Privacy Notice of Ballaghaderreen and District Credit Union Limited – General
Republic of Ireland Credit Unions
A credit union is a member-owned financial cooperative, democratically controlled by its members, and operated for the purpose of promoting thrift, providing credit at competitive rates, and providing other financial services to its members.
Data collection, processing and use are conducted for the purpose of facilitating the abovementioned objectives. This Privacy Notice is to provide you with information regarding the processing of information about you for account related purposes and other general purposes and further processing that may be necessary if you apply for a loan with us.
Our contact details are:
Address: Main Street, Ballaghaderreen, Co. Roscommon
Data Protection Leader Contact 094-9860522
Ballaghaderreen and District Credit Union Limited is committed to protecting the privacy and security of your personal
data. This privacy notice describes how we collect and use personal data about you during and after your relationship
What personal data do we use?
We may collect, store, and use the following categories of personal data about you:
Your name, address, date of birth, email, telephone financial data, status and history, transaction data; contract data,
details of the credit union products you hold with us, signatures, identification documents, salary, occupation,
accommodation status, mortgage details, previous addresses, spouse, partners, nominations, Tax Identification/PPSN
numbers, passport details, interactions with credit union staff and officers on the premises, by phone, or email, current
or past complaints, CCTV footage, member photos, credit history from credit bureaus in accessing loan applications,
information sought for the credit union to register a first legal charge on the property to be purchased and it will be
necessary for us to process your personal data in order to register this charge or have this charge registered on our
The purposes for which we use your personal data:
The credit union will use your personal data to assist it in carrying out the following:
- To open and maintain an account for you.
- To meet our obligations under the Credit Union’s Standard Rules.
- To contact you in respect of your account and any product or service you avail of.
- To comply with our legal obligation for example anti-money laundering obligations.
- In assessing your loan application and determining your creditworthiness for a loan.
- Verifying the information provided by you in the application.
- In order to purchase loan protection and life savings protection from ECCU.
- Conducting credit searches and making submissions to Irish Credit Bureau and the Central Credit Register.
- Administering the loan, including where necessary, to take steps to recover the loan or enforce any security
taken as part of the loan.
- We may use credit scoring techniques [and other automated decision making systems] to either partially or fully
assess your application.
- To comply with Central Bank Regulations to determine whether you are a connected borrower or related party
- Providing updates on our loan products and services by way of directly marketing to you.
- When acting as an insurance intermediary, to meet our obligations.
We may also collect, store and use the following “special categories” of more sensitive personal data:
Information about your health, including any medical condition, health and sickness
We need all the categories of information in the list above to allow us to; identify you and contact you and in order that we perform our contract with you.
We also need your personal identification data to enable us to comply with legal obligations. Some of the above grounds
for processing will overlap and there may be several grounds which justify our use of your personal data.
How we use particularly sensitive personal data
”Special categories” of particularly sensitive personal data require higher levels of protection. We need to have further
justification for collecting, storing and using this type of personal data. We may process special categories of personal
data in the following circumstances:
- In limited circumstances, with your explicit written consent.
- Where we need to carry out our legal obligations and in line with our data protection policy.
- Where it is needed in the public interest, and in line with our data protection policy.
Less commonly, we may process this type of information where it is needed in relation to legal claims or where it is
needed to protect your interests (or someone else’s interests) and you are not capable of giving your consent, or where
you have already made the information public.
How secure is my information with third-party service providers?
All our third-party service providers are required to take appropriate security measures to protect your personal data in
line with our policies. We do not allow our third-party service providers to use your personal data for their own
purposes unless they are deemed to be controllers in their own right. We only permit them to process your personal
data for specified purposes and in accordance with our instructions. Usually, information will be anonymised but this
may not always be possible. The recipient of the information will also be bound by confidentiality obligations.
If you fail to provide personal data
If you fail to provide certain information when requested, we may not be able to perform the contract we have entered
into with you or we may be prevented from complying with our legal obligations.
Change of purpose
You can be assured that we will only use your data for the purpose it was provided and in ways compatible with that
stated purpose. If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the
legal basis which allows us to do so.
We sometimes use systems to make decisions based on personal data we have (or are allowed to collect from others)
about you. This information is used for loans assessment and anti-money laundering purposes and compliance with our
legal duties in that regard.
Data Retention Periods
We will only retain your personal data for as long as necessary to fulfil the purpose(s) for which it was obtained, taking
into account any legal/contractual obligation to keep it. Where possible we record how long we will keep your data,
where that is not possible, we will explain the criteria for the retention period. This information is documented in our
Once the retention period has expired, the respective data will be permanently deleted. Please see our retention
- Accounting records required to be kept further to the Credit Union Act, 1997 (as amended) must be retained for not
less than six years from the date to which it relates.
- The money laundering provisions of anti-money laundering legislation require that certain documents must be
retained for a period of five years after the relationship with the member has ended.
- We keep income tax records for a period of six years after completion of the transactions to which they relate.
- Loan application information is retained for a period of seven years from the date of discharge, final repayment,
transfer of the loan.
- CCTV footage which is used in the normal course of business (i.e. for security purposes) for one month.
- Credit agreements are contracts and as such the credit union retains them for seven years from date of expiration or
breach, and twelve years where the document is under seal.
- Loan applications form part of your credit agreement and as such we retain them for seven years.
Planned data transmission to third countries
There are no plans for a data transmission to third countries
Our use and sharing of your information
We will collect and use relevant information about you, your transactions, your use of our products and services, and
your relationships with us. We will typically collect and use this information for the following purposes: