CU Online LoginThe Lough Credit Union Summary Privacy Statement
“Personal Data” means data which identifies a person or could identify a person, such as their name, contact details and financial data. It applies to Personal Data that we process in connection with your relationship with us as a member, supplier, partner, investor, visitor to our Website or prospective employee.
Every individual has a right to understand how their Personal Data is being used and to exercise control over it using rights which are set out in law under the General Data Protection Regulation (“GDPR”).
As a member-owned and cooperative institution The Lough Credit Union strives to provide a safe place for our members to save and borrow at reasonable rates. We extend our ethos to protecting your personal information. We make the following commitments. We will
- process your personal information in a lawful, fair and transparent manner
- not send you marketing emails if you do not want to receive them
- always ensure that we only share your Personal Data with third parties where necessary and only after thorough third-party due diligence
- ensure appropriate technical and organisational measures are in place to protect your Personal Data and keep it secure
If you have further questions, please get in touch with us at dpo@loughcu.ie
You have the right to lodge a complaint with a supervisory authority, in particular in the country where you reside, place of work or place of the alleged infringement if you consider that the processing of Personal Data infringes the GDPR.
The contact details for the Data Protection Commission (DPC) in Ireland are:
Email: info@dataprotection.ie
Address: 21 Fitzwilliam Square South, Dublin 2, D02 RD28
Tel Lo-Call: 1890 252 231
The Lough Credit Union
General Privacy Statement
Effective Date: October 2019
In this Privacy Statement you will find the following information laid out in sections to make it easier to find the information you want.
- ABOUT THE LOUGH CREDIT UNION
- THE PURPOSE AND STRUCTURE OF OUR PRIVACY STATEMENT
- WHO OUR PRIVACY STATEMENT APPLIES TO
- CATEGORIES OF PERSONAL DATA
- OUR LEGAL BASIS
- OUR PROCESSING ACTIVITIES
- SOURCES OF PERSONAL DATA
- DISCLOSURE OF PERSONAL DATA
- SECURITY MEASURES
- TRANSFERS OUTSIDE THE EEA
- RETENTION
- YOUR RIGHTS UNDER THE GDPR
- AMENDMENTS TO THIS PRIVACY NOTICE
- OUR CONTACT INFORMATION
- SUPERVISORY AUTHORITY
PRIVACY STATEMENT – MEMBER ACCOUNTS
PRIVACY STATEMENT – LOAN ACCOUNTS
PRIVACY STATEMENT – WEBSITE USERS
PRIVACY STATEMENT – ONLINE BANKING USERS (CU ONLINE)
1. ABOUT THE LOUGH CREDIT UNION
We provide general information about the Credit Union and our contact details.
The Lough Credit Union (the “Credit Union”) is a progressive Credit Union in Cork City that has been in operation at the heart of the community for over 50 years. Our mission is to provide financial services for all our members residing, working and studying in our community, offering products and services driven by the needs of our members. In order to provide our services, we need to process Personal Data. We are committed to protecting the rights and privacy of individuals in accordance with data protection legislation including the General Data Protection Regulation in Europe (the “GDPR”).
2. THE PURPOSE AND STRUCTURE OF OUR PRIVACY STATEMENT
This section sets out the basis on which any Personal Data we collect from you, or that you provide to us, will be used by us.
Please read this Privacy Statement carefully to understand our views and practices regarding the Personal Data we collect and how we will treat it.
3. WHO OUR PRIVACY STATEMENT APPLIES TO
This section provides information relating to the data subjects whose Personal Data we process.
This Privacy Statement provides specific information relating to the following data subjects whose Personal Data we process:
- Credit Union members;
- individuals who may become members of the Credit Union;
- individuals who are party to or connected with any of the services we offer our members such as beneficiaries, guarantors, relations or representatives of one of our members;
- business contact details including those of our suppliers and partners;
- members of the public and non-members who pass by and/or visit the Credit Union and whose images are captured on CCTV;
- users/visitors of our Website; and
- prospective employees of the Credit Union.
Personal Data of employees and certain individuals serving as board members and volunteers of the Credit Union is dealt with in a separate internal privacy notice.
4. CATEGORIES OF PERSONAL DATA
This section provides information relating to the categories of Personal Data we process.
We may collect, store, and use the following categories of Personal Data about you:
Identification Data
This includes name, marital status, title, data of birth, gender, PPSN, photographs, job title and employer. It also includes background and verification data such as a copy of passports, driver’s license or utility bills as well as other information we require to comply with our obligations under anti-money laundering legislation.
Contact Data
This includes email address, phone number, postal address, billing address.
