DP Statement - Website Users

General Member Accounts Loan Accounts Website Users Online Banking Online Loans Current Accounts

1. Overview

We want to explain clearly how we process your Personal Data when you interact with Ansac Credit Union as a supplier, website user, a candidate for a voluntary role or employment, or as a visitor. 

We collect and process personal data as we carry out the day-to-day business activities of running the Credit Union including dealing with suppliers, operating our website, securing our premises and carrying out recruitment related activities. This section of the data protection statement provides specific information relating to the processing of personal data in our general business activities.

2.  Who this Data protection Statement applies to

This Data Protection Statement provides specific information relating to the following data subjects whose Personal Data we process:

  • business contact details including those of our customers, suppliers, partners, shareholders and business prospects “Business Contacts”; 
  • users/visitors to our Website “Website Users”; and
  • prospective employees /those applying for jobs at Ansac Credit Union “Candidates”; and
  • members of the public who pass by and/or visit Ansac Credit Union offices and whose images are captured on CCTV “Visitors”;

3. Categories of Personal Data

We process the following categories of Personal Data.  For each category we have included an example of the type of Personal Data that maybe part of that category:

When you visit the Credit Union website, we collect the following information

Category of Personal DataDescription
Identification data  
may include a person’s name, date of birth, driver’s license and passport information.
Contact dataThis includes email address, phone number, postal address.
Communication Data  
may include phone calls, email correspondence and hard copy correspondence. This includes recording of phone calls when you phone the Credit Union.  
Marketing Data  
may include your Contact Data and any preferences in receiving marketing from us and your communication preferences. 
Recruitment Data 

may include recruitment related data such as Identification Data, Contact Data, Communication Data, CV and job application data.

This may include employment history, skills/ experience, languages, educational history, qualifications, membership of professional associations, contact details of employer references/character references, licenses held, interests and hobbies, languages, locations, nationality, passport, eligibility to work in certain jurisdictions, salary expectations,  interview/screening answers and notes.

Financial Data 

may include payment related information or bank account details and financial data received as part of the services that we provide. 

Special Category Recruitment Data 

If we interact with you for the purposes of a job with the Company, we may collect Recruitment Data that is of a special category per the GDPR definition: this can include diversity data such as gender, religion, racial or ethnic origin, sexual orientation, trade union membership or data relating to health. We will only source this data with the explicit consent of Candidates. 

Call Recording Data 

Recording of calls between you and the Credit Union 

CCTV Data 

We operate CCTV cameras at some of our premises. If you pass by and/or visit the Credit Union premises, your image may be recorded on CCTV 

Web DataThis includes data about your use of our services, including data on the type of device you’re using, its IP address, operating system, referral source, length of visit, page views and website navigation paths, as well as information about the timing, frequency and pattern of Website use.
Correspondence DataIf you complete an online enquiry form, we will record details of your enquiry and our correspondence.
Social media dataWe receive Personal Data about Website Users when they follow social media links on our website.

4. Processing Activities

We use Personal Data to assist us in the operation of the company. Under data protection law, we must ensure that the purpose of processing is clear.

We have to process Personal Data legally. We collect data from website visitors to understand what services our website visitors are interested in and to engage with you further in relation to those services.

Purpose of Processing Categories of Personal Data Lawful Basis 

Managing payments and administration of the contract including:

  • To carry out due diligence on suppliers prior to entering into a contract
  • to process payments to and from our business
  • to fulfil our legal/contractual obligations
  • to manage/respond to complaints/issues
  • Contact Data
  • Communication Data
  • Financial Data
  • Call Recording Data
  • Contract
  • Legitimate Interest
  • Legal Requirement

Recruiting staff including:

  • to interview the Candidate
  • to manage our database of Candidates
  • to contact you in connection with any job position we may have open
  • to check your suitability for the role
  • to fulfil the recruitment needs of the business.

 

  • Identification Data
  • Contact Data
  • Communications Data
  • Recruitment Data
  • Web Data
  • Call Recording Data
  • Legitimate Interests
  • Consent
  • Contract

Website delivery including:

to manage and respond to web forms

to promote our products and services

  • to administer the Website 
  • To manage your website experience
  • To improve our website content
  • for internal operations, including support, troubleshooting, data analysis, testing, research, statistical and survey purposes to ensure the safety and security of our website and our services.

 

  • Web Data
  • Contact Data
  • Legitimate Interests
  • Consent

Management of Corporate Affairs

  • to take minutes at board meetings
  • to contact shareholders/investors
  • to enter into partnerships and other commercial relations
  • to undertake appropriate due diligence

 

  • Identification Data
  • Contact Data
  • Communication Data
  • Financial Data
  • Contract
  • Legitimate Interest
  • Legal Obligation

5. Sources of Personal Data

BUSINESS CONTACT PERSONAL DATA

We collect Business Contact Personal Data from our business contacts including –suppliers, partners, consultants, shareholders and business prospects.

