Ballybay Credit Union Limited Privacy Statement
1. About Us
Ballybay Credit Union is committed to protecting the privacy and security of your personal information. This statement (together with our Website Terms and Cookies Policy) sets out the basis on which any of your personal data is processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we treat it.
By ‘personal data’ or ‘personal information’ we mean personal and financial information about you which we obtain from you or from third parties. We reserve the right to modify this Privacy Statement at any time. You should read this Privacy Statement carefully and revisit this page from time to time to review any changes that we may make.
The following discloses our information gathering and dissemination practices relating to this website. In order to fully understand your rights, we encourage you to read this Privacy Statement and to consult our Terms. Each time you use this website you will be bound by the then current Privacy Statement and you should review this each time you use the website to satisfy yourself that you are happy with it.
This website may, from time to time, contain links to and from the websites of third parties. Any external links to other websites are clearly identifiable as such and we are not responsible for the content or the privacy statements of these other websites. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
2. Purpose of Data Collection, Processing or Use
A credit union is a member-owned financial cooperative, democratically controlled by its members, and operated for the purpose of promoting thrift, providing credit at competitive rates, and providing other financial services to its members. Data collection, processing and use are conducted solely for the purpose of carrying out the abovementioned objectives.
3. What personal data do we use?
We may collect, store, and use the following categories of personal information about you, depending on the services that you require, including:
- Your name, address, date of birth, email, telephone number, account number, financial data, status and history, contract data, details of the credit union products you hold with us.
Depending on the services that you require, we need different categories of information in the list above to allow us to identify you, contact you, comply with our legal obligations, meet legal and compliance obligations, for our legitimate interests or requirements under the Rules of the Credit Union and in order that we perform our contract with you. We also need your personal identification data to enable us to comply with legal obligations. Some of the above grounds for processing will overlap and there may be several grounds which justify our use of your personal data.
We may obtain information about your general Internet usage by using a cookie file which is stored on your browser or the hard drive of your computer. Cookies contain information that is transferred to your computer’s hard drive. They help us to improve our website and to deliver a better and more personalised service. Some of the cookies we use are essential for the Website to operate. For more information please see our Cookies Policy.
5. What we do with your information
We use information held about you in the following ways:
- to provide credit union and other related services, products and facilities to you;
- to assess eligibility and credibility for the services, products and facilities we offer;
- to implement any contracts we have entered into with you; and
- to conduct credit searches with credit reference agencies in order to provide credit facilities and, where necessary, for fraud prevention and debt recovery.
When you consent we may also use information about you to notify you about changes to our services to which you have subscribed or to provide you with information about products or services that you request from us or, where you have agreed to us doing so, which we feel may interest you.
When you consent we may use anonymised or statistical information to analyse our website and services and to make improvements or other adjustments to them. We do not, without your consent, disclose information about identifiable individuals to third parties, but we may provide anonymised statistical data to them for research and survey purposes.
When you consent the non-personal information collected about your computer may be used for system administration purposes. This is statistical data about our users’ browsing actions and patterns, and does not identify any individual. Data may be gathered by us for analytical reasons, and is used to help us to better understand the requirements of our users. We may share non-personal information and aggregated information with our partners so that they too may create a better overall experience for our users.
6. Disclosure of your information
We may disclose your personal information to approved contractors or sub-contractors working our behalf. We may also disclose your personal information to third parties:
- If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our Terms and other agreements; or to protect your rights, property, or safety and that of our users, or others; or
- As part of a due diligence exercise or sales process or other corporate transaction connected with us.
7. Security for CU Online
We understand how important the security and confidentiality of your personal information is to you. Keeping any personal information provided to us secure is a top priority for us. We take all reasonable steps (including appropriate technical and organisational measures) to protect your personal information.