Member Financial Data
This includes financial data such as your account status and history, transaction data, contract data, credit checks, details of the Credit Union products being used. This also includes payment related information or bank account details and financial data received as part of the services that we offer. With loans we may also request broader information around your financial income and outgoings such as salary, occupation, accommodation status, mortgage details, other loans and debts, previous addresses, spouse, partners and we may request further information to support the purpose for the loan.
Correspondence Data
If you interact with us, we will record details of those interactions. For example, we will process details of phone calls, email correspondence and hard copy correspondence.
Marketing Data
This includes your preferences in receiving marketing from us and your correspondence preferences.
CCTV Data
We operate CCTV cameras at the Credit Union. If you pass by and/or visit either of The Lough Credit Union offices, your image may be recorded on CCTV.
Recruitment Data
If we interact with you for the purposes of any job with the Credit Union, we will collect recruitment related data such as identity data, CV data and application data as part of the recruitment process.
When processing CV data, we may process certain Personal Data including the following: date of birth, employment history, skills/ experience, languages, educational history, qualifications, membership of professional associations, contact details of employer references/character references, licenses held, interests and hobbies, languages, locations, nationality, passport, eligibility to work in certain jurisdictions, salary expectations.
As part of processing Recruitment Data, we process interview/screening answers.
Web Data
When you interact with us online we will automatically collect data about your use of our services, including data on the type of device you’re using, its IP address, operating system, referral source, length of visit, page views and website navigation paths, as well as information about the timing, frequency and pattern of Website use.
This information is collected at an aggregate level and your identity data is not stored as part of this technical data.
Special Categories of Personal Data
When we provide our services, we may process special categories of Personal Data. Under the GDPR special category Personal Data includes Personal Data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation.
The special category Personal Data that may be processed by the Credit Union include:
Health Data
When you are taking out a loan the Credit Union may ask you to make a health declaration in order to obtain insurance cover for the loan.
Other Special Category Data
Special categories of data relating to political opinions, religious or philosophical beliefs, or trade union membership, or data concerning a natural person’s sex life or sexual orientation may be inferred from information you provide such as when you make payments to a religious or political organisation. Such information is incidental to the purposes of processing and we do not further process this information for any other purpose.
From time to time members may provide special category data to us to support a loan application. For instance, members may be applying for a loan to finance a medical procedure and may furnish information relating to the procedure. While we ask generally for information to support a loan application, we never ask for medical information or other special category data in these circumstances. It is our policy if it is provided to us to return such information to the member.
5. OUR LEGAL BASIS
We have set out here the legal basis we use to process Personal Data.
All processing of Personal Data must be lawful. Processing will only be lawful if we have a legal basis for processing.
Contract
We will process Personal Data where necessary to perform our obligations relating to or in accordance with the terms and conditions of any contract you enter into with the Credit Union (such as the membership agreement or loan agreement) or to take steps at your request prior to entering into such agreement.
Legal Obligation
We will need to process certain Personal Data in order to comply with any legal or regulatory obligations imposed on us, such as to comply with legal obligations connected with “know your customer” requirements under anti-money laundering (AML) laws, or under anti-money counter terrorist financing law.
Consent
We will process Personal Data where you have provided explicit consent to us processing it for a particular purpose.
Legitimate Interest
At times we will need to process your Personal Data to pursue our legitimate business interests, for example for administrative purposes, to collect debts owing to us, to make legal claims, to provide information to you, to operate, evaluate, maintain, develop and improve our Websites and services or to maintain their security and protect intellectual property rights.
We will not process your Personal Data on a legitimate interest basis where the impact of the processing on your interests and rights outweigh our legitimate interests.
If do not want us to process your Personal Data on the basis of our legitimate interests, contact us at dpo@loughcu.ie and we will review our processing activities.
6. OUR PROCESSING ACTIVITIES
We have set out below the general purpose of processing, the categories of Personal Data processed and the related lawful basis for processing.
We use Personal Data to provide you with our services and to assist us in the operation of the Credit Union. Under data protection law, we must ensure that the purpose of processing is clear.
