Privacy Policy

Introduction

Merthyr Tydfil Borough Credit Union respects the rights of users of our website and is committed to protecting your privacy and ensuring that you continue to trust us with your personal data.

“Personal Data” is personal information about you as an individual such as your name, email address, address, telephone number and any information relating to you that we hold.

We will not collect your personal data on this website without your permission or otherwise in accordance with Data Protection legislation.

This Privacy Notice sets out:

  1. Third party web sites
  2. Scope
  3. Acceptance
  4. What personal data we collect and why we collect it
  5. Consent
  6. Who we share your personal data with
  7. Your rights
  8. Data security and retention
  9. Information Security and Data Privacy awareness
  10. How to contact us

Third Party Websites

Our web site contains links to other web sites. We are not responsible for the privacy practices of these other sites. We encourage you to be aware of this when you visit these sites and to read the privacy statements on other web sites you visit. This Privacy Notice applies solely to our web site.

Scope

This Privacy Notice applies to the personal data that we collect about you on our website or mobile application for the purpose of operating the website and providing

· information about your Credit Union

· access to your account details and transactions (Online Banking)

· feedback features

· online membership and loan application facilities

· control over your contact preferences

Acceptance

By using our website or mobile application or by giving us your personal data, you accept the practices described in this Privacy Notice. If you do not agree to this Privacy Notice, please do not use our website or mobile application or give us any of your personal data.

We reserve the right to make changes to this Privacy Notice at any time and we encourage you to review this notice regularly to make sure you are aware of any changes and how your personal data may be used.

What personal data we collect and why we collect it

4.1 Information that you provide to us

When you submit an enquiry to us via our Enquiry Form or submit feedback, we ask that you submit your member number (optional), your name and email address along with your query or feedback. We ask for this information so that we can respond to your query.

When you apply for a loan via our website we will ask for information necessary to process your loan request such as Credit Union account details, your name, address, contact details, date of birth, marital status, accommodation details, employment and salary information and current debt information.

If you apply for membership of the Credit Union via our website we will ask for your name, address, phone number(s), email address, date of birth, employment and accommodation information.

If you register for Online Access we will ask for your Credit Union member number, your name, date of birth, phone number and email address. This information is necessary to process your application for Online Access.

4.2 Data gathered from all visitors to our website

When someone visits our website we use a third party service, Google Analytics, to collect standard internet log information and details of visitor behaviour patterns.

We do this to understand how our website is used by our visitors, for example how often various parts of the site are visited. This information is stored in an anonymous manner and you are not identified by this information.

We also gather the following technical details about visits.

· Your IP address

· Your web browser and operating system

· Date and time you visited various pages on our website

We also store cookies on your computer.

4.3 What are Cookies?

Cookies are files which are transferred to your computer's hard disk by a website. Cookies can store information about your preferences and other information which you need when you visit a website. The Credit Union uses cookies to monitor our website traffic, to ensure better service levels and in order to provide you with certain features such as the customised delivery of certain information.

To prevent the use of cookies you should activate the facility which is available in most web browsers that enables a user to deny or accept cookies. Click here to find out how to enable and deny cookies.

For more information about cookies see www.allaboutcookies.org

4.4 Why do we collect your personal data and what do we do with it?

We collect data for the following purposes

· to enable the correct functioning of this website

· to allow us to process queries or feedback that you submit to us

· to process applications for membership, access or credit that you submit to us

All the personal data that you submit is processed in the Credit Union by our staff. However, for the purposes of IT hosting and maintenance some of this information is located on servers within the European Union.

4.5 Are there consequences to not supplying Personal Data?

We need to collect your personal data in order to process your applications for membership,

Consent

5.1 What consent do we ask for?

We will ask you for your consent to process loan application information (including disclosing it to third parties necessary for its processing) and to submit your information to a Credit Check bureau. You are may decline to grant this consent however without this consent we will be unable to process your application.

We may also ask for your permission to send you marketing material about carefully selected products and services that we feel would be of interest to you. You may decline to grant this permission without consequence.

5.2 Can I withdraw my consent at any time?

Yes. You must be logged in as a Credit Union user in order to manage your consent online. When logged in you may manage your consent by clicking here.

Alternatively, you may write to us or call into Merthyr Tydfil Borough Credit Union at 139 High Street, Merthyr Tydfil, CF47 8DN

Who we share your personal data with

6.1 Information Technology service providers

We have engaged third parties for the supply of Information Technology services which allow us to process your information. These parties process your information under contract to us and are subject to the same European and national Data Protection laws as are we.

6.2 Transfer of information

We do not transfer your information outside of the EU.

Your information is processed entirely within the EU and, as such, is protected by European-wide Data Protection regulations.

Your rights

You have the following rights:

7.1 Access

You have the right to obtain from us confirmation as to whether or not we hold your personal data. Where that is the case, you have the right to request a copy of the data and information about it such as how long we will hold it and to whom we disclose it.

7.2 Rectification

Where your personal data is incorrect or out of date you have the right to submit a correction and require us to correct your data.

7.3 Erasure

Where your personal data is no longer required for the purposes for which it was gathered and we have no regulatory obligation to retain it, you may instruct us to erase it.

7.4 Restriction

You may require us to restrict processing of your data under certain circumstances.

7.5 Object

You can object to certain types of processing, in particular any direct marketing.

7.6 Data Portability

You can request a copy of your personal data in a structured, commonly used, machine-readable and interoperable format for transmission to another controller.

7.7 Withdrawal of Consent

Where our processing of your data is based on consent - for example, marketing - you may withdraw that consent at any time. You must be logged in to manage your consent online. Click here to manage your consent.

7.8 Lodge a Complaint

You may lodge a complaint with a Supervisory Authority in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of your personal data infringes Data Protection law.

Data Security and Retention

We do not retain your personal information for longer than we need to in order to meet the objectives for which it was gathered.

When we are moving your data from one location to another, whether physically or digitally, your data will be encrypted. Where appropriate, data will be encrypted at rest.

Information Security and Data Privacy awareness

We provide Information Security and Data Privacy awareness training to all of our staff and we require any of our contracted suppliers who process your data to also provide similar awareness training to their staff.

How to contact us

10.1 Credit Union

This is the website of Merthyr Tydfil Borough Credit Union, 139 High Street, Merthyr Tydfil, CF47 8DN.

Phone: 01685 377888

Email: info@mtbcu.org.uk

10.2 Data Protection Officer

Queries relating to Data Protection or relating to exercising any of your Data Privacy rights should be directed to our Data Protection Officer:

Name: Merthyr Tydfil Borough Credit Union

Phone: 01685 377888

Email: info@mtbcu.org.uk