All our third-party service providers are required to take appropriate security measures to protect your personal data in line with our policies. We do not allow our third-party service providers to use your personal data for their own purposes unless they are deemed to be controllers in their own right. We only permit them to process your personal data for specified purposes and in accordance with our instructions. Usually, information will be anonymised but this may not always be possible. The recipient of the information will also be bound by confidentiality obligations.
All information you provide to us through CU Online is stored on secure servers. Any payment transactions undertaken through CU Online are encrypted using SSL technology.
You must keep your PIN, Password and Username for CU Online, and any other security device we give you, safe and secure. You should log off CU Online and your Online Account when finished using CU Online.
The use of the Internet, by its nature, is not always secure. As a result, while we have reasonable IT security measures in place, we cannot guarantee the security or privacy of communications made over the Internet including any related to CU Online, the Online Services or your Online Account. For this reason, we cannot ensure or warrant the security of any information you transmit to us and you transfer the data at your own risk.
In accessing this website and in availing of any of the services/information available on or via this website, you accept and are deemed to accept that email messaging and internal communication may not be free from interference by third parties and may not remain confidential. The use by you of this website is at your sole risk.
You are responsible for providing all you require to safely and properly access and use CU Online and the Online Services including a computer, an Internet connection and security software.
8. Transfers of Data outside EEA
The data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area (“EEA”). It may also be processed by staff operating outside the EEA who work for us, for our data processors or for service providers that we may use to provide services to you. Transfers will only happen when appropriate legal instruments are in place. We will take all steps reasonably necessary, including putting in place an appropriate contract with any third party service provider, to ensure that your data is treated securely and in accordance with this Privacy Statement and the requirements of EU law.
9. Your Rights
- The following are your rights in connection with your personal data.
- To find out whether we hold any of your personal data and if we do to request access to that data that to be furnished a copy of that data. You are also entitled to request further information about the processing.
- Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you rectified.
- Request erasure of your personal information. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have exercised your right to object to processing (see below).
- Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal data for direct marketing purposes.
- Request the restriction of processing of your personal information. You can ask us to suspend processing personal data about you, in certain circumstances.
- Where we are processing your data based solely on your consent you have a right to withdraw that consent at any time and free of charge.
- Request that we: a) provide you with a copy of any relevant personal data in a reusable format; or b) request that we transfer your relevant personal data to another controller where it’s technically feasible to do so.
- Relevant personal data is personal data that: You have provided to us or which is generated by your use of our service, which is processed by automated means and where the basis that we process it is on your consent or on a contract that you have entered into with us.
You have a right to complain to the Data Protection Commissioner in respect of any processing of your data at:
Data Protection Commissioner
Canal House Station Road
Portarlington R32 AP23 Co. Laois
+353 (0)57 868 4800
+353 (0)761 104 800
1890 252 231
Please note that the above rights are not always absolute and there may be some limitations. If you want access and/ or copies of any of your personal data or if you want to review, verify, correct or request erasure of your personal information, object to the processing of your personal data, or request that we send you or a third party a copy your relevant personal data in a reusable format please contact our Data Protection Officer in writing using their contact details above.
There is no fee in using any of your above rights, unless your request for access is clearly unfounded or excessive. We also reserve the right to refuse to comply with the request in such circumstances.
We may need to verify your identity if we have reasonable doubts as to who you are. This is another appropriate security measure to ensure that personal data is not disclosed to any person who has no right to receive it.
10. Ensuring our information is up to date and accurate
We want the service provided by us to meet your expectations at all times. Please help us by telling us straight away if there are any changes to your personal information. If you wish to avail of either of these rights, please contact us using our contact details at the top of this document.
11. Changes to our Privacy Statement
We will make changes to this statement from time to time, particularly when we change how we use your information and change our technology and products. Any changes we may make will be posted on this page.
12. Contact Us
If you wish to discuss any of your personal data or want a specific piece of Data please contact us in the first instance and we will be more than happy to assist you.
Ballybay Credit Union
4 Main Street
Data Protection Officer Contact Details
Name/Title John Nealon
Qualification Details www.dataprotectionservice.ie