| Purpose of Processing | Categories of Personal Data | Lawful Basis |
|
Member Application and account set-up and administration Please see our Member Accounts Privacy Statement for further information
|
· Identification Data · Contact Data · Correspondence Data · Financial Data |
· Contract · Legal Obligation · Consent |
|
Loan application and approval, loan administration and debt collection Please see our Loan Accounts Privacy Statement for further information |
· Identification Data · Contact Data · Correspondence Data · Financial Data · Health Data |
· Contract · Legal Obligation · Legitimate Interests |
|
Credit Union Online services
Please see our Online Privacy Statement for further information |
· Identification Data · Contact Data · Correspondence Data · Financial Data |
· Contract · Legal Obligation · Consent |
| Budgeting services such as Payzone, MABS and budget accounts |
· Identification Data · Contact Data · Correspondence Data · Financial Data |
· Contract · Legal Obligation · Consent |
| Member insurance Services |
· Identification Data · Contact Data · Correspondence Data · Financial Data · Health information |
· Contract · Legal Obligation
|
| Other member benefits including competitions |
· Identification Data · Contact Data |
· Consent · Legitimate Interests |
|
Recruiting staff to the Credit Union including: · to contact you in connection with any job position we may have open · to check your suitability for the role · to fulfil the recruitment needs of the business. |
· Identification Data · Contact Data · Correspondence Data · Recruitment Data · Contact Data |
· Legitimate Interests · Consent |
|
To deliver our Website including: · to promote our products and services · to administer the Website · to ensure the safety and security of our Website and our services.
Please see our Website Privacy Statement for further information
|
· Web Data |
· Legitimate Interests · Consent |
|
Marketing and promotion of our business including: · to send newsletters and other information that may be of interest · to contact you as part of our business relationship or for lead generation and general administration
|
· Contact Data · Correspondence Data · Identification Data |
· Legitimate Interests · Consent |
|
Administration of our relationship including: · to manage/respond to a complaint/appeal · to keep you informed about the operation of the Credit Union · to notify you of updates to this Privacy Statement; |
· Contact Data · Correspondence Data · Identification Data
|
· Legitimate Interests · Legal Obligation |
|
To meet our regulatory obligations: · To comply with Central Bank reporting, compliance and auditing regulatory activities · To comply with revenue reporting obligations · To comply with anti–money laundering (AML) and the countering of the financing of terrorism (CFT) regulations. |
· Identification Data · Correspondence Data · Financial Data |
· Legal Obligation |
| Prevention of fraud and ensuring security of the Credit Union | · CCTV Data | · Legitimate Interests |
7. SOURCES OF PERSONAL DATA
We have set out below the sources of Personal Data we collect.
We may obtain Personal Data from you directly or from a third party.
Credit Unions Members and their representatives
We may collect your Personal data directly from you when you:
- make an enquiry or apply for membership of the Credit Union;
- apply for a loan or act as guarantor on a loan;
- transact with us either in the Credit Union or via online banking;
- avail of any of our member services such as our bill payment or foreign exchange services;
- interact with us on behalf of a Credit Union member;
- participate in our member draws, competitions or other promotional events;
- pass-by or enter the Credit Union premises where CCTV is located;
- apply for a job or enquire about volunteering with us;
- enter a competition run by the Credit Union;
- market or provide your services to us;
- follow us on social media;
- when you visit our website or submit an inquiry via an online form.
Third Parties
We may collect your Personal Data from a 3rd party when we:
- conduct background checks, including “know your customer” checks;
- consult credit referencing agencies such as the Irish Credit Bureau and the Central Credit Register;
- are recruiting and you have provided your Personal Data to a recruitment agency for the purpose of sharing it with us.
Beneficiaries
In some cases, we are provided your Personal Data when a member nominates you as a beneficiary on their account.
8. DISCLOSURE OF PERSONAL DATA
We have set out below the parties to which we may disclose your Personal Data.
In certain circumstances, we may disclose Personal Data to third parties as follows:
- business partners and sub-contractors including, payment processors, data aggregators and hosting service providers;
- authorised officers or employees of the Irish League of Credit Unions (“ILCU”) for the purpose of the ILCU providing professional and business support services to the Credit Union and for the administration of the ILCU Savings Protection Scheme;
- ECCU Assurance DAC (“ECCU”) for the administration of insurance products and services offered to Credit Union members such as Life Savings, Loan Protection and Death Benefit Insurance
- domestic and foreign tax authorities to establish your liability to tax in any jurisdiction;
- the regulator and the Central Bank of Ireland for reporting, compliance and auditing purposes;
- internal and external auditors who advise on how we can best meet our obligations and improve our ways of operating;
- our insurers and/or professional advisers insofar as reasonably necessary for the purposes of obtaining and maintaining insurance coverage, managing risks, obtaining professional advice and managing legal disputes;
- analytics and search engine providers that assist us in the improvement and optimisation of the Website. This consists of aggregated anonymous information only and relates to the web pages visited on the Website and not the information included on those web pages;
- if our Credit Union is merged with another Credit Union or acquired by a third party, in which case Personal Data held by us will be one of the transferred assets;
- if we are under a duty to disclose or share your Personal Data in order to comply with any legal obligation, or in order to enforce or apply the terms of any agreement;
- to protect our rights, property, or safety, or that of you or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection;
- as required by law, in order to meet the requirements of relevant legislation such as the Credit Union Act 1997. We will disclose your Personal Data if necessary, to:
o comply with a legal obligation;
o protect or defend our rights, interests or property or that of a third party;
o prevent or investigate possible wrongdoing in connection with our services;
o act in urgent circumstances to protect the personal safety of one or more individuals; and
o to protect against legal liability.
