Privacy

PRIVACY POLICY

Dumbarton Credit Union Privacy Notice

We are committted to protecting the privacy and security of our members' personal information.

Any information marked as mandatory for membership is required to either meet legal obligations or to enable us to perform our contract with you.  Where you are unable to provide us with this information, we may not be able to open an account for you.  Where we request further information about you not required for these reasons, we will ask you for your consent.

How we use your personal information

Dumbarton Credit Union may process, transfer and/or share personal information in the following ways:

For legal reasons, to:

• confirm your identity;
• perform activity for the prevention of financial crime;
• carry out internal and external auditing;
• record basic information about you on a register of members.

For performance of our contract with you, to:

• deal with your account(s) or run any other services we provide to you;
• consider any application made by you;
• carry out credit checks and obtain and provide credit references;
• undertake statistical analysis, to help evaluate our members' needs and manage our business;
• send statements, new terms and conditions (including changes to this privacy notice) and information about changes to the way your account(s) operate; and
• notify you of our general meetings of members.

For our legitimate interests, to:

• recover any detbs owed to us.

With your consent, to:

• maintain our relationship with you including marketing and market research (if you agree to them).

Sharing your personal information

We will disclose information outside the credit union to:

• third parties to help us confirm your identity to comply with money laundering legislation;
• credit reference agencies and debt recovery agents who may check the information against other databases - private and public - to which they have access;
• any authorities if compelled to do so by law (e.g. HM Revenue & Customs to fulfil tax compliance obligations);
• fraud prevention agencies to help prevent crime or where we suspect fraud;
• any persons, including, but not limited to, insurers, who provide a service or benefits to you or for us in connection with your account(s);
• our suppliers for them to provide services to us and/or to you on our behalf.

Where we send your information 

Dumbarton Credit Union does not directly send information to any country outside the European Economic Area, however, any party receiving personal data may also process, transfer and share it for the purposes set out above and in limited circumstances this may involve sending your information to coutries where data protection laws do not provide the same level of data protection as the UK.  For example, when complying with international tax regulations we may be required to report personal information to the HM Revenue and Customs which may transfer that information to tax authorities in coutries where you are a connected person may be tax resident.

Retaining your information

Dumbarton Credit Union will need to hold your information for various lengths of time depending on what we use your data for. In many cases we will hold this information for a perid of time after you have left the credit union.

Credit Reference Agencies

To process credit applications that you make we will supply your personal information to credit reference agencies (CRAs) and they will give us information about you, such as about your financial history.  We do this to assess credit worthiness and product suitability, check your identity, manage your account, trace and recover debts and prevent criminal activity.

We will continue to exchange information about you with CRAs on an ongoing basis, including about your settled accounts and any debts not fully repaid on time.  CRAs will share your information with other organisations. Your data will also be linked to the data of your spouse, any joint applicants or other financial associates.  This may affect your ability to get credit.

The identities of the CRAs, and ways in which they use and share personal information, are expalined in more details on:

• Callcredit at www.callcredit.co.uk/crain
• Equifax at www.equifax.co.uk/crain
• Experian at www.experian.co.uk/crain

YOUR RIGHTS 

Your duty to inform us of changes

It is important that the personal information we hold about you is accurate and current.  Please keep us informed if your personal information changes.

Your rights in connection with personal information

Under certain circumstances, by law you have the right to:

• Request access to your personal information (commonly known as a 'data subect access request'). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.
• Request correction of the personal information that we hold about you.  This enables you to have any incomplete or inaccurate information we hold about you corrected.
• Request erasure of your personal information.  This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it.  You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing.
• Request the restriction of processing of your personal information.  This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
• Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground.  You also have the right to object where we are processing your personal information for direct marketing purposes.
• Request the transfer of your personal information to another party.

If your want to review, verify, correct or request erasure of your personal information, object to the processing or your personal data or request that we transfer a copy of your personal information to another party, please contact us as follows:

• In person - 147 High Street, Dumbaton, G82 1NZ
• By email to - enquiries@dumbartoncreditunion.org
• By telephone - 01389 768585
• In writing - Dumbarton credit Union, 147 High Street, Dumbarton, G82 1NZ

What we may need from you 

We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights).  This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.

Time limit to respond

We will aim to respond to all legitimate requests within one month of receivng them and verifying your identity.  Occasionally it may take us longer than this if your request is particularly complex and you have made a number of requests.  In this case, we will notify you and keep you updated.

Complaints to the regulator

If you do not think that we have processed your data in accordance with this notice you have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues.  You can contact them by going to their website at ico.org.uk, phoning them on 0303 123 1113 or by post to: Information Commissioner's Office, Wycliffe House, Water Lane, Wilsmlow, SK9 5AF.