Privacy Policy
1st Class Credit Union Limited
Who We Are
1st Class Credit Union Limited is situated at Aspire Business Centre, 16 Farmeloan Road, Rutherglen, G73 1DL. We are authorised by the Prudential Regulation Authority and regulated by the Financial Conduct Authority and the Prudential Regulation Authority. FCA Firm No: 213700.
Our privacy policy covers all interactions we have with our members from phone calls to online banking through our website and app.
The Credit Union requires any information marked as mandatory for membership to either meet legal obligations or to enable us to perform our contract with you. Failure to provide the necessary information may result in the delay of your membership application being processed.
How We Use Personal Information
At 1st Class Credit Union Ltd we will process, transfer and/or share your information for the following legal reasons;
- To confirm your identity and address
- Carry out checks for the prevention of financial crime
- To perform internal and external auditing
- Hold minimal details about our members on a register of members
For performance of our contract with you:
- Provide you have the services you have requested as well as the handling of your account
- Review any applications made by you
- Perform credit checks when necessary and to obtain and provide credit references
- Process statistical analysis to aid in planning for the future needs of our members
- To send you statements, changes to our terms & conditions as well as changes to this privacy policy.
We may contact you for legitimate interests, such as:
- To recover any outstanding debts owed to us
With your consent, to:
- Maintain our relationship with you including marketing and market research (if you agree to them)
Who We Share Your Personal Information With
We will share your information with;
- Third party agencies to aid us in the verification of your identification and address
- Credit reference agencies as well as debt recovery agencies who may check the information against other databases - private and public – to which they have access to.
- To any authority if legally required to do so, for example HM Revenue & Customs for tax compliance obligations
- To fraud prevention agencies to help to prevent crime or where we suspect crime.
- To any persons, including, but not limited to, insurance providers, who provide a service or benefits to you or for us in conjunction with your account(s)
- To our suppliers in order for them to meet our conditions to provide a service to us and/or to you on our behalf
- To anyone in connection with a reorganisation or transfer of engagement of the credit unions business
- Other parties for marketing purposes (if you agree to this)
Where we share your information
All countries in the European Economic Area ensure and follow strict data protection laws, however, there are countries in the world who do not deliver the same level of protection when holding or processing your personal information.
The Credit Union does not directly send information to any country outside of the European Economic Area. However, any party receiving personal data may also process, transfer and share it for the purposes set out above and in limited circumstances this may involve sending your information to countries where data protection laws do not provide the same level of data protection as the UK.
For example, when complying with international tax regulations we may be required to report personal information to the HM Revenue and Customs which may transfer that information to tax authorities in countries where you or a connected person may be a tax resident.
Credit Reference Agencies (CRAs)
When submitting an application for credit please be aware we may share your personal information with CRAs to ensure we are safely and responsibly lending to our members.
To keep your credit file account up to date we will exchange information with CRAs about you on a regular basis. This information will contain any settled accounts and any outstanding debts you may have with us, which could affect your credit score.
For further information on the CRAs, the ways in which they use and share personal information, are explained in more detail on:
- CallCredit: callcredit.co.uk/crain
- Equifax: equifax.co.uk/crain
- Experian: experian.co.uk/crain
Retaining Your Information
The credit union will hold your data for a minimum of 7 years following termination of membership. However, we are legally obliged to hold specific data for our members register. This will include members name, date of birth, date of joining/leaving and share value at the time of termination.
