We are committed to protecting our members’ privacy. The credit union requires any information marked as mandatory for membership to either meet legal obligations or to enable us to perform our contract with you. Where you are not able to provide us with this information, we may not be able to open an account for you. Where we request further information about you not required for these reasons, we will ask you for your consent.
How we use your personal information
NHS Credit Union may process, transfer and/or share personal information in the following ways:
For legal reasons, to:
- confirm your identity
- perform activity for the prevention of financial crime
- carry out internal and external auditing
- record basic information about you on a register of members
For performance of our contract with you, to:
- deal with your account(s) or run any other services we provide to you;
- consider any applications made by you;
- carry out credit checks and to obtain and provide credit references
- undertake statistical analysis, to help evaluate the future needs of our members and to help manage our business
- To send you statements, new terms & conditions (including changes to this privacy statement), information about changes to the way your account(s) operate and notification of our annual general meeting.
For our legitimate interests, to:
- recover any debts owed to us
With your consent, to:
- maintain our relationship with you including marketing and market research (if you agree to them)
Sharing your personal information
We will disclose information outside the credit union;
- to third parties to help us confirm your identity to comply with money laundering legislation
- to credit reference agencies and debt recovery agents who may check the information against other databases – private and public – to which they have access to
- to any authorities if compelled to do so by law (e.g. to HM Revenue & Customs to fulfil tax compliance obligations)
- to fraud prevention agencies to help prevent crime or where we suspect fraud;
- to any persons, including, but not limited to, insurers, who provide a service or benefits to you or for us in connection with your account(s)
- To our suppliers in order for them to provide services to us and/or to you on our behalf
- to anyone in connection with a reorganisation or merger of the credit union’s business
- other parties for marketing purposes (if you agree to this)
Where we send your information
While countries in the European Economic Area all ensure rigorous data protection laws, there are parts of the world that may not be quite so rigorous and do not provide the same quality of legal protection and rights when it comes to your personal information.
The credit union does not directly send information to any country outside of the European Economic Area, however, any party receiving personal data may also process, transfer and share it for the purposes set out above and in limited circumstances this may involve sending your information to countries where data protection laws do not provide the same level of data protection as the UK.
For example, when complying with international tax regulations we may be required to report personal information to the HM Revenue and Customs which may transfer than information to tax authorities in countries where you or a connected person may be tax resident.
Retaining your information
The credit union will need to hold your information for various lengths of time depending on what we use your data for. In many cases we will hold this information for a period of time after you have left the credit union.
To read our policy for retaining members data please contact us at: 0141 445 0022 or firstname.lastname@example.org
Credit rating agencies
In order to process credit applications you make we will supply your personal information to credit reference agencies (CRAs) and they will give us information about you, such as about your financial history. We do this to assess creditworthiness and product suitability, check your identity, manage your account, trace and recover debts and prevent criminal activity.
We will also continue to exchange information about you with CRAs on an ongoing basis, including about your settled accounts and any debts not fully repaid on time. CRAs will share your information with other organisations. Your data will also be linked to the data of your spouse, any joint applicants or other financial associates. This may affect your ability to get credit.
The identities of the CRAs, and the ways in which they use and share personal information, are explained in more detail on:
- Our website at nhscreditunion.com/crain
- TransUnion (formerly Call Credit) at https://www.callcredit.co.uk/legal-information/bureau-privacy-notice
- Equifax at equifax.co.uk/crain
- Experian at experian.co.uk/crain
Your rights under data protection regulations are:
- The right to access
- The right of rectification
- The right to erasure
- The right to restrict processing
- The right to data portability
- The right to object to data processing
- Rights related to automating decision-making and profiling
- Right to withdraw consent
- The right to complain to the Information Commissioner’s Office
Please see our website www.nhscreditunion.com/data-protection-policy for more information; alternatively, this information is available in branch.
Contact us about your rights
For more information about how your rights apply to your membership of the credit union or to make a request under your rights you can contact us email@example.com or 0141 445 0022. We will aim to respond to your request or query within one month or provide an explanation of the reason for our delay.
Contact details of the NHS Credit Union:
NHS Credit Union Ltd
9 Dava Street,
0141 445 0022
We take the protection of your information very seriously and high security measures will be taken to ensure your data is protected. All online banking activity is protected by a secure certificate using the TLS1.2 standard encryption which provides an industry standard level of security.