We source Business Contact Personal Data in order to serve the business relationship. We will only ever source Personal Data that is necessary and in a way that would be generally expected.

We receive Personal Data about Business Contacts from a variety of sources, as follows:

  • the Personal Data is often provided by the Business Contact as part of the business relationship;
  • the Personal Data may be collected from public sources;
  • the Personal Data may be collected indirectly from another person within the company of the Business Contact;
  • the Personal Data may be collected through our website;
  • the Personal Data may be collected indirectly from a website or from a third party.

CANDIDATE PERSONAL DATA

We will only ever source Personal Data in a way that would be generally expected.

We receive Personal Data relating to Candidates from a variety of sources. The primary source is from Candidates directly. Examples of the sources of Personal Data of Candidates are as follows:

  • the Candidate may send their CV to us with the intention of registering with us to be informed of potential job vacancies;
  • the Candidate may apply directly to a position advertised on our website;
  • the Candidates details may be provided by a member of staff or third party by way of referral; and
  • the Candidates details may be provided by a recruitment agency.

WEBSITE USERS’ PERSONAL DATA

We receive information from you when you visit our website, when you complete an online form on our website, if you subscribe to our newsletter or if you follow us vis social media links on our website. 

This information is collected from you as a result of your interaction with the www.ansaccu.ie website.

We also collect information with your consent when we place cookies on your web browser. For more details, please refer to our Cookie Statement.

SOCIAL MEDIA USERS’ PERSONAL DATA

We collect information from you when follow our social media accounts, like, comment or reshare a social media post or when you communicate with us via messaging apps on social media platforms.

CCTV PERSONAL DATA 

We may collect CCTV video footage of visitors to our premises.

CALL RECORDING PERSONAL DATA

We record all calls to and from the Credit Union.

6. Retention

In some circumstances it is not possible for us to specify in advance the period for which we will retain your Personal Data. In such cases we will determine the appropriate retention period based on balancing your rights against our legitimate business interests.  We may also retain certain Personal Data beyond the periods specified herein in some circumstances such as where required for the purposes of legal claims.

Our retention policy is as follows: 

Purpose of processing

Categories of Personal Data

Retention Period

Relationship Management

  • Contact Data
  • Communications Data
  • Identification Data
  • Financial Data

24 months after completion of service delivery activities in the case where there is no further meaningful engagement.

Certain Personal Data may be retained for 7 years

Marketing & Sales

  • Contact Data
  • Communication Data
  • Marketing Data
  • Web Data

12 months in the case where no meaningful engagement or earlier in the case you unsubscribe.

Recruitment

  • Identification Data
  • Contact Data
  • Communications Data
  • Recruitment Data
  • Web Data

18 months for unsuccessful candidates

Website Delivery

  • Web Data
  • Contact Data

12 months or less

Security 

  • CCTV Data

30 days except where a CCTV extract is required for the purpose of an investigation e.g., a complaint. In these circumstances the recording extract will be retained for 12 months post conclusion of the investigation.

Call Recording 

  • Call Recording data 

30 days except where a call recording extract is required for the purpose of an investigation e.g., a complaint. In these circumstances the recording extract will be retained for 12 months post conclusion of the investigation.

Management of Corporate Affairs

  • Identification Data
  • Contact Data
  • Communication Data
  • Financial Data

7 years unless required to retain indefinitely

ote that this section of the Credit Union Data Protection Statement relates only to how we process data relating to the Credit Union website.

We provide information about how we process your personal data when you interact with any of the Credit Union Services such as membership; website; online banking; current accounts and other general services offered by the Credit Union on a service-by-service basis. For further information relating to (i) how to exercise your rights, (ii) who your Personal Data may be shared with (including cross border transfer); (iii) the security measures we have implemented and the contact details for the Data Protection Commission in Ireland you should read the full Credit Union Data Protection Statement at https://ansaccu.ie/data-protection-statements

Note that this section of the Credit Union Data Protection Statement relates only to how we process data relating to the Credit Union website.

We provide information about how we process your personal data when you interact with any of the Credit Union Services such as membership; website; online banking; current accounts and other general services offered by the Credit Union on a service-by-service basis. For further information relating to (i) how to exercise your rights, (ii) who your Personal Data may be shared with (including cross border transfer); (iii) the security measures we have implemented and the contact details for the Data Protection Commission in Ireland you should read the full Credit Union Data Protection Statement at https://ansaccu.ie/data-protection-statements