Our Privacy Notice |
Norwich Credit Union takes data protection and data security extremely seriously.
This Privacy Notice explains the types of personal data we may collect
about you. It also explains how we’ll store and handle that data and
keep it safe. We know that there’s a lot of information here, but we want you to be fully informed about your rights, and how Norwich Credit Union uses your data. We hope the following sections will answer any questions you have but if not, please do get in touch with us. |
Conditions for Processing Data |
We are only
entitled to hold and process your data where the law allows us to. The
current law on data protection sets out a number of different reasons
for which an Advice Centre may collect and process your personal data.
These include: |
Contractual obligations |
The main purpose
for our holding your data is to provide you with finacial and
information services under the agreement we have with you. This
agreement is a contract between us and the law allows us to process
your data for the purposes of performing a loan contract (or for the steps
necessary to enter in to a loan contract). |
Legitimate Interests |
In specific
situations, we require your data to pursue our legitimate interests in
a way which might reasonably be expected as part of running the Credit Union and which does not materially impact your rights, freedom or
interests. This may include to satisfy our external quality auditors or
Regulators. |
Legal compliance |
If the law
requires us to, we may need to collect and process your data. For
example, in certain circumstances we may be required to pass on details
of people involved in fraud or other criminal activity. |
Consent |
In some situations, we can collect and process your data with your consent. When collecting your personal data, we’ll always make clear to you which data is necessary in connection with a particular service. |
When do we collect your data? |
We normally collect your data when you provide it to us or when it is provided to us by others. You may give us your data by email; through
an online web form; over the telephone; face to face; or by post. |
What sort of data do we collect? | We collect your
name and contact details. Occasionally this may include asking for and
keeping a copy of your passport/driving licence and proof of address. We may gather details of your age; etc. in particular if required to do so by the benefits where you are in receipt of benefits. Other funders also require this sometimes. We may also gather financial information from you. |
How do we use your data? |
We only use your
data for the purposes of providing you with loans, information
and assistance and, where appropriate, representation and for reasons
directly associated with those services. |
How do we protect your data? |
We take
protecting your data very seriously. The data you give us may be
subject to Legal Professional Privilege and is often extremely
sensitive and confidential. With this in mind we will treat your data with the utmost care and take all appropriate steps to protect it. We have clear data protection and information security policies and procedures in place (along with Regulatory and other legal obligations to keep your data safe) and these are regularly assessed as part of our Quality Standards and compliance processes. We protect our IT system from Cyber Attack. Access to your personal data is password-protected. We regularly monitor our system for possible vulnerabilities and attacks to identify ways to further strengthen security. |
How long will we keep your data? |
We only keep
your data for as long as is necessary for the purpose(s) for which it
was provided. |
Who do we share your personal data with? |
We sometimes
share your personal data with trusted third parties. We only do this
where it is necessary for providing you with our services and information or
for the effective operation of our service. Here’s the policy we apply to those organisations to keep your data safe and protect your privacy:
|
Where is your data processed? |
Your data is
stored and processed within the EEA. If we ever have to share your
personal data with third parties and suppliers outside the European
Economic Area (EEA) we will seek your specific consent to do so. The EEA includes all EU Member countries as well as Iceland, Liechtenstein and Norway. |
What are your rights |
You have the right to request:
To ask for your information, please contact our Office Supervisor by email:
office@norwichcreditunion.org.uk or telephone:
01603 764904
If we choose not to action your request, we will explain to you the reasons for our refusal. |
Your right to withdraw consent |
Whenever you
have given us your consent to use your personal data, you have the
right to change your mind at any time and withdraw that consent. |
Where we rely on our legitimate interest |
In cases where
we are processing your personal data on the basis of our legitimate
interest, you can ask us to stop for reasons connected to your
individual situation. We must then do so unless we believe we have a
legitimate overriding reason to continue processing your personal data. |
The Regulator |
If you feel that
your data has not been handled correctly, or you are unhappy with our
response to any requests you have made to us regarding the use of your
personal data, you have the right to lodge a complaint with the
Information Commissioner’s Office. You can contact them by calling 0303 123 1113. Or go online to www.ico.org.uk/concerns (opens in a new window; please note we can't be responsible for the content of external websites) |