Other Policies

Bishopstown Credit Union Child Friendly Privacy Notice

What we do with your Data when you join Bishopstown Credit Union?

Bishopstown Credit Union collects your information and that relating to your parents or legal guardian for a number of reasons. Under the law, we have to tell you how we will collect that information, how we will use it and how long we will hold it for.

In this notice, you will see different names or terms used that you may not be familiar with, such as:

Data controller: This person (or group of people, like a credit union) is in charge of the information we collect.
Data processor: This person processes information for the data controller (i.e. the credit union).
Data Protection Officer: This is the person we have appointed to make sure we do everything the law says.
Personal data/your information: This means any information that can be used to identify you, such as your address and date of birth.

Who looks after your information?

Bishopstown Credit Union is the data controller of the personal data you give us – we look at how and why your information is collected and used.

Do you have to give us your information?

You must give us quite a lot of the information we need for us to keep open your credit union account, but there is some information that you can choose whether to let us have or not. When we ask you for information that you don’t have to give us, we will ask for your permission and let you know why we want it and what we will do with it. If you don’t want us to have the information in those cases, you won’t have to.

What information do we collect?

Your name, address, date of birth, information about your savings, your signature, and identification documents like passport or birth certificate for you and your parent/legal guardian.

Getting in touch

If you’re worried about how we get and use your information, you can speak to the Data Protection Officer at Bishopstown Credit Union, who will be able to help you and answer any questions that you have.

If you want to speak to somebody not at the credit union, you can call the people who make sure that organisations like us are looking after your information correctly. They are called the Data Protection Commissioner (DPC):

Contact the Data Protection Commission Online at:

https://www.dataprotection.ie/en/contact/how-contact-us

Postal Address:

DATA PROTECTION COMMISSION

21 FITZWILLIAM SQUARE SOUTH

DUBLIN 2, IRELAND. D02 RD28

Why do we collect and use your information?

We will only collect your information when we need it to help us do our job or to follow the law. When we’ve collected it, here’s how we use it:

To open and maintain your account
To make sure we do things correctly under the rules of the credit union and the law;
To get in touch with you and your parents/legal guardians when we need to.

Will your information be shared?

Sometimes Bishopstown Credit Union has to give your information to other people, such as our data processors, our regulators and the government. When your data is given to someone else, they must use it only in the way in which we tell them to and look after it and keep it safe.

How long will we keep your information?

We don’t keep it forever, only for as long as we need it to help us do the thing we needed it for. We have a policy that tells us when to keep it and when to get rid of it.

Would you like to know more?

If you or your parents would like to find out more information about how we collect, use and store your personal information, please speak to Data Protection Officer at Bishopstown Credit Union by contacting at the details provided below or alternatively visit our website https://www.bishopstowncu.ie/. Our contact details are:

Address: Bishopstown Credit Union, Curraheen Road, Cork. T12 P977
Phone: 021-4800010
Email: dataprotection@bishopstowncu.ie

Any changes we may make to our privacy statement in the future will be posted on this page.

What are your rights? You and your parents have the right to:

Ask us to change information you think is wrong.

Where we are processing your data based solely on your consent you have a right to withdraw that consent at any time and free of charge.

Tell us you don’t want your information to be processed.

Object to processing of your personal data where we are relying on a legitimate interest and there is something about your particular situation which makes you want to object to processing on this ground.

Ask us to remove information when it’s not needed anymore

Request that we: a) provide you with a copy of any relevant personal data in a reusable format; or b) request that we transfer your relevant personal data to another controller where it’s technically feasible to do so.

Ask to see the information we hold

Please note that the above rights don’t always apply and there may be some limitations.

CENTRAL CREDIT REGISTER

What is the Central Credit Register?

The Central Credit Register was established under the Credit Reporting Act 2013, and is operated by the Central Bank of Ireland.

The Central Credit Register is a national database that will, on request, provide:

a borrower with an individual credit report detailing their credit agreements;
a lender with comprehensive information to help with credit assessments; and
the Central Bank with better insights into national trends in the provision of credit.

The Central Credit Register acts as a repository of centralised loan/credit information on a per borrower basis, recording as it does the advance of each loan/credit to a borrower and the repayment performance of that borrower. As such a credit history of each borrower is built up over time, and to which any lender may refer when considering a loan/credit application from a borrower. Further details can be found at: https://www.centralcreditregister.ie/.

What types of loans are included on the Central Credit Register?

The type of loans included on the Central Credit Register are as follows:

Personal Loan
Credit card
Charge Card
Overdraft
Revolving Loan
Mortgage Home Loan
Lifetime Mortgage Plan
Property Reversion Plan
Mortgage Buy to Let
Hire Purchase
Personal Contract Plan
Leasing

When did Lenders start providing loan information to the Central Credit Register?