When we engage another organisation to perform services for us, we may provide them with information including Personal Data, in connection with their performance of those functions. We do not allow third parties to use Personal Data except for the purpose of providing these services.
9. SECURITY MEASURES
We will take all steps reasonably necessary to ensure that Personal Data is treated securely in accordance with this Privacy Statement and the relevant law.
In particular, we have put in place appropriate physical, technical, and organisational procedures to safeguard and secure the Personal Data we process.
We will also take reasonable steps to verify your identity before granting access to information to protect the privacy and security of the Personal Data we process.
Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
We also use secure connections to protect Personal Data during its transmission. Where you have been given (or where you have chosen) a password which enables you to access services, you are responsible for keeping this password confidential. Please do not share your password with anyone.
If you think that there has been any loss or unauthorised access to Personal Data of any individual, please let us know immediately.
10. TRANSFERS OUTSIDE THE EEA
We will only transfer Personal Data outside the EEA if necessary and with appropriate safeguards in place.
We do not process any of your Financial Data outside the European Economic Area (EEA).
The Credit Union may transfer limited Personal Data to be processed outside the EEA by our processors. In such cases we use processors who provide sufficient guarantees to ensure the security and protection of your Personal Data.
11. RETENTION
We only keep your Personal Data as long as it is necessary for the purposes of processing it or to comply with legal or regulatory requirements.
We have identified our retention practices in the table below. In some circumstances it is not possible for us to specify in advance the period for which we will retain your Personal Data. In such cases we will determine the appropriate retention period based on balancing your rights against our legitimate business interests. We may also retain certain Personal Data beyond the periods specified herein in some circumstances such as where required for the purposes of legal claims.
| Purpose | Retention Period |
| Member Application and account set-up and administration | Account closure + 7 years |
| Loan application and approval, loan administration | Termination of loan + 7 years |
| CU Online services | Account closure + 7 years |
| Budgeting services such as Payzone, MABS and budget accounts | Account closure + 7 years |
| Member insurance Services | Account closure + 7 years |
| Other member benefits including competitions | 12 months |
| Recruiting staff to the Credit Union | 12 months for unsuccessful candidates |
| To deliver our Website | 12 months or less |
| Marketing and promotion of our business | 12 months in the case where no meaningful engagement or earlier in the case you unsubscribe |
| Administration of our relationship | Account closure + 7 years for Correspondence Data |
| Prevention of fraud and ensuring security of the Credit Union | 30 Days for CCTV Data |
In certain cases, we may retain Personal Data for longer than specified here if required under relevant laws.
12.YOUR RIGHTS UNDER THE GDPR
You have rights under data protection law in relation to how the Credit Union uses your Personal Data. You may generally access your rights free of charge.
You can ask for access to the Personal Data we hold on you
You have the right to ask for all the Personal Data we have about you. When we receive a request from you in writing, we must give you access to all Personal Data we’ve recorded about you as well as details of the processing, the categories of Personal Data concerned and the recipients of the Personal Data.
We will provide the first copy of your Personal Data free of charge, but we may charge you a reasonable fee for any additional copies.
We cannot give you access to a copy of your Personal Data in some limited cases including where this might adversely affect the rights and freedoms of others.
You can ask to change Personal Data you think is inaccurate
You should let us know if you disagree with something included in your Personal Data.
We may not always be able to change or remove that information, but we’ll correct factual inaccuracies and may include your comments in the record to show that you disagree with it.
You can ask to delete Personal Data (right to be forgotten)
In some circumstances you can ask for your Personal Data to be deleted, for example, where:
- your Personal Data is no longer needed for the reason that it was collected in the first place
- you have removed your consent for us to use your Personal Data (where there is no other lawful basis for us to use it)
- there is no lawful basis for the use of your Personal Data
- deleting the Personal Data is a legal requirement
Where your Personal Data has been shared with others, we will do what we can to make sure those using your Personal Data comply with your request for erasure.
Please note that we cannot delete your Personal Data where:
- we are required to have it by law
- it is used for freedom of expression
- it is used for public health purposes
- it is used for scientific or historical research or statistical purposes where deleting the Personal Data would make it difficult or impossible to achieve the objectives of the processing
- it is necessary for legal claims.
