At Portarlington Credit Union, we are fully committed to protecting and respecting our members’ privacy. This statement sets out the basis on which any of your personal data is processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we treat it.
We are a Data Controller for the purposes of the Data Protection Acts 1988 and 2003 (“the Acts”) and the General Data Protection Regulation (“the GDPR”) which takes effect from 25th May 2018.
If you are concerned about how your personal data may be processed in this context, please contact us by phone on 057 8623336, by fax on 057 86 23216, by email at firstname.lastname@example.org or by post to Portarlington Credit Union, Upper Main Street, Portarlington, Co Laois. Also, if you have any questions or comments regarding this privacy statement, please contact us in any of the aforementioned ways.
In using this web-site, we will only ever ask you for personal information in response to a request from you for one of our products and services and we undertake to retain this information for no longer than is necessary for the purpose for which it was obtained. The purpose of the request for information will be apparent from the type of transaction being initiated by you.
We may collect and process the following personal data relating to you:
- Information provided at the time of registering with us to use our online credit union services;
- Information that you or others provide by completing forms via our website or which you or they otherwise provide to us (including personal details such as your marital status);
- Information relating to your financial details/circumstances;
- Any instructions we accept from you or transactions we undertake to which you are a party, whether through our website, or otherwise (this information may be provided by others e.g. joint account applications);
- Information you have consented to us using;
- Other personal information such as: criminal conviction data, CCTV images at our offices and information provided when submitting a Subject Access Request (see the ‘Your Rights’ section below);
- Records of any correspondence as a result of you contacting us;
- Telephone calls may be recorded to verify your information, for purposes of staff training, to demonstrate regulatory compliance and for quality assurance purposes;
- Information about your computer, including where available, your IP address, operating system and browser type, for system administration. This is statistical data about our users’ browsing actions and patterns and does not identify any individual.
Sometimes we may use your personal information even if you are not our member. For example, you may be a nominee on an account, a guarantor, or a third party acting on behalf of one of our members. You could also be a potential member applying for membership of the credit union.
Purpose of Data Collection
We use the information we collect and hold about you as follows:
- to provide credit union and other related services, products and facilities to you;
- to assess eligibility and credibility for the services, products and facilities we offer;
- to implement any contracts we have entered into with you; and
- to conduct credit searches with credit reference agencies in order to provide credit facilities and, where necessary, for fraud prevention and debt recovery.
We may also use your information to notify you about changes to our services to which you have subscribed or to provide you with information about products or services that you request from us or, where you have agreed to us doing so, which we feel may interest you.
We may use anonymised or statistical information to analyse our website and services to make improvements or other adjustments to them.
The legal basis for retaining and/or processing your personal data
We use and share your information where:
- You have provided us with explicit consent to use that information in a specific way (you have the right to withdraw your consent at any time. See ‘Your Rights’ section below.);
- It is required for us to provide a service to you or in the completion of a contract you have entered into with us. This may also arise in the context of our responding to a request from you so that you can enter into a contract with us (e.g. a loan offer);
- We are required to do so to comply with a legal obligation (e.g. the performance of a contract, to comply with the requirements of the Criminal Justice legislation & regulation in respect of anti-money laundering/the combatting of the financing of terrorism/UN financial sanctions, reporting credit information to the Central Credit Register, reporting to the regulatory authorities and law enforcement);
- Its use is required to protect your “vital interests” in exceptional circumstances;
- Its use is required for our legitimate interests (which you may object to) in the course of managing our business including credit risk management, providing service information, conducting marketing activities, training and quality assurance, strategic planning and the purchase or sale of assets.
How we use automated processing
We may analyse your personal information using automated means to help us to :
- Understand your product and service needs from us;
- Offer you product and service information we believe may be of interest to you;
- Make assessments when you apply to us for a financial product (e.g. a loan) including credit worthiness and affordability;
- Comply with the legal and regulatory requirements to prevent money laundering, fraud and terrorist financing, for example, to screen for suspicious transactions.