As and from June 2017, organisations like banks, credit unions and any other lenders who provide consumer loans in Ireland, commenced providing details of their consumer loans to the Central Credit Register, with local authorities and licensed moneylenders added in 2018. Subsequently the reporting obligation was extended to business loans. The loan information requires to be provided by each lender to the CCR on a monthly basis.

What information will be held on the Central Credit Register?

The Credit Reporting Act 2013 requires Bishopstown Credit Union to process your personal and credit information for the Central Credit Register about loans existing on 30 June 2017 and any new loans made after that date. Bishopstown Credit Union must submit personal information to the Central Credit Register, such as:

your name;
address;
date of birth; and
personal public service number (PPSN) – a very important piece of information for matching.

The Central Credit Register needs this information to make sure it accurately matches your loans, including loans that you may have with other lenders.

The type of loan/credit information that the CCR will store includes the following:

Amount of all loans
Type of each loan – such as credit card, mortgage, overdraft or personal loan
Name of each Lender
Outstanding loan balance
Number of overdue loan repayments (if any)
Date of next loan repayment.

Your loan information will be stored securely on the Central Credit Register where it will be used to create your credit report. The Central Credit Register will not calculate a score or grade for your credit report. Information will be kept on the Central Credit Register for five years after your loan is paid off.

More details of the information held on the Central Credit Register can be found at: https://www.centralcreditregister.ie/borrower-area/data-protection-statement/

What about foreign loans?

Foreign loans – meaning loans made outside of Ireland to borrowers – are presently not within the scope of CCR loan reporting. It is possible that in future borrowers may become obliged to some form of notification obligation in that regard.

What are my rights?

You have the following rights:

To request at any time from the Central Credit Register your credit report, with the first credit report each calendar year at no charge;
To insert a 200-word explanatory statement on your credit report;
To apply to have information in your credit report amended if you believe such information is inaccurate or incomplete or out of date;
To make a report to the Central Credit Register if you reasonably believe that someone has, is, or is about to impersonate you.

You have a right to apply for your credit report at any time, free of charge subject to fair usage and details of how to do so can be found at: https://www.centralcreditregister.ie/borrower-area/apply-for-your-credit-report-and-other-rights/

Further information regarding the Central Credit Register can be found at: https://www.centralcreditregister.ie/borrower-area/faqs/

If you wish to communicate with the Central Credit Register, you may do so by email to myrequest@centralcreditregister.ie or by telephone on 1890 100050 or (01) 2245500.

Please note that your loan/credit history as maintained on the Central Credit Register will follow you and be available to lenders in respect of any future loans/credit you may wish to take out.

Payment Services Directive Information

The European Union (Payment Services) Regulations 2018 (the “Regulations)

Regulation 76 Information

This is part of your ‘Framework Contract’ with us which contains information specified under Regulation 76 of the Regulations to be given to you in relation to the particular account(s) referenced below.

Bishopstown Credit Union Limited is regulated by the Central Bank of Ireland.

Contact details for the Central Bank of Ireland are as follows:

Address: New Wapping Street, North Wall Quay, Dublin 1

Telephone: +353 1 224 6000

Fax: +353 1 671 5550

Website: www.centralbank.ie

Contact details for Bishopstown Credit Union Limited are as follows:

Address: Curraheen Road, Bishopstown, Cork, T12 P977.

Telephone: 021-4800010

Email: info@bishopstowncu.ie

Website: www.bishopstowncu.ie

(the Central Bank’s Register of Credit Unions can be accessed on its website at: www.centralbank.ie).

Our Business Days are as follows:

Mon: 9:30am – 5:00pm

Tues: 9:30am – 5:00pm

Wed: 10:30am – 5:00pm

Thu: 9:30am – 5:00pm

Fri: 9:30am – 5:00pm

Sat: CLOSED

Sun: CLOSED

This document relates to Bishopstown Credit Union’s provision of payment services excluding current accounts, the terms of which are separate and available on the Credit Unions website.

YOUR ACCOUNT

The following is a description of the main characteristics of the account and payment services on the account:

Lodging and Withdrawing Funds;
Transferring funds internally to other accounts;
Acceptance of funds transferred into a member’s account by Electronic Funds Transfer;
Transfer of funds out of a member’s account by Electronic Funds Transfer;
Acceptance of funds transferred into a member’s account by Direct Debit;
Acceptance of funds transferred into a member’s account by Debit Card;
Transferring funds out of a member’s account on foot of a Standing Order;
Transferring funds out of a member’s account by Direct Debit;
Payment of a utility or other bill from an account or on foot of a withdrawal;
Transacting business online.