You can ask us to limit what we use your Personal Data for
You have the right to ask us to restrict what we use your Personal Data for where:
- you have identified inaccurate information, and have told us of it
- where we have no legal reason to use that Personal Data but you want us to restrict what we use it for rather than erase it altogether
When Personal Data is restricted it can’t be used other than to securely store the Personal Data and with your consent to handle legal claims and protect others, or where it’s for important public interests.
You can ask to have your Personal Data moved to another provider (data portability)
You have the right to ask for your Personal Data to be given back to you or for it to be provided to another service provider of your choice in a commonly used format. This is called data portability.
This right only applies if we’re using your Personal Data with consent and if decisions were made by a computer and not a human being. It does not apply where it would adversely affect the rights and freedoms of others.
You can make a complaint
You have the right to lodge a complaint with the local supervisory authority for data protection in the EU member state where you usually reside, where you work or where you think an infringement of data protection law took place.
13.AMENDMENTS TO THIS PRIVACY NOTICE
We will post any changes on the Website and when doing so will change the effective date at the top of this Privacy Statement. Please make sure to check the date when you use our services to see if there have been any changes since you last used those services. If you are not happy with any changes that we have made please contact us.
In some cases, we may provide you with additional notice of changes to this Privacy Statement, such as accompanying the annual member booklet. We will always provide you with any notice in advance of the changes taking effect where we consider the changes to be material.
14.OUR CONTACT INFORMATION
Please contact us if you have any questions about this Privacy Statement or Personal Data we hold about you:
- by email at: DPO@loughcu.ie
- or write to us at:
Data Protection Officer, The Lough Credit Union,
100-103 Bandon Rd, Cork, T12 FE43
15.SUPERVISORY AUTHORITY
The Data Protection Commission in Ireland may be contacted using the contact details below if you have any concerns or questions about the processing of your Personal Data.
CONTACT DETAILS
E-mail: info@dataprotection.ie
Lo-Call No: 1890 252 231
Telephone Number: 057 8684800
Postal Address: 21 Fitzwilliam Square South, Dublin 2, D02 RD28
PRIVACY STATEMENT – MEMBER ACCOUNTS
1. Overview
We want to explain clearly how we process your Personal Data when you open and operate an account as a Credit Union Member.
We are The Lough Credit Union
You can find us at our main office at 100-103 Bandon Road, Cork T12 FE43and our branch office at Shournagh Lawn, Togher, Cork. Our Website is www.loughcu.ie, you can contact us on staff@loughcu.ie and phone us at +353 (0)21 496 3384.
In order to provide our Credit Union services, we need to collect Personal Data relating to our members. This statement provides more detailed information about the processing activities of the Credit Union relating to member accounts. This statement forms part of the general Privacy Statement of the Credit Union.
Capitalised terms that are defined in the general Privacy Statement shall have the same meaning when used in this Privacy Statement for Member Accounts
2. Members and their representatives
Our Members are individuals to whom we provide our Credit Union services, for example operating savings accounts or offering loans or online services.
For the most part we transact directly with members in relation to the operation of the Credit Union account. On occasion we may transact with relatives, beneficiaries, guarantors, relations or representatives who are acting on behalf of a member.
When we transact with a representative individual on behalf of a member, we will also collect limited additional Personal Data about that person. These situations may arise as follows:
- a person who is nominated as beneficiary on the account in the event of the members death;
- a person with power of attorney on a member account;
- a parent/guardian who is supervising a juvenile account
- a person who acts as guarantor on a member’s loan;
- a legal representative of a member who communicates with us on the member’s behalf.
3. Categories of Personal Data
This Privacy Statement provides information relating to the categories of Personal Data we process.
| When you become a member and when we are operating your account, we collect the following information | |
| Category of Personal Data | Description |
| Identification Data | This includes name, marital status, title, date of birth, gender, PPSN, photographs, job title and employer. It also includes background and verification data such as a copy of passports or utility bills as well as other information we require to comply with our obligations under anti-money laundering legislation. |
| Contact Data | This includes email address, phone number, postal address, billing address. |
| Financial Data | This includes financial data such as your account status and history, transaction data, contract data, details of the Credit Union products being used. With loans we may also request broader information around your financial income and outgoings such as salary, occupation, accommodation status, mortgage details, other loans and debts, previous addresses, spouse, partners. |
| Correspondence Data | If you interact with us, we will record details of those interactions. For example, we will process details of phone calls, email correspondence and hard copy correspondence. |
| Marketing Data | This includes your preferences in receiving marketing from us and your communication preferences. |
1. Processing Activities
We have set out below the general purpose of processing, the categories of Personal Data processed and the related lawful basis for processing.