Your Rights Under Data Protection Regulations Are:
The right to be informed | Individuals have the right to be informed about the collection and use of their personal data |
The right of access | Individuals have the right to access their personal data |
The right to rectification | The GDPR includes a right for individuals to have inaccurate personal data rectified, or completed if it is incomplete. |
The right to erasure | The GDPR introduces a right for individuals to have personal data erased. |
The right to restrict processing | Individuals have the right to request the restriction or suppression of their personal data. This is not an absolute right and only applies in certain circumstances |
The right to data portability | The right to data portability allows individuals to obtain and reuse their personal data for their own purposes across different services. |
The right to object | The GDPR gives individuals the right to object to the processing of their personal data in certain circumstances |
Rights in relation to automated decision making and profiling. | We may use automated decision making in processing your personal and financial information to make credit decisions. It is our policy to manually review automated decisions whenever possible. However, you have the right to request a manual review of the accuracy of any decision we make if you are unhappy with it. The Credit Union uses a company called NestEgg Ltd to process this data on our behalf. NestEgg Ltd provides an automated ‘decision’ to help the Credit Union make it easy for members to apply for loans and savings accounts. NestEgg Ltd is not responsible for making decisions, they do not see your personal information. Their software makes a recommendation to a loans officer. When you apply for a loan and / or savings account up to five searches may appear on your credit file. For the purposes of credit scoring, this will typically only affect your credit score as if one credit application were made. Each of these five ‘footprints’ relate to the different sources of data being used to assess an application; these include the credit report itself and an affordability check. The Credit Union needs to prove the information belongs to you which is when an ID check is required. In cases where an application is made by a new member; the Credit Union will use an ID check and may also run a report to check ownership of any bank account details you may give us. These checks are required by law to prevent money laundering. Some of these footprints will be in the name of NestEgg Ltd and others in the name of the Credit Union. |
The right to complain | Individuals have the right to complain to the information’s commissioner’s office. |
Fraud Prevention Agencies
We use your information to carry out checks for the purposes of preventing fraud and money laundering. These checks require us to process and share personal data about you.
The personal data can include information that you have shared with us in making your loan application, other information we have collected or hold about you, or information we receive from third parties such as Credit Reference Agencies.
We will share your:
- Name;
- Address;
- Date of birth;
- Contact details;
- Financial information;
- Employment details;
- Device identifiers, including IP address; and
- Any other information that it is in our legitimate interest to share in order to prevent or detect fraud, or that we are legally obliged to provide.
We and fraud prevention agencies may also enable law enforcement agencies to access and use your personal data to detect, investigate and prevent crime.
We process your data in these ways because we have a legitimate interest in preventing fraud and money laundering in order to protect our business and to comply with laws that apply to us.
Fraud prevention agencies can hold your personal data for different periods of time, and if you are considered to pose a fraud or money laundering risk, for up to six years.
If we, or a fraud prevention agency, determine that you pose a fraud or money laundering risk, we may refuse to provide the loan or any other services you have asked for. We may also stop providing existing services to you.
A record of any fraud or money laundering risk will be retained by fraud prevention agencies and may result in others refusing to provide services, financing or employment to you. If you have any questions about this then please contact us.
What we use cookies for
Internet cookies help you do things online, like remembering log-in details so you don’t have to reenter them when revisiting a site.
For more information on Cookies and why we use them please click here, 1st Class Credit Union | Cookie Notice (1stclasscu.co.uk)
Beneficiary Details
The Credit Union holds personal information on beneficiaries as nominated by the member. This information is only used in the event of death of a member, where there are funds available to be paid out.
Information that we hold on beneficiaries include:
- Full Name
- Address
- Contact Telephone Number
It is the members responsibility to provide their beneficiary with a copy of our privacy policy.
Security
We take the protection of your information very seriously and high security measures will be taken to ensure your data is protected. All online banking activity is protected by a secure certificate using the TLS1.2 standard encryption which provides an industry standard level of security.
Changes To This Privacy Policy
We can update this Privacy Policy at any time and ideally you should check it regularly at 1st Class Credit Union | Privacy Policy (1stclasscu.co.uk) for updates. We won’t alert you for every small change, but if there are any important changes to the Policy or how we use your information we will let you know and where appropriate ask for your consent.
How To Contact Us
If you have any questions, concerns, or complaints regarding this Privacy Policy or how we handle your personal data, please contact us at:
- Email: DPO@1stclasscu.co.uk
- Phone: 0141-552-8408
- Address: Aspire Business Centre, 16 Farmeloan Road, G73 1DL
You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO) if you believe we have not complied with applicable data protection laws.
Information Commissioner’s Office:
- Website: https://ico.org.uk
- Phone: 0303 123 1113
This policy was last updated on 24/10/2024