Giving an order for payment from your account: When you give us an order to make a payment from your account, we will need you to provide us with the details of the beneficiary of the payment (i.e. their account number and sort code, together with any relevant identification details for the payment service provider (‘PSP’) with which they hold their account). Depending on how you place your order with us (i.e. online, in our offices, by telephone etc) we may also need you verify that order by signature, by use of a password, or by use of a PIN, depending on the type of account that you hold. All of this information, taken together, is known as the ‘unique identifier’ that you must give us. In giving us that unique identifier, you will be consenting to our execution of that order for you. You cannot withdraw that consent after you have given it to us. However, if the order is for a direct debit to be taken from your account, you can revoke that order and your consent by notice to the beneficiary of that direct debit up to close of business on the business day before the funds are to be debited from your account. If the order is for a standing order to be taken from your account, you can revoke that order and your consent by calling into our offices up to up to close of business on the Business Day before the funds are to be debited from your account. In exceptional cases, we may allow you to withdraw your consent after the times specified above, but our specific agreement will be required and we will not be obliged to do this.
Cut-off times: When we are given an order in relation to a payment on your account, we must be given that order before 3.00pm on one of our Business Days unless otherwise stated by us in respect of any particular payment type. If we are given that order after that time, we will be deemed to have received that order on our next following Business Day. If we agree with you that an order is to be executed on a particular Business Day, then we will be deemed to have received that order on that particular Business Day.
Execution times: We confirm that we have up to the end of the first Business Day following the date of deemed receipt of an order under 2 above to credit the amount of that order to the beneficiary’s payment service provider. If the order is initiated by paper we will have an extra Business Day to do this.
Spending limits and payment instruments: If we give you a payment instrument on your account (e.g. a card with a PIN number, or use of online banking with a password, etc.), you may separately agree spending limits with us for use of a particular payment instrument. If we give you a payment instrument for your account, you must, as soon as you receive it, take all reasonable steps to keep personalised security credentials safe including not giving such information to a third party and storing such information in a secure location..

If the payment instrument is lost, stolen, misappropriated or used in an unauthorised manner, you should notify us by contacting the office by telephoning us at (021) 4800010, by email at info@bishopstowncu.ie or in person on one of our business days, or following the instruction for your payment instrument. We reserve the right to block your use of a payment instrument for any of the following reasons:

security of the payment instrument;
suspicion of unauthorised or fraudulent use of the payment instrument;
(if the payment instrument is connected with the provision by us of credit to you) a significantly increased risk that you may be unable to fulfil your liability to pay; and
our legal or regulatory obligations, including our national or European Union obligations.

If we block your use of a payment instrument, we will tell you about it (and the reasons for it) by telephone or in writing unless giving you that information would compromise our security or would be prohibited by law. You may request that we unblock the payment instrument and we will do so, or replace the payment instrument, once the reason for blocking no longer exists.

