800 Postal Address:
Lo Call Number 1890 252 231 Data Protection Commissioner
E-Mail info@dataprotection.ie Canal House Station Road
Portarlington R32 AP23 Co. Laois
**Please note that the above rights are not always absolute and there may be some limitations.
You are free to submit a Subject Access Request to the Credit Union free of charge and within 30 days you will receive the copies of your personal data which the Credit Union process and information such as the source of your data, retention periods and who your data has been shared with; there is no charge for such a request.