|
We have to process Personal Data legally. As a regulated entity much of the data that we process is required to meet with a regulatory obligation or in order to deliver Credit Union member services to you. If we look for consent, we will always ensure that Credit Union Members know what they are consenting to. |
||
| Purpose of Processing | Categories of Personal Data | Lawful Basis |
| Member Application and account set-up and administration |
Identification Data Contact Data Correspondence Data Financial Data |
Contract
|
|
To maintain your account; To enable you to transact on your account; To provide you with information about the operation of your account; |
Identification Data Contact Data Correspondence Data Financial Data |
Contract
|
|
To administer the ILCU Savings Protection Scheme; To administer insurance products and services offered to Credit Union members such as Life Savings, Loan Protection and Death Benefit Insurance |
Contact Data Financial Data |
Contract
|
|
To offer you additional services associated with Credit Union membership such as CU Online, foreign exchange services and loan facilities. To keep you informed of new Credit Union services that may be of interest to you |
Contact Data Marketing data
|
Legitimate Interests Consent |
|
to comply with our legal obligations in respect of the collection of taxes, levies, contributions;
|
Identification Data Contact Data Financial Data |
Legal Obligation
|
|
to interact with the regulator and the Central Bank of Ireland for reporting, compliance and auditing purposes; to engage with internal and external auditors who advise on how we can best meet our obligations and improve our ways of operating; |
Identification Data Contact Data Correspondence Data Financial Data |
Legal Obligation
|
|
to comply with legal obligations connected with “know your customer” requirements under anti-money laundering laws, or under counter terrorist financing law to carry out Customer Due Diligence (CDD) and Enhanced Due Diligence (EDD) |
Identification Data Contact Data Financial Data |
Legal Obligation
|
4. Sources of Personal Data
We have set out below the sources of personal data we collect.
We receive information about you initially when you join the Credit Union and open an account with us. We will ask you for certain information to be provided during the membership application process.
This information is collected from you directly through the Membership application form or from you and other people with whom you operate a Credit Union account such as a joint account or a club or society account.
We receive information from you during the course of your relationship with us such as:
- updates to your account information should any of your account details change
- information related to transactions on your account
- information you supply when you communicate with us about the operation of your account
- information you supply when you take up our services such as applying for loans or activating an online facility
We may collect your Personal Data from a 3rd party when we conduct background checks, including “know your customer” checks.
We may receive information about you from a representative when they transact on your account or communicate with us on your behalf.
5. Retention of member information
We only keep your Personal Data as long as it is necessary for the purposes of processing it or to comply with legal or regulatory requirements.
| Our retention policy is as follows | |
| Purpose | Retention Period |
| Member Application and account set-up and administration | Account closure + 7 years |
| Budgeting services such as Payzone, MABS and budget accounts | Account closure + 7 years |
| Member insurance Services | Account closure + 7 years |
| Other member benefits including competitions | 12 months |
| Marketing and promotion of our business | 12 months in the case where no meaningful engagement or earlier in the case you unsubscribe |
|
Administration of our relationship
|
Account closure + 7 years Correspondence Data |
Note that this section of the Credit Union Privacy Statement relates only to how we process data relating to membership of the Credit Union.
We provide information about how we process your data when you interact with any of the Credit Union Services such as Loans; website; CU online; and other general services offered by the Credit Union on a service by service basis. For further information relating to (i) how to exercise your rights, (ii) who your Personal Data may be shared with (including cross border transfer); (iii) the security measures we have implemented and the contact details for the Data Protection Commission in Ireland you should read the full Credit Union Privacy Statement at https://loughcu.ie/privacy-statement/
PRIVACY STATEMENT – LOAN ACCOUNTS
1. Overview
We want to explain clearly how we process your Personal Data when you apply for and receive a loan from the Credit Union.
We are The Lough Credit Union
You can find us at our main office at 100-103 Bandon Road, Cork T12 FE43and our branch office at Shournagh Lawn, Togher, Cork. Our Website is www.loughcu.ie, you can contact us on staff@loughcu.ie and phone us at +353 (0)21 496 3384.
In order to provide Credit Union loans, we need to collect Personal Data from our members. This section of the Privacy Statement provides specific information relating to loan applications and maintenance of loan accounts.
2. Members and their representatives
Our Members are individuals to whom we provide Credit Union loans.
For the most part we transact directly with members in relation to the operation of the Credit Union loans. On occasion we may transact with relatives, guarantors or representatives who are acting on behalf of a member.