Who we share your information with
In the course of providing credit union services to you, we may share your information with:
- Your authorised representative(s);
- Third parties with whom you have authorised us to share your information to facilitate transactions you have requested (e.g. budgeting and advice agencies, receivers, liquidators, examiners, Official Assignee for Bankruptcy and equivalent in other jurisdictions);
- Outsourced service providers who provide us with support services (e.g. IT support, debt collection agencies, tracing agencies);
- Statutory and regulatory bodies and law enforcement authorities;
- Credit referencing agencies;
- Pension fund administrators, trustees of collective investment undertakings and pensions trustees insurers/re-insurers, insurance bureaux;
- Healthcare professionals and medical consultants;
- Business or joint venture partners.
How long we hold your personal data for
As a general guide our data retention limits are as follows:
|Data Type||Retention Period|
|Member On-boarding / Account Due Diligence||6 years from date membership ceased or consent withdrawn (where applicable).|
|Lending||6 years from date contract ended.|
|Credit Control||6 years from date contract ended.|
|Loan Protection / Life Savings Insurance||6 years from date credit agreement ceased or date claim was processed.|
|Revenue Returns||6 years from date membership ceased or contract ended.|
|Electronic Funds Transfer||6 years from date arrangement ceased.|
|Anti-Money Laundering/Counter Terrorist Financing/Financial Sanctions||6 years from date membership ceased.|
Third Party withdrawal forms – 5 years from date arrangement ceased.
General withdrawal receipts – 14 months from date of transaction.
|Outsourced Service Provider Documentation||Permanently as data protection obligations extend beyond the contract.|
|Member Enquiries||6 years from date membership ended.|
|Account Closure Documentation||Permanently.|
|Account Transfer Documentation||6 years from date of transfer.|
|Human Resource Documentation||
General limit – 6 years from date contract ended/employment ceased.
Revenue related documentation – 6 years from date of transaction/filing.
Pension related documentation – permanently.
Disciplinary records – according to disciplinary process.
Volunteer documentation – permanently for governance purposes.
|Business Continuity documentation||6 years from relevant date.|
Statutory records – permanently.
Revenue filings – 6 years.
General documentation – 5 years.
|Complaint Handling||6 years from date of final communication regarding complaint.|
|Cash Draw Administration||Permanently – to demonstrate legal and regulatory compliance.|
Where We Store Your Personal Data
It is possible that some of the information we hold about you may be transferred to, and stored at, a destination outside the European Economic Area (“EEA”). It may also be processed by staff operating outside the EEA who work for us, one of our suppliers or someone else. For instance, if it is necessary to do so to complete a transaction, your personal information (e.g. name and account details) may be sent to a third party or one of our contracted suppliers outside the EEA.
By submitting your personal data, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy statement.
We at Portarlington Credit Union take our data protection responsibilities very seriously. All information you provide to us through this website is stored on secure servers. We employ appropriate physical and technical security measures including staff training and awareness, to prevent unauthorised access to, or alteration or destruction of your personal data in our possession and we will review these measures regularly.
You must keep your PIN, Password and Username, and any other security device we give you, safe and secure. We will never initiate a request for this information.
You should log off your online account when finished using it.
The use of the internet, by its nature, is not always secure. As a result, while we have reasonable IT security measures in place, we cannot guarantee the security or privacy of communications made over the internet.
You are responsible for providing all you require to safely and properly access and use our web site and the associated services including a computer, an internet connection and security software.
We will only disclose information submitted to us through this web site in the proper conduct of credit union business on your behalf. Such disclosure may include information required by our internal auditors, external auditors, credit referencing agencies, debt management service providers, IT service provider, legal advisors or regulators such as, the office of the Data Protection Commissioner, the Irish League of Credit Unions or the Central Bank of Ireland.
Right of Access
You have a right to a copy of your personal data held by this credit union. Therefore, you may at any time submit a written Subject Access Request to Portarlington Credit Union by post, fax or email. The credit union will reply to your request within 1 month of receipt of the written or emailed request.
A Data Access Request should be addressed to the Data Protection Officer and must include sufficient details to identify the person concerned and to help locate all relevant information.