Charges: We only levy a limited number of charges in connection with the accounts that we offer. Details of these charges are available in our offices on request. These charges will include an affiliation fee for the Irish League of Credit Unions in addition to foreign exchange charges which are set out below at point 7.
Interest rates: If an interest rate applies to your account, you are told this when you open your account and that interest rate is incorporated by reference into this Framework Contract. You can obtain confirmation of that interest rate by contacting us as set out above.
Exchange rates: If any payment on your account (including a withdrawal by you from your account) involves a currency conversion being made by us, we will use a reference exchange rate as provided by FEXCO. The reference exchange rate will change daily and this is the basis on which we will calculate the actual exchange rate. On the date on which we effect the currency conversion, we will take the reference exchange rate that applies on that date, add a fixed amount of commission at 1% up to a maximum of €10.00 and the total will equal the actual exchange rate that is used by us in the currency conversion. You can find out changes to the reference exchange rate by contacting us as set out above.
Giving you information: If we need to communicate with you, give you information or notice of any matters relating to this Framework Contract, we will do so in writing, by email, by SMS text message or by notice on our website bishopstowncu.ie unless we state otherwise herein. Such information or notice will be given to you promptly upon the requirement to do so arising. You may request that we provide or make available to you certain information (prescribed by law) relating to individual payment transactions executed on your account at least once a month and free of charge and in a manner that allows you to store and reproduce the information unchanged.
Regulation 76 Information: For as long as you hold this account with us, you have the right to receive, at any time and on request by you, a copy of this Regulation 76 Information on paper or, if possible, by secure email.
Unauthorised transactions: If you become aware of a transaction on your account that is unauthorised or incorrectly executed, or if your payment instrument is lost, stolen or misappropriated, you must tell us without undue delay and, in any event, within thirteen months of such a transaction being debited from your account. You will be entitled to rectification from us if that transaction was unauthorised or incorrectly executed. If the transaction was unauthorised, we will refund the amount of it to you and, if necessary, restore your account to the state that it would have been in if the unauthorised transaction had not taken place PROVIDED THAT:
- you will bear the loss of an unauthorised transaction on your account, up to a total of €50, if the unauthorised transaction resulted from the use of a lost, stolen or misappropriated payment instrument unless (i) the loss, theft or misappropriation was not detectable to you prior to the payment and you have not acted fraudulently, or (ii) the loss was caused by actions or lack of action by us or any of our employees, agents or third parties acting on our behalf.
- you will bear all losses relating to an unauthorised transaction on your account if you incurred those losses by acting fraudulently or by failing, intentionally or with gross negligence to keep the payment instrument and personalised security credentials safe, to use the payment instrument in accordance with any terms that we tell you are applicable to it, and to notify us without undue delay of it being lost, stolen, misappropriated or used in an unauthorised manner;
- so long as you have not acted fraudulently you will not bear any financial consequences resulting from the use of a lost, stolen or misappropriated payment instrument once you have notified us in accordance with this Framework Contract that it has been lost, stolen or misappropriated;
- if we have not required strong customer authentication, in accordance with applicable legal or regulatory standards, you will not bear any financial losses unless you have acted fraudulently.
Refunds of direct debits: If a direct debit is applied to your account but:
- your direct debit authorisation did not specify the exact amount of the payment; and
- the amount of the payment exceeded the amount you could reasonably have expected taking into account your previous spending patterns, the terms of this Framework Contract and any other relevant circumstances; and
- you give us such factual information as we may require to prove 11 (a) or 11(b) above; and
- you did not give us consent in advance to the direct debit being taken from your account; and
- neither we nor the beneficiary of the direct debit provided or made available information to you about the such direct debit at least four weeks before the debit date,

then you may request a refund from us of that direct debit for an eight week period following the debit date. We will then have ten Business Days to refund you, or give you reasons for our refusal to refund you and that your right to refer the matter to the Financial Services & Pensions Ombudsman – as to which see clause 17 below for further details.

Unique identifier: If you give us an order to make a payment from your account and we execute it in accordance with the correct unique identifier, we will be taken to have executed it correctly as regards the beneficiary of that order. If you give us an incorrect unique identifier, we will not be liable for the non-execution, or defective execution, of the order. We will, however, make reasonable efforts to recover the funds involved.
Our liability if you make a payment out of your account: If you give us an order to make a payment from your account, we are liable to you for its correct execution unless we can prove to you (and if necessary to the beneficiary’s PSP) that the beneficiary’s PSP received the payment. If we are so liable to you for a defective or incorrectly executed payment order, we will without undue delay refund the amount of such order to you and, if applicable, restore your account to the state that it would have been in if the defective or incorrect transaction had not taken place. Irrespective of whether we are liable to you or not in these circumstances, we will make immediate efforts to trace the transaction and notify you of the outcome. If we refuse to execute a payment transaction we will notify you of the refusal and, if possible, of the reasons for such refusal and the procedure for correcting any factual mistakes that may have led to the refusal unless prohibited by law.
Our liability if you receive a payment in to your account: If the payer’s PSP can prove that we received the payment for you, then we will be liable to you. If we are liable to you we will immediately place the amount of the transaction at your disposal and credit the amount to your account. If you have arranged for a direct debit to be paid into your account, we will be liable to transmit that order to the payer’s PSP. We will ensure that the amount of the transaction is at your disposal immediately after it is credited to our account. If we are not liable as set out above, the payer’s PSP will be liable to the payer for the transaction. Regardless of whether we are liable or not, we will make immediate efforts to trace the transaction and notify you of the outcome.
Duration, changes and termination: Your contract with us, as detailed in this Framework Contract, is of indefinite duration. If we want to change any part of the information provided herein which is required by Regulation 76, we will give you at least two months’ written notice of the proposed change where required by law to do so. If you do not notify us within that two month period that you do not accept the proposed change, you will be deemed to have accepted it. If you do not want to accept the proposed change, you must notify us in writing and you will be allowed to terminate your contract with us in relation to the account to which this Framework Contract relates immediately and without charge before the end of that two month period. If we change an interest rate or an exchange rate in a way that is more favourable to you, we have the right to apply that change immediately and write to you soon afterwards confirming that change. We can change an exchange rate immediately and without notice if that change is based upon the reference exchange rate agreed in this Framework Contract. You may terminate your contract with us in relation to the account to which this Framework Contract relates on one month’s notice in writing. We may terminate our contract with you in relation to the account to which this Framework Contract relates on giving you two months’ notice in writing.
Governing law and language: This Framework Contract shall be governed by and construed in accordance with the laws of Ireland, and all communication between us and you during our contractual relationship shall be conducted in English.