When we transact with someone on behalf of a member, we will also collect limited additional Personal Data about that person.
- a person who acts as guarantor on a member’s loan;
- a spouse or relative who provides information to us to support the loan application;
- a legal representative of a member who communicates with us on the member’s behalf.
3. Categories of Personal Data
This Privacy Statement provides information relating to the categories of Personal Data we process.
| When you apply for a Credit Union loan, we collect the following information | |
| Category of Personal Data | Description |
| Contact Data | This includes email address, phone number, postal address, billing address. |
| Financial Data |
This includes financial data such as your account status and history. With loans we may also request broader information around your financial income and outgoings such as salary, occupation, accommodation status, mortgage details, other loans and debts, previous addresses, spouse, partners. |
| Correspondence Data | If you interact with us, we will record details of those interactions. For example, we will process details of phone calls, email correspondence and hard copy correspondence. |
| PPSN | Your Personal Public Services Number (PPSN) will be collected, if not already on file in order to meet our reporting requirements to the CCR. |
4. Processing Activities
We have set out below the general purpose of processing, the categories of Personal Data processed and the related lawful basis for processing.
| We have to process Personal Data legally. As a regulated entity much of the data that we process is required to meet with a regulatory obligation or in order to deliver Credit Union loan services to you. | ||
| Purpose of Processing | Categories of Personal Data | Lawful Basis |
| To process your application for a loan; |
Contact Data Financial Data |
Contract |
| To assess your application for a loan; |
Contact Data Financial Data PPSN |
Legal Obligation Legitimate Interests |
|
To provide loan drawdown and to manage the repayment schedule To provide you with information about the performance of your loan; |
Contact Data Financial Data Correspondence Data |
Contract |
| To administer the ILCU Loan Protection Scheme; |
Contact Data Financial Data |
Contract |
|
To implement credit control measures where there are missed loan repayments; To carry out credit control including collecting and enforcing debts and arrears |
Contact Data Financial Data |
Contract |
| to comply with our legal reporting obligations in respect of the Central Credit Register (CCR); |
Contact Data Financial Data PPSN |
Legal Obligation |
| to interact with the regulator and the Central Bank of Ireland for reporting, compliance and auditing purposes; |
Contact Data Financial Data
|
Legal Obligation |
5. Sources of Personal Data
We receive information from you when you apply for a loan from us either in-branch or online.
This information is collected from you directly through the loan application form or from you and other people in the case of a joint loan application or where proof of household income is sought.
We receive information from external sources such as the ICB and CCR when we carry out Credit Checks relating to the Loan application.
We receive information from you during the course of the loan such as:
- information related to loan repayments;
- information you supply when you communicate with us about your loan repayments.
We may receive information about you from a representative when they communicate with us on your behalf.
6. Retention of Loan information
Our retention policy is as follows:
| Purpose | Retention Period |
| Loan application and approval, loan administration | Termination of loan + 7 years |
Note that this section of the Credit Union Privacy Statement relates only to how we process data relating to the processing of Credit Union loans.
We provide information about how we process your data when you interact with any of the Credit Union Services such as membership; website; CU online; and other general services offered by the Credit Union on a service by service basis. You can also read the full Credit Union Privacy Statement at https://loughcu.ie/privacy-statement/
PRIVACY STATEMENT – WEBSITE USERS
1. Overview of Website User Personal Data
We want to explain clearly how we process the Website User Personal Data that we hold.
We are The Lough Credit Union
You can find us at our main office at 100-103 Bandon Road, Cork T12 FE43and our branch office at Shournagh Lawn, Togher, Cork. Our Website is www.loughcu.ie, you can contact us on staff@loughcu.ie and phone us at +353 (0)21 496 3384.
For the purposes of this Privacy Statement a Website User is any individual who visits the [Name of] Credit Union website (the “Website”). A Website User may or may not be a member of the Credit Union.
We collect Personal Data relating to Website Users and this section of the Privacy Statement provides specific information relating to the information collected.