Right of Rectification or Erasure
You have the right to have your personal information corrected, if inaccurate, or erased, if the credit union does not have a legitimate reason for retaining that information. We do however need you to submit a written request for such rectification or erasure by email, fax or post, providing sufficient details for us to identify the person and data concerned.
You have the right to ask us not to process your personal data for marketing purposes. We will request your consent (before collecting your data) if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes. You can exercise your right to prevent such processing by checking the appropriate boxes on the forms we use to collect your data. You can also exercise the right to withdraw your consent at any time where processing is based on consent by contacting us at email@example.com
With the introduction of the GDPR with effect from 25th May 2018, you also have the following rights:
- To object to the particular use of your personal information for our legitimate business interests;
- In certain circumstances, to have your personal information deleted or our use of your information restricted;
- In certain circumstances, to not be subject solely to automated decision making and where we make such automated decisions, you have the right to have a person review the decision;
- To data portability (i.e. to have access to a transferable copy of the personal information we hold to transfer it to another service provider).
Cookies do not in any way compromise the security of your computer. You can continue to use this website with no loss of functionality if you choose to disable cookies on your computer.
To ensure your cookie settings are to your preference you should modify your personal browser preferences. More general information on cookies can be found on aboutcookies.org. This includes information on how to disable cookies.
Technical details relating to visits to this website are logged by our internet service provider for our statistical purposes.
The main purposes for which the cookies are used are:-
- Necessary Cookies: For purposes essential to effective operation of our websites.
- Functional Cookies: To allow Portarlington Credit Union’s website to remember choices you make and provide enhanced more personal features (examples would include preferred language, keeping track of progress when filling in online application forms).
- Performance Cookies: To enable us to collect information about the browsing habits and activities of website visitors, including to monitor the success of campaigns, etc.
- Targeting Cookies: These remember individual websites you have visited and help us to present relevant and targeted online advertising to you. When targeting cookies have been placed on your device, they can be recognised by subsequent websites you visit, and this allows those sites to present targeted credit union advertising to you. While targeting cookies can track your visits around different websites, the information collected is anonymous. Life cycle 30 days.
How to manage and disable cookies?
For more information about how to manage cookies, including opting-out of different types of cookies please visit: http://www.aboutcookies.org
You can also find more information about how to opt-out of targeting cookies by visiting: http://www.youronlinechoices.com
Changes to our Privacy Statement
Any changes we may make to our privacy statement in the future at our sole discretion, will be posted on this page from time to time.
We shall not be liable in respect of any claims, emergencies, demands, causes of action, damages, losses, expenses including without limitation, reasonable legal fees and costs of proceedings arising out of or in connection with the use and/or dissemination of personal information relating to you in accordance with this privacy statement and your consents.
You should be aware that where you link to another website from ours, that we have no control over that other website. We have no responsibility for the privacy practices of other websites and Portarlington Credit Union recommends you consult the privacy information on those sites.
We use Google Analytics to collect anonymised tracking data including the pages you have visited, the amount of time spent on each page, the website you have come from before visiting this website, your location (country and/or region) and other non-personal information. We do not collect any Personally Identifiable Information.
Questions, comments and requests regarding this privacy statement are welcomed and should be addressed to firstname.lastname@example.org
If you wish to exercise any of your data protection rights, you can contact us via any of the mechanisms outlined in the ‘Identity’ section of this statement.
If you are unhappy with how the credit union has handled your personal data, you may address your complaint in writing to the Complaints Officer, Portarlington Credit Union, Upper Main Street, Portarlington, Co Laois. Your complaint will be handled through our Complaints Handling Procedure and if you remain unhappy with the outcome of this process you have the right to complain to the Data Protection Commission or another supervisory authority. The Office of the Data Protection Commissioner may be contacted at:
Telephone: +353 (0)761 104800 or Lo Call Number 1890 252 231
Fax: +353 57 8684757
Postal Address: Data Protection Commission, Canal House, Station Road, Portarlington, R32 AP23, Co Laois.
Portarlington Credit Union is regulated by the Central Bank of Ireland.
Date: April 2018