Privacy notice summary
This Privacy Notice provides information about the ways in which New Ross Credit Union collect, use, secure, retain, share and update the personal data provided by our members.
At New Ross Credit Union, we are a data controller. As a data controller, we respect and protect the privacy of our members, the data subjects, when processing your personal data.
At New Ross Credit Union, we collect personal data from you including your name, address, phone number, email address, date of birth, PPSN, proof of ID, proof of address, account number, and any other information provided by you when availing of additional services offered by our Credit Union. The information we collect is collected at the following stages:
- Creating a membership account;
- Registration to use our online Credit Union services;
- Interacting with us for account administration, financial services or products related to your account at the teller counter or through other communications channels such as online, mail or over the phone;
- Application for additional services or products such as loan applications or insurance;
- Information about your computer when using our website, including where available, IP addresses and other related electronic information; and
- Recording through CCTV footage and telephone conversations.
The personal data we collect is used to assist in carrying out the following functions:
- Administering your account and the services we provide to you;
- Verifying your identity and the information you provide to us;
- Facilitating the provision of additional products and services such as loans and insurance;
- Assessing eligibility for loan applications and determining creditworthiness;
- Assessing how we can improve the products and services we provide to you with and future services which may be of interest;
- Developing strategy, undertaking statistical analysis, and assessing current and future Credit Union financial performance;
- Meeting legal and regulatory compliance obligations and requirements under the Rules of the Credit Union;
- For providing updates about our services by way of direct marketing to you unless you have opted out of receiving such updates;
- Undertaking due diligence exercises including credit searches with credit search agencies, and where necessary making submissions to the Central Credit Register, or for fraud and debt recovery purposes;
- For sending you marketing information that we feel may be of interest to you, unless you have opted not to receive this; and
- Obtaining information about your general Internet usage when accessing our online website by using a cookie file which is stored on your browser or the hard drive of your computer.
We only use your personal data for the purpose it was collected. We rely on performing our duties under contract in administering your account and other associated services listed above. We rely on legal and compliance obligations to process the personal data you provide us with for other specific purposes. We rely on our legitimate interests when processing your personal data for such purposes as assessing loans, determining credit worthiness, marketing to you, CCTV recording and voice recordings. We do not use your personal data for any other purpose without notifying you and seeking your consent first.
New Ross Credit Union has security measures in place including physical, technical and administrative safeguards to protect the integrity, confidentiality and security of your personal data.
Appropriate technical and organisational policies, procedures and practices are used to protect your personal data from loss, misuse and unauthorised access.
New Ross Credit Union is required to retain your personal data in certain instances for legal and compliance purposes and where a statutory retention period applies. Where your personal data is retained, it is kept in accordance with the Credit Union’s Records Retention Policy.
New Ross Credit Union will share your personal data from time to time with third parties for specific purposes such as for the administration of services we are offering you, legal, compliance and regulatory purposes.
We may share your personal data as required with regulatory authorities or with law enforcement agencies.
We may share your information with third party agents or subcontractors who work on our behalf and provide us with expertise or assistance in such areas as legal, compliance, auditors, credit agencies, IT or insurance. We have contracts in place with these agents or subcontracts to ensure the protection and security of your personal data. Where we outsource the processing of personal data, we do so under a Data Processing Agreement.
There may be circumstances where we transfer your personal data outside the EEA, such as when we use the services of online platforms or where we use a cloud-based IT system to hold your data. We safeguard your data by ensuring a minimum of one of the following safeguards is in place:
- a contract based on “model contractual clauses” approved by the European Commission, obliging them to protect your personal data; or
- with companies located in a third country approved by the European Commission under an adequacy decision; or
- with companies whose Binding Corporate Rules have been approved by relevant Supervisory Authorities in the EU.
Our members have a number of rights around the personal data we collect, process and store, including the right to:
- provide transparent information and communication to individuals;
- be kept informed. This includes details on how your data is collected, used and stored;
- request a copy of your personal data by way of subject access request;
- not be subjected to automated decision making without human intervention being available;
- rectify and update your personal data;
- request erasure of your personal data;
- withdraw consent provided to us for processing your personal data;
- object to the processing of your personal data;
- restrict the processing of your personal data; and
- portability of your personal data.
Please note that the above rights are not absolute and some restrictions and limitations may apply.
Please see below details on how to contact us in order to exercise any of your rights. You also have the right to lodge a complaint with the relevant supervisory authority, which in Ireland is, the Data Protection Commission, firstname.lastname@example.org.
There are certain notices that Credit Unions are required to provide to our members from time to time. We will contact you by mail if no other preferred communication method has been provided. Please provide your email address if you would like to receive these obligatory, non-marketing communications by email (for example the AGM notice).
Online Privacy Notice: www.nrcu.ie
Data Protection Officer: email@example.com
Address: 26 South Street, New Ross, Co. Wexford
Phone Number: 051 421143