Home‎ > ‎

Privacy

Privacy Notice

At West Leeds & Bramley Credit Union (WL&BCU) we respect individuals’ concerns about the way we deal with your personal and financial information.  This Privacy Notice sets out how we deal with this information, why we hold it, and how and when we may share it with others.  We will update this notice in the future if there are any changes that we need to tell you about.

This notice applies to information that we collect about our members (people who apply for and use our products.)  It may also apply to prospective members (people who enquire about joining the Credit Union but don’t apply to join, or who are not accepted.)

Why we hold personal information, and our ‘lawful basis’ for doing so

We hold your details:

To allow us to process your application or request for services
To provide these services and to ensure that we can carry out our responsibilities.

For example, we will hold the details that we collect from you when you first apply for membership, or if you apply for a loan.  We will also maintain records of share deposits, loan repayments and information about your financial conduct in relation to your membership.

The General Data Protection Regulations (GDPR) that came into force from May 2018 state that we must have a good reason – or ‘lawful basis’ for holding any item of personal data.  Three of the ‘lawful bases’ set down in the Regulations apply to the data held by WL&BCU.  These are:

Consent - If you have given clear consent for us to process your personal data for a specific purpose.
Contract - If the processing is necessary for a contract that you have with us, or because you have asked us to take specific steps before entering into a contract.
Legitimate Interests - If the processing is necessary to protect the legitimate interests of the Credit Union.

We have reviewed the personal data on our system to confirm that we have a lawful basis for holding it.  In some cases, more than one ‘lawful basis’ may apply to a single piece of data.  You have the right to see a copy of the data that we hold.  (See the ‘Your Rights’ section below.)

We will regularly review the personal data that WL&BCU holds to ensure that there is still a ‘lawful basis’ for keeping each piece of data.  Where the lawful basis for holding data is ‘consent,’ GDPR requires us to keep in contact with members to confirm that they still consent to the data being held.  We will aim to contact all members at least once a year to ask them to renew their consent.

If there is a change to the terms of the contract between you and WL&BCU – in other words, if you take out a new loan or start a new savings scheme, or we agree on changes to the terms of existing borrowing – we will invite you to renew your consent at this time.

How long will data be retained?

We will delete your information from our system five years after you stop being a member of WL&BCU, unless:

The law says we must keep the information for longer.  We are legally required to keep some types of information about your Membership, your shares account(s) and any loans that you take out for up to 15 years after you stop being a Credit Union Member.
You request us to delete the information sooner.  (You have the right to request that we delete any information about you that we’re not legally required to keep.  See the ‘Your Rights’ section below.)

If in the future we start to employ staff, or if we engage other organisations to carry out work on our behalf, they may also have access to your information.

Most of the information that we hold about you comes directly from you.  This may be from:

Your application for membership,
Loan applications
Other forms that we may ask you to complete, for example, to ask if you agree to us contacting you by email or by text message.
Information that you give us when you contact us.

From time to time, we will give you details about how we use your information:

On documents that we ask you to sign - such as applications for loans.
when we write to you - for example, when we invite members to attend the Credit Union’s Annual General Meeting (AGM).

We may from time to time use the address and telephone number details that you have given us to get in touch with you about matters relating to your membership, or to your use of the services that the Credit Union provides.  We will not use these contact details for marketing purposes – and we will never pass any of your details to other organisations for them to use for marketing.

If you have supplied us with an email address, we may contact you via email about your membership or your accounts.  We will only do so if you have given your consent to our contacting you by email – and we will not use your email address for marketing purposes.

We may also contact you via text (SMS message) if you have supplied a mobile phone number and have consented to our contacting you in this way.  We will never send you text messages to market our products and services.

Credit Reference Agencies and Fraud Prevention Agencies

We may use Credit Reference Agencies and Fraud Prevention Agencies to help us make decisions about whether to accept applications for membership, and whether to agree to a request for a loan.  Details of how we do this, and of how the agencies will use your information is given in our Data Protection Policy, which is available on request.

Your Rights

You have the right to request a copy of the information that we hold about you.  The General Data Protection Regulations that come into force on 25 May 2018 state that you can access this information for free – but that we may be allowed to charge a fee for unfounded, repetitive or excessive requests, or for requests for information that has already been provided.

If a fee is chargeable, you will be informed of the cost at the time of application.

Normally we must supply you with a copy of your information within one calendar month of our receiving the request.  But we are permitted to take a further two months to reply if there are numerous or complex requests. 

If any of the information that we hold is inaccurate or incomplete, you have the right to ask for it to be corrected.  If you exercise this right, we must provide you with a copy of the corrected information within one calendar month of you telling us that a change is required.  We can take a further two months to reply to numerous or complex requests, but if we do so, we must inform you about this and explain the reason for the delay.  If we have shared your information with any third party (such as a Credit Reference Agency) we must also inform them that we have made a correction to your records.

You have the right to block or ‘restrict’ the processing of your personal data.  We have ‘lawful rights’ to hold certain personal data about you during your membership of the credit union and for a period after you stop being a member (see above) but once you have asked for your data to be restricted we are not allowed to process it further.

You have the right to ask for your personal data to be erased.  We will comply with such a request unless we have ‘lawful rights’ for keeping the data.

You can contact us to exercise any of the above rights by:

Visiting us at West Leeds & Bramley Credit Union Ltd, Bramley Housing Office, 202 Town Street, Leeds LS13 2EP  (Open Tues & Thurs, 1000-1200) OR
Writing to the above address OR
Emailing bramleycu@gmail.com OR
Sending a message via the Credit Union’s web page:

If you tell us that you wish to exercise any of the rights listed above, we must take reasonable steps to confirm your identity before acting on your instructions.

If you believe that we are not following the rules laid down in the GPDR, you can raise your concerns with the Information Commissioner’s Office, either via the ICO website https://ico.org.uk/concerns/
or by calling the ICO helpline on 0303 123 1113.
Safer Saving and Spending
West Leeds and Bramley Credit Union is authorised by the Prudential Regulation Authority and regulated by the Financial Conduct Authority - FRN 213926