We are committed to protecting our members’ privacy. As a responsible credit union, the Derbyshire Community Bank requires any information marked as mandatory for membership to either meet legal obligations or to enable us to perform our contract with you. Where you are not able to provide us with this information, we may not be able to open an account for you. Where we request further information about you not required for these reasons, we will ask you for your consent.
Derbyshire Community Bank may process, transfer and/or share personal information in the following ways:
We will disclose information outside the credit union:
The identities of our third party service providers, and the ways in which they use and share personal information, are explained in more detail in our Third Party Outsourcing Policy which can be found by visiting our website www.dcbank.org.uk.
While countries in the European Economic Area all ensure rigorous data protection laws, there are parts of the world that may not be quite so rigorous and so do not provide the same quality of legal protection and rights when it comes to your personal information.
The credit union does not directly send information to any country outside the European Economic Area; however, any party receiving personal data may also process, transfer and share it for the purposes set out above. In limited circumstances this may involve sending your information to countries where data protection laws do not provide the same level of data protection as the U.K.
For example, when complying with international tax regulations we may be required to report personal information to the HM Revenue and Customs which may transfer that information to tax authorities in countries where you or a connected person may be tax resident.
The credit union will need to hold your information for various lengths of time depending on what we use your data for. In many cases we will hold this information for a period of time after you have left the credit union.
To read our policy for retaining members’ data please contact us on 01332 348144 or e-mail us at firstname.lastname@example.org
In order to process any credit applications which you may make we will supply your personal information to credit reference agencies (CRAs) and they will give us information about you, such as about your financial history. We do this to assess creditworthiness and product suitability, to check your identity, manage your account, trace and recover debts and prevent criminal activity.
We will also continue to exchange information about you with CRAs on an ongoing basis, including about your settled accounts and any debts not fully repaid on time. CRAs will share your information with other organisations. Your data will also be linked to the data of your spouse, any joint applicants or other financial associates. This may affect your ability to get credit.
The identities of the CRAs, and the ways in which they use and share personal information, are explained in more detail on:
Your rights under data protection regulations are:
Please see our website here: www.dcbank.org.uk/privacy notice for more information.
You have the right to access your personal data and details of the purposes of the processing, the categories of personal data concerned and the recipients of the personal data. Providing the rights and freedoms of others are not affected, we will supply to you a copy of your personal data. You can access your personal data by visiting www.dcbank.org.uk
You have the right to have any inaccurate personal data about you corrected and, taking into account the purposes of the processing, to have any incomplete personal data about you completed.
In some circumstances you have the right to the erasure of your personal data without undue delay.
Those circumstances include:
However, we will not erase this data where we need it to meet a legal obligation or where it’s necessary for the establishment, exercise or defence of legal claims.
In some circumstances you have the right to restrict the processing of your personal data. Those circumstances are:
We will only otherwise process it:
You have the right to object to our processing of your personal data on grounds relating to your particular situation, but only to the extent that the legal basis for the processing is that the data is not necessary for the purposes of the legitimate interests pursued by us or by a third party.
If you make such an objection, we will cease to process the personal information unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing is for the establishment, exercise or defence of legal claims.
You have the right to object to our processing of your personal data for direct marketing purposes (including profiling for direct marketing purposes). If you make such an objection, we will cease to process your personal data for this purpose.
To the extent that the legal basis for our processing of your personal data is:
then you have the right to receive your personal data from us in a commonly used and machine-readable format or instruct us to send this data to another organisation. This right does not apply where it would adversely affect the rights and freedoms of others.
This credit union uses an automated decision making process for processing members’ loan applications to make sure that our decisions are quick, fair, efficient, and correct based on what we know.
The automated lending decision system looks at your credit score alongside information such as:
and makes a decision based on either
Members have the right to have the decision reviewed by a member of staff, express their point of view, and obtain an explanation of the decision.
To the extent that the legal basis for our processing of your personal information is your consent, you have the right to withdraw that consent at any time. Withdrawal will not affect the lawfulness of processing before the withdrawal.
If you consider that our processing of your personal information infringes data protection laws, you have a legal right to lodge a complaint with the regulator, namely the Information Commissioner’s Office, which is the body responsible for data protection in the UK. You can contact them by:
For more information about how your rights apply to your membership of the credit union or to make a request under your rights you can contact us email@example.com or 01332 348144. We will aim to respond to your request or query within one month or provide an explanation of the reason for our delay.
Derbyshire Community Bank,