BDS Credit Union
BDS Credit Union Ltd
Information Technology and Web Services Data Privacy Summary
How we protect and manage your personal data
Processing your personal information comes with significant responsibilities on our part and we want you to know that we take those responsibilities seriously.
Data protection laws were previously set out in the Data Protection Act 1998. This Act is replaced by the European Union’s General Data Protection Regulation (GDPR) on 25th May 2018, and by the UK’s own data protection legislation, the new Data Protection Act 2018 (DPA), which received Royal Assent on the same date. If the UK continues with its plans to leave the EU, at that time the GDPR will cease to have effect, however the DPA will continue to have effect unless amended or repealed. If required to do so we will inform you of any relevant changes or updates that affect you when the time is right. The information in this Privacy Summary is current with our understanding of the GDPR and DPA as at the end of May 2018 and explains the most important aspects of each piece of legislation. It describes how we use your personal information and the rights you have in relation to that information. For more detailed information please ask for a copy of our full Data Privacy Notice. If you have any questions about how we use your information contact the Credit Union’ Operations Manager at the address given in below.
Who we are
Throughout this document, “we”, “us”, “our/s”, “the Credit Union” refers to BDS Credit Union Ltd. Your information is held under the control of the limited company on whose behalf its directors have sole charge of the general control, direction and management of the affairs, funds and records of the Credit Union. For more information about us including a list of office holders ask for a copy of our latest annual report. This Information Technology and Web Services Data Privacy Summary refers in the main to data collected via our website.
The information we collect about you
We will hold:
- Information about your computer, your visits to and use of this website. This information is for our statistical purposes and may include your IP address, geographical location, browser type, source of referral, length of visit and number of page views.
- Information relating to any transactions carried out between you and the Credit Union, on or in relation to this website.
- Any other information you may send us through this website.
When we will collect your information
We collect information: (i) you give us; (ii) from your use of our services and products
How we use your information and the legal basis
We use and share your data where:
- You have agreed or explicitly consented to the using of your data in a specific way (you may withdraw your consent at any time);
- Use is necessary in relation to a service or contract that you have entered into or because you have asked for something to be done so you can enter into a contract with us;
- Use is necessary because we have to comply with a legal obligation;
- Use for our legitimate business interests (which you may object to) such as managing our business including credit risk management, providing service information, training our personnel, and strategic planning;
- For good governance, accounting, and managing and auditing our business.
We may convert your personal data into statistical or aggregated data which cannot be used to identify you, but may be used to produce statistical research and reports. This aggregated data may be shared and used in all of the ways described above.
Who we share your information with
- When providing website or app services to you we may share your information with:
- Our company is hosted on the Wix.com platform. Wix.com provides us with the online platform that allows us to sell our products and services to you. Your data may be stored through Wix.com’s data storage, databases and the general Wix.com applications. They store your data on secure servers behind a firewall.
- Third parties with whom: (i) we need to share your information in order to facilitate transactions you have requested, and (ii) you ask us to share your information;
- Service providers who help us to provide your products and services;
- Statutory and regulatory bodies (including central and local government), and law enforcement authorities;
- Third parties in connection with our management of our business, or other persons or organisations you have instructed such as: persons making an enquiry or complaint; debt collection agencies; budgeting and advice agencies; tracing agents; receivers; liquidators; examiners; Assignee for Bankruptcy or the equivalent;
Your personal data may be transferred outside the UK for storage and other purposes. Where this is the case we will take all necessary steps to ensure adequate protection of your personal data.
You should be aware that if you link to another website through the Credit Union’s website, the Credit Union has no control over any other website and has no responsibility for the privacy practices of other websites.
How long we hold your data
- We will hold other personal data for the minimum length of time necessary to deal with your queries and to manage our business effectively or to comply with regulatory or legal obligations.
Implications of not providing your data
- You are not obligated to provide any information that we request (other than that required for legal or regulatory purposes) however if you do not provide information we may not be able to:
- Provide requested products or services to you;
- Continue to provide and/or renew existing products or services for you;
- Assess whether or not a service or product we provide is suitable for you.
How to exercise your information rights including the right to object
- You have enhanced rights under the GDPR in relation to how we use your information including the right to:
- Find out if we use your information, access your information and receive copies of your information;
- Have inaccurate or incomplete information corrected or updated;
- Object to a particular use of your personal data for our legitimate business interests;
- In certain circumstances to have your information deleted or our use of your data restricted;
- The right to move, copy or transfer your personal data (data portability);
- To withdraw consent at any time where processing is based on consent.
If you wish to exercise any of your data rights you can contact us in the following ways:
- By emailing – firstname.lastname@example.org
- In person at our main office – 8 Main Street Saintfield BT24 7AA
- By post to – The Directors, 8 Main Street Saintfield BT24 7AA
- By telephone – 02897511295
You also have the right to report a concern to the Information Commissioner’s Office (ICO) at:
- Telephone: 0303 123 1113