DATA PRIVACY NOTICE

North Tyneside Employee Credit Union

Your personal data – what is it?

Personal data relates to a living individual who can be identified from that data. Identification can be by the information alone or in conjunct ion with any other information in the data controller’s possession or likely to come into such possession. The processing of personal data is governed by [the General Data Protection Regulation 2016/679 (the “GDPR”)

Who are we?

North Tyneside Employee Credit Union is the data controller (contact details below). This means it decides how your personal data is processed and for what purposes.

How do we process your personal data?

  • North Tyneside Employee Credit Union complies with its obligations under [the GDPR] by keeping personal data up to date;
  • by storing and destroying it securely; by not collecting or retaining excessive amounts of data;
  • by protecting personal data from loss, misuse, unauthorized access and disclosure and by ensuring that appropriate technical measures are in place to protect personal We use your personal data for the following purposes : –
  • To administer membership records;
  • To manage our employees and volunteers;
  • To maintain our own accounts and
  • To operate the North Tyneside Employee Credit Union website and deliver the services that individuals have requested.
  • To inform individuals of news, events, activities or services on offer at North Tyneside Employee Credit Union via e-mail, sms, newsletters and
  • To contact individuals to conduct research about their opinions of current services or of potential new services that may be

What is the legal basis for processing your personal data?

  • Consent of the data subject; member application to become and remain a
  • Processing is necessary for the performance of a contract with the data subject or to take steps to enter into a contract; g. loan agreements.
  • Processing is necessary for compliance with a legal obligation; e.g. loan
  • Explicit consent of the data subject; to allow marketing offers, via e-mail, newsletter, sms and post.
  • Processing is  necessary  for  carrying  out  obligations  under  employment  law  and  loan agreements .

Sharing your personal data

Your personal data will be treated as strictly confidential, but we may need to share your information with certain other organisations . The list below gives examples of the sort of information we share and who we may share it with:

  • Membership status (statistics)
  • Trade Associations
  • Details about your credit application
  • Credit Reference Agencies and Fraud Protection Agencies
  • Department of Work and Pensions
  • Local Authorities
  • Information about crime, alleged crime and anti-social behavior
  • Police
  • Details to support your application
  • Our Support Partners
  • Enforcement action
  • Our solicitors and courts and debt collection and tracing agencies
  • Regulatory Information
  • Prudential Regulatory Authority, Financial Conduct Authority,  Financial Ombudsman  Service, Financial Services Compensation Scheme
  • Details of any arrears, forwarding addresses
  • Account software Provider – e-Channel Financial Systems Ltd
  • External Auditors – Lindley Adams Ltd
  • ID Searches – Experian / CallCredit
  • Payment Services
  • Funeral Services Partners – Golden Charter
  • Solicitor services
  • Payment Services – Worldpay, AIB
  • Banking services – Unity Trust Bank, Nationwide, AIB
  • Credit Reference Agency – Experian / Call Credit

We will only share your data with third parties outside of the organisation either with your consent or through legal obligation or lawful basis for processing personal data.

How long do we keep your personal data?

We keep your personal data for no longer than reasonably necessary for a period of 6 years after you have left the credit union or 6 years after your loan has been cleared unless we have sufficient reason for retaining your data i.e. debt purposes .

Your rights and your personal data

Unless subject to an exemption [under the GDPR], you have the following rights with respect to your persona I data: –

  • The right to request a copy of your personal data which North Tyneside Employee Credit Union holds about you;
  • The right to request that North Tyneside Employee Credit Union corrects any personal data if it is found to be inaccurate or out of date;
  • The right to request your personal data is erased where it is no longer necessary for North Tyneside Employee Credit Union to retain such data;
  • The right to request that North Tyneside Employee Credit Union provide the data subject with his/her personal data and where possible, to transmit that data directly to another data controller, (known as the right to data portability).
  • The right, where there is a dispute in relation to the accuracy or processing of your personal data, to request a restriction is placed on further processing;
  • The right to object to the processing of personal data, where processing is based on legitimate interests; direct
  • The right to lodge a complaint with the Information Commissioners Office.

Further processing

If we wish to use your personal data for a new purpose, not covered by this Data Protection Notice, then we will provide you with a new notice explaining this new use prior to commencing the processing and setting out the relevant purposes and processing conditions.

Where and whenever necessary, we will seek your prior consent to the new processing. Contact Details to exercise all relevant rights, queries of complaints please in the first instance, contact us at details below.

Job applicants, current and former employees

When individuals apply to work at North Tyneside Employee Credit Union, we will only use the information they supply to us to process their application and to monitor recruitment statistics. Where we want to disclose information to a third party, for example where we want to take up a reference or obtain a ‘disclosure’ from the Criminal Records Bureau we will not do so without informing them beforehand unless the disclosure is required by law.

Personal information about unsuccessful candidates will be held for 12 months after the recruitment exercise has been completed, it will then be destroyed or deleted. We retain statistical information about applicants to help inform our recruitment activities, but no individuals are identifiable from that data.

Once a person has taken up employment with North Tyneside Employee Credit Union, we will compile a file relating to their employment. The information contained in this will be kept secure and will only be used for purposes directly relevant to that person’s employment. Once their employment with North Tyneside Employee Credit Union has ended, we will retain the file in accordance with the requirements of our retention schedule and then delete it.