2. Categories of Personal Data
We source Website User information in order to improve our services and develop the Website.
| When you visit the Credit Union website, we collect the following information | |
| Category of Personal Data | Description |
| Contact data | This includes email address, phone number, postal address. |
| Website data |
This includes data about your use of our services, including data on the type of device you’re using, its IP address, operating system, referral source, length of visit, page views and website navigation paths, as well as information about the timing, frequency and pattern of Website use. This information is collected at an aggregate level and your identity data is not stored as part of this technical data. |
| Correspondence Data | If you complete an online enquiry form, we will record details of your enquiry and our correspondence. |
| Social media data | We receive Personal Data about Website Users when they follow social media links on our website. |
3. Processing Activities
We have set out below the general purpose of processing, the categories of Personal Data processed and the related lawful basis for processing.
| We have to process Personal Data legally. We collect data from website visitors to understand what services our website visitors are interested in and to engage with you further in relation to those services. | ||
| Purpose of Processing | Categories of Personal Data | Lawful Basis |
|
To manage your website experience To improve our website content |
Website data Cookie data |
Legitimate Interests Consent |
| To respond to enquiries about our services |
Contact Data Correspondence data |
Legitimate Interests |
| To market our services to you through social media interactions | Social media data |
Legitimate Interests Consent |
| To market our services directly to you through newsletters and marketing emails |
Contact Data
|
Consent |
| To manage website security | Website data | Legitimate Interests |
| For recruitment purposes | Candidate data | Legitimate Interests |
4. Sources of Personal Data
We receive information from you when you visit our website, when you complete an online form on our website, if you subscribe to our newsletter or if you follow us via social media links on our website.
This information is collected from you directly as a result of your interaction with the Credit Union website.
5. Retention
We will only retain Personal Data for as long as it is needed for the purpose for which it was collected. After that it is deleted from our systems.
Generally, website data is retained for a maximum of 12 months.
Note that this section of the Credit Union Privacy Statement relates only to how we process data relating to the Credit Union website.
We provide information about how we process your data when you interact with any of the Credit Union Services such as becoming a member, loans; CU online; and other general services offered by the Credit Union on a service by service basis. You can also read the full Credit Union Privacy Statement at https://loughcu.ie/privacy-statement/
Privacy Statement – Online Users (CU Online)
1. Overview of Online banking data
We want to explain clearly how we process your Personal Data when you apply for and use our online facilities as a Credit Union Member.
We are The Lough Credit Union
You can find us at our main office at 100-103 Bandon Road, Cork T12 FE43and our branch office at Shournagh Lawn, Togher, Cork. Our Website is www.loughcu.ie, you can contact us on staff@loughcu.ie and phone us at +353 (0)21 496 3384.
In order to provide our online banking services, we need to collect Personal Data in order to set-up and manage your online account. This section of the Privacy Statement provides specific information relating to your online banking account.
Note: You must be an existing Credit Union member to apply for an online banking account. To see how we process your data in relation to your Credit Union Membership please see the section in this Privacy Statement Overview of Member Account Data.
2. Categories of Personal Data
We process personal data as a result of your interaction with our online banking services.
| When you register for and use our online banking facility, we process the following categories of personal data. | |
| Category of Personal Data | Description |
| Registration data | This includes email address, username and password(hashed) |
| Contact Data | This includes email address and mobile phone number. |
| Log data | This includes data about your use of our online services, including data about the time and date of your interaction as well as IP address and transaction information. |
| Financial Data | This includes financial data such as your account status and transaction data as well as information on accounts that you set-up for online transactions. |
| Correspondence Data | If you complete an online enquiry form, we will record details of your enquiry and our correspondence. |
3. Processing Activities
We have set out below the general purpose of processing, the categories of Personal Data processed and the related lawful basis for processing.
| We have to process Personal Data legally. We collect data when you interact with online banking in order to provide a secure service and to process your online banking instructions. | ||
| Purpose of Processing | Categories of Personal Data | Lawful Basis |
| To register you for online services | Registration data | Contract |
| To process your online instructions | Financial data | Contract |
| To support your online interactions | Correspondence data | Contract |
| To manage security of online services |
Log data
|
Legitimate Interests |
4. Sources of Personal Data
We receive information from you when you register for online services and whenever you interact with those services from logging into your online account to carrying out financial transactions on your Credit Union account using CU online facilities.
We may receive information from you if you apply for a loan using the online facility. When you apply for a loan through the CU online service, we collect the same information to process your loan application as we would collect when you apply for the loan in person at the Credit Union. (See Loan Information for further information about how we process your Personal Data in relation to loans).
This information is collected from you directly as a result of your interaction with the Credit Union online banking service.
5. Retention
We will only retain Personal Data for as long as it is needed for the purpose for which it was collected. After that it is deleted from our systems.
Generally, data collected specifically for delivery of online services is kept until you delete your online account.
Note that this section of the Credit Union Privacy Statement relates only to how we process data relating to the Credit Union CU Online facility.
We provide information about how we process your data when you interact with any of the Credit Union Services such as becoming a member, loans; our website; and other general services offered by the Credit Union on a service by service basis. You can also read the full Credit Union Privacy Statement at https://loughcu.ie/privacy-statement/