Croydon Caribbean Credit Union 

Information Technology and Web Services Data Privacy Summary

How we protect and manage your personal data

Processing your personal information comes with significant responsibilities on our part and we want you to know that we take those responsibilities seriously.

Data protection laws were previously set out in the Data Protection Act 1998. This Act is replaced by the European Union’s General Data Protection Regulation (GDPR) on 25th May 2018, and by the UK’s own data protection legislation, the new Data Protection Act 2018 (DPA), which received Royal Assent on the same date. If the UK continues with its plans to leave the EU, at that time the GDPR will cease to have effect, however the DPA will continue to have effect unless amended or repealed. If required to do so we will inform you of any relevant changes or updates that affect you when the time is right. The information in this Privacy Summary is current with our understanding of the GDPR and DPA as at the end of May 2018 and explains the most important aspects of each piece of legislation. It describes how we use your personal information and the rights you have in relation to that information. For more detailed information please ask for a copy of our full Data Privacy Notice. If you have any questions about how we use your information contact the Credit Union’ Operations Manager at the address given in ‘8’ below.

  1. Who we are

Throughout this document, “we”, “us”, “our/s”, “the Credit Union” refers to Croydon Caribbean Credit Union  Your information is held under the control of the limited company on whose behalf its directors have sole charge of the general control, direction and management of the affairs, funds and records of the Credit Union. For more information about us including a list of office holders ask for a copy of our latest annual report. This Information Technology and Web Services Data Privacy Summary refers in the main to data collected via our website and mobile banking app (hereafter called ‘the app).

  1. The information we collect about you

We will hold:

  • Information about your computer, your visits to and use of this website. This information is for our statistical purposes and may include your IP address, geographical location, browser type, source of referral, length of visit and number of page views.
  • Information relating to any transactions carried out between you and the Credit Union, on or in relation to this website or the app.
  • Information that you provide to the Credit Union for the purpose of registering.
  • Any other information you may send us through this website or the app.

You are responsible for keeping any Personal Identification Number (PIN), password and all other user details in connection with your use of our app confidential.

  1. When we will collect your information

We collect information: (i) you give us; (ii) from your use of our services and products

  1. How we use your information and the legal basis

We use and share your data where:

  • You have agreed or explicitly consented to the using of your data in a specific way (you may withdraw your consent at any time);
  • Use is necessary in relation to a service or contract that you have entered into or because you have asked for something to be done so you can enter into a contract with us;
  • Use is necessary because we have to comply with a legal obligation;
  • Use for our legitimate business interests (which you may object to) such as managing our business including credit risk management, providing service information, training our personnel, and strategic planning;
  • For good governance, accounting, and managing and auditing our business.

We may convert your personal data into statistical or aggregated data which cannot be used to identify you, but may be used to produce statistical research and reports. This aggregated data may be shared and used in all of the ways described above.

  1. Who we share your information with

When providing website or app services to you we may share your information with:

  • Third parties with whom: (i) we need to share your information in order to facilitate transactions you have requested, and (ii) you ask us to share your information;
  • Service providers who help us to provide your products and services;
  • Statutory and regulatory bodies (including central and local government), and law enforcement authorities;
  • Third parties in connection with our management of our business, or other persons or organisations you have instructed such as: persons making an enquiry or complaint; debt collection agencies; budgeting and advice agencies; tracing agents; receivers; liquidators; examiners; Assignee for Bankruptcy or the equivalent;

Your personal data may be transferred outside the UK for storage and other purposes. Where this is the case we will take all necessary steps to ensure adequate protection of your personal data.

You should be aware that if you link to another website through the Credit Union’s website, the Credit Union has no control over any other website and has no responsibility for the privacy practices of other websites.

  1. How long we hold your data

We will hold other personal data for the minimum length of time necessary to deal with your queries and to manage our business effectively or to comply with regulatory or legal obligations.

  1. Implications of not providing your data

You are not obligated to provide any information that we request (other than that required for legal or regulatory purposes) however if you do not provide information we may not be able to:

  • Provide requested products or services to you;
  • Continue to provide and/or renew existing products or services for you;
  • Assess whether or not a service or product we provide is suitable for you.
  1. How to exercise your information rights including the right to object

You have enhanced rights under the GDPR in relation to how we use your information including the right to:

  • Find out if we use your information, access your information and receive copies of your information;
  • Have inaccurate or incomplete information corrected or updated;
  • Object to a particular use of your personal data for our legitimate business interests;
  • In certain circumstances to have your information deleted or our use of your data restricted;
  • The right to move, copy or transfer your personal data (data portability);
  • To withdraw consent at any time where processing is based on consent.

If you wish to exercise any of your data rights you can contact us in the following ways:

  • In person at our main office – 22 Ramsey Court, 122 Church Street Croydon Surrey CR0 1RF
    By post to – The Directors,  Croydon Caribbean Credit Union. 22 Ramsey Court, 122 Church Street Croydon Surrey CR0 1RF
  • By telephone – 02 08 688 5000

You also have the right to report a concern to the Information Commissioner’s Office (ICO) at:


<!--Nominations Guarantors Lending Account opening -->
Croydon Caribbean Credit Union