Redress: If you have a complaint in relation to the matters governed by this Framework Contract you can write to us and we will deal with your complaint in accordance with our obligations under the Regulations. If you are not satisfied with the outcome of this internal process, you may refer your complaint to the Financial Services Ombudsman. Contact details are as follows: Financial Services and Pensions Ombudsman, 3rd Floor, Lincoln House, Lincoln Place, Dublin 2, D02 VH29.

Tel. (01) 5677000, E-mail: info@fspo.ie.

PSD2 – Strong Customer Authentication (SCA) Statement

What is PSD2?

This refers to the European Union Payment Services Directive 2015, replacing an earlier EU payment services directive in 2007. PSD2 came into force in January 2018. One of the new aspects included in PSD2 is to require payment service providers to ensure more effective security protections are applied to payments made by consumers.

What is ‘Strong Customer Authentication’ or ‘SCA’?

SCA is the process that additionally validates the identity of you the payment service user when you log in to access online and mobile banking with our credit union, and for further services such as making payments or changing your address.

In that regard when accessing your account or approving certain actions, you will be required to authenticate yourself using two out of three of the following:

Something you know e.g. a password or PIN
Something you have e.g. a mobile device
Something you are e.g. a finger print or eye (biometric)

In summary SCA is the application of additional security features which are referable and unique to the identity of the payment service user when making online payments.

What payments does SCA apply to?

SCA applies to customer initiated online payments within the European Union. Most card payments and all credit transfers require SCA. Recurring direct debits are considered merchant initiated payments, and thus do not require SCA.

When is SCA applied?

SCA will be applied when you effect any of the following actions through our CU Online+ Account Service:

Access your account
Initiate a payment
Initiate an action which may imply a risk of payment fraud e.g. creating a new payee

Can I opt out of using SCA?

No, under the PSD2 EU Directive, SCA is mandatory for payment service providers and payment service users. All cuOnline users are required to complete SCA.

What do I need to do?

To make this change easier, check that your mobile phone number and personal details are up to date on your cuOnline profile, or you can call into either of our offices.

Cookie	Duration	Description
	session	Description is currently not available.
zte2095	session	Description is currently not available.

Cookie	Duration	Description
yt.innertube::nextId	never	YouTube sets this cookie to register a unique ID to store data on what videos from YouTube the user has seen.
yt.innertube::requests	never	YouTube sets this cookie to register a unique ID to store data on what videos from YouTube the user has seen.

Cookie	Duration	Description
__zlcmid	1 year	Zopim sets this cookie to store a unique user ID.
__zlcstore	never	Zopim sets this cookie to store information about the current status of the chat.
yt-player-bandwidth	never	The yt-player-bandwidth cookie is used to store the user's video player preferences and settings, particularly related to bandwidth and streaming quality on YouTube.
yt-player-headers-readable	never	The yt-player-headers-readable cookie is used by YouTube to store user preferences related to video playback and interface, enhancing the user's viewing experience.
yt-remote-cast-available	session	The yt-remote-cast-available cookie is used to store the user's preferences regarding whether casting is available on their YouTube video player.
yt-remote-cast-installed	session	The yt-remote-cast-installed cookie is used to store the user's video player preferences using embedded YouTube video.
yt-remote-connected-devices	never	YouTube sets this cookie to store the user's video preferences using embedded YouTube videos.
yt-remote-device-id	never	YouTube sets this cookie to store the user's video preferences using embedded YouTube videos.
yt-remote-fast-check-period	session	The yt-remote-fast-check-period cookie is used by YouTube to store the user's video player preferences for embedded YouTube videos.
yt-remote-session-app	session	The yt-remote-session-app cookie is used by YouTube to store user preferences and information about the interface of the embedded YouTube video player.
yt-remote-session-name	session	The yt-remote-session-name cookie is used by YouTube to store the user's video player preferences using embedded YouTube video.
ytidb::LAST_RESULT_ENTRY_KEY	never	The cookie ytidb::LAST_RESULT_ENTRY_KEY is used by YouTube to store the last search result entry that was clicked by the user. This information is used to improve the user experience by providing more relevant search results in the future.