Skip to main content
Download PDF

Data Protection Notice - Summary

Effective 25th February 2020.

Comhar Linn INTO Credit Union Limited takes data protection very seriously.

We see the protection and appropriate use of your personal data, as central to our relationship with you.

We commit to being transparent with you on the personal data that we hold, how long we hold it for, what purposes we put it to, what responsibilities we have and what rights you have.

Data Protection Regulation is high profile and quite complex. The dominant regulation in force across the European Union is known as the GDPR (General Data Protection Regulation). Additional user-friendly information is available on the website of the (Irish) Data Protection Commission.

 

The following is a brief summary of our commitment to managing your personal data and your data rights.

For further detail please review the Data Protection Notice that is published on https://www.comharlinnintocu.ie/

 

What personal data do we have?

We store personal data that you give to us (for example proofs of identity, details entered on electronic or paper forms, and details given verbally,) and data that we receive about you from reputable other sources (such as credit bureaux, public registries).

How long do we keep personal data?

We retain personal data for only as long as necessary for contractual, legal or business purposes. When personal data is no longer required, we securely destroy it.

How do we secure your personal data?

We are ISO27001 certified, which means that we implement and operate industry best practice for Information Security Management.

What do we use your personal data for?

We use your personal data for necessary purposes such as to record your membership, to assess your product applications, to operate your product contracts, and to comply with our legal obligations such as anti-money laundering checks and tax returns. If we would like to use your personal data for an optional purpose, such as direct marketing, we will ask you to freely give your consent.

What 3rd parties receive your data?

We sometimes use 3rd party companies to perform services under our instruction and we transfer personal data as required to perform those services – for example we engage 3rd party companies to print and send communications, to securely store historical paper documents, and for legal and audit expertise. We sometimes are legally obliged to provide personal data to bodies such as the courts, the Garda Síochána and the Revenue Commissioners.

In what countries is your data stored?

We commit to storing your data in the EEA. For a limited number of processes where we may have a requirement to transfer personal data outside of the EEA, this will only be permitted in accordance the permitted Relevant Legislation at the time. The credit union will ensure that a suitable transfer solution is in place to safeguard personal data being transferred (for example: by using model contract clauses or on the basis of an adequacy decision).

What are your Data Protection Rights?

The GDPR gives you strong rights with regard to the protection and use of your personal data. You can request of us, free of charge,

  • to provide a copy of your personal data (known as ‘Subject Access Request’)
  • to erase your personal data if there is no necessary reason to retain it (known as ‘Right to Erasure’ or ‘Right to be Forgotten’)
  • to fix your personal data if it is inaccurate (known as ‘Right to Rectification’)
  • to make available a copy of personal data, that you had originally provided, in a format that is transmittable to another data controller (known as ‘Data Portability’)
  • to not be subject to a decision based solely on automated processing, including profiling
  • to object to use of your personal data for a purpose which the Credit Union considers to be its legitimate business interest.

 

If you consider that your data privacy has been compromised, or that your data protection rights have not been fulfilled, you can lodge a complaint with a supervisory authority (in Republic of Ireland, the “Data Protection Commission”) or seek a judicial remedy through the courts.

 

How can you avail yourself of Data Protection Rights?

To get further clarification on your rights, or to avail yourself of those rights, please contact us as follows:

  • Please put your request in writing (letter or email) with as much detail as possible to help us to address your specific requirements
  • Please send your request to either:

Postal address

Data Protection Officer,

Comhar Linn INTO Credit Union Ltd.,

33 Parnell Square,

Dublin 1.

D01 W563

 

Email address

dpo@intocreditunion.ie