Privacy Notice for Members

Introduction

JPS & Partners Co-operative Credit Union Limited (‘the Credit Union’) respects your concerns about privacy. We ensure that the processing of your personal data is compliant with the Data Protection Act and any country-specific data protection laws and regulations to the extent applicable to the Credit Union.

We have prepared this Privacy Notice to describe to you our practices regarding the personal information we collect from our members and users of our website .This Privacy Notice applies to the personal data that we collect and handle when you use our website, when you subscribe to our newsletter, take part in a survey, access our products and services or any other marketing initiatives.

For the purposes of this Privacy Notice, “personal data” means any information relating to an identified or identifiable individual such as: name, address, telephone number as well as any non-public information that is associated with any of these.

What data does the Credit Union collect?

Data We Collect:

We collect a wide range of Personal Data that allows us to conduct business with you. The types of data that we may collect from our members, visitors and users of our website will be used for the sole purpose for which the information was provided to us and may include:

• Identity data which includes name, username, identification details, Personal Identification Number (PIN), photo, marital status, race, nationality, age, title, date of birth and gender, Tax Registration Number, signature.
• Contact data which includes residential (home) address, telephone numbers, mailing/postal address, email address.
• Financial data which includes bank account details, financial status and history of transactions, borrowings, debit card details and receipts.
• Transaction data which includes transaction details on your accounts and other details of products and services conducted with us.
• Technical data - These include your login identity data, internet protocol (IP) address and other technology on the devices you use to access our systems.
• Employment/Income Data such as employment letters, pay slips source of funds and source of income.
• Usage data which includes information about how you use our website, products and services.
• Marketing and communications data which includes your preferences in receiving marketing information from us and your communication preferences.
• Visitors’ personal information such as identification details of visitors to our premises (for example name, Identification Card, photograph etc.).
• Biometric data such as images, voice and other similar information, surveillance footage by CCTV cameras on our premises.
• KYC and other Data such as beneficiary information, references, politically exposed information, beneficial owner’s information.
• Minors’ personal information – These are collected/processed with the consent of the parent/ guardian.
• Employee Information including, job application details, employment contract, performance appraisals, background checks, salary information, communications to and from the employee.
• Data collected through interactions - correspondences (electronic, verbal or written), records of current or past complaints.

Data We Automatically Collect:

Like many websites, our website use cookies to optimize functionality and to give you the best possible experience. We also automatically collect information when you visit our website such as the IP address of your device, browser type and version, operating system and other software installed on your device and mobile platforms and your device’s geo-location.

How do we collect Personal data?

We collect data through the following means :

• Information you provide via our website, Social Media Network or Events: We may collect Personal Data that you may choose to send to us or provide to us via our website, social media network or when registering or attending an event.
• Information you provide when accessing our Services: We receive and store information you provide directly to us to access our products and services. For example when applying to become a member, opening an account or transacting at our offices.
• Third Parties: In some instances, we may collect Personal Data from public and non-public sources and third parties for regulatory purposes or to better serve you. These include: Credit Bureaus, references, other financial institutions, regulatory bodies and related entities.

How do we use your Personal Data?

We may use the information we collect from you in connection with the services we provide for a range of reasons, including to:

• Provide our products and services
• Process and complete transactions , and send related information , including transaction confirmation and records
• Verify the members’ identity, credit worthiness and the accuracy of information provided
• Create members accounts and to process loans;
• Manage our members use of the services, respond to enquiries and comments and provide customer service and support
• Send alerts, updates, security notifications and administrative communications
• Investigate and prevent fraudulent activities, money laundering, unauthorized access to our services , and other illegal activities
• Conduct internal research, to market products to members and to communicate with them;
• Improve the Credit Union’s website, application, promotions, payment systems, amongst other services;
• Improve overall member experience and ensure compliance with our legal and regulatory obligations
• For any other purposes which we notify members and users

What are our legal bases for processing your personal data?

The lawful bases we rely on for processing this information are:

• Your consent. You are free to remove your consent at any time. You can do this by contacting our Data Protection Officer whose contact details are listed herein;
• We have a contractual obligation;
• We have a legal obligation;
• We have a vital interest;
• We need it to perform a public task;
• We have a legitimate interest.

How do we share and disclose data to third parties?

• We share your personal data with your consent in order to complete a transaction or to provide any service you have requested or authorized.
• Our Website may contain links to other sites that are not operated by us. We have no control over and assume no responsibility for the content, privacy policies or practices of any third party site or service.
• Data may also be shared with third party vendors when it is necessary to provide services to users, and/or for other legitimate interests.

Third parties also include:

• Professional advisors such as Attorneys-at-Law, Auditors, also those providing consultancy, insurance and accounting services.
• Service Providers such as: Credit reference bureaus, debt collection agencies, debit card service providers, technology service providers, outsourced service providers such as: processors.
• Regulatory bodies such as: the Bank of Jamaica, Department of Co-operatives & Friendly Societies, Jamaica Co-operative Credit Union League etc.,
• Government and Law Enforcement authorities such as: the Police, Crime prevention Agencies such as: Financial Investigation Division, the courts, statutory authorities in response to litigation and demand issued on legal/regulatory grounds
• Third parties having a legal obligation e.g. trustees and executors, guarantors, anyone holding consultancy, insurance and accounting services
• Other parties with your consent and as permitted by law

Personal Data will only be shared with third parties to provide our services to you and /or to comply with legal obligations. These third parties do not retain, share, use or process personal data beyond the defined purposes of providing our services to you.

We transfer your personal data to outside of Jamaica in a number of circumstances including to enable the use of technology and service partners.

These transfers are protected by binding agreements that include standard contractual clauses setting out the obligations of the sending and receiving parties and the safeguards that must be applied. We conduct careful due diligence on all data sharing partners and ensure that appropriate protections are in place to keep your personal data secure in accordance with the standards outlined in the Data Protection Act and other applicable legislations.

If you would like a list of the partners and countries with whom your data has been shared, please contact us.

How we store your personal information

Your information is securely stored. We only retain your Personal Data for as long as it is needed to provide our services to you. We typically keep your personal data for a period of seven (7) years following the date of transaction or termination of a members’ relationship. We may also keep your data for longer than seven (7) years if we cannot delete it for legal, regulatory or technical reasons.

We will then dispose your information by shredding as well as deletion (including back-up data).

Security

We are committed to protecting the security of your Personal Data. We ( and our third party service providers ) use appropriate technical and organizational security measures to protect any information we hold in our records from loss, misuse, and unauthorized access, disclosure, alteration and destruction. This is done to protect the confidentiality and integrity of your data.

However, no method of transmission over the internet, or method of electronic storage is 100% secure. Therefore, while the Credit Union uses reasonable efforts to protect your Personal Data, we cannot guarantee its absolute security.

Your Privacy Rights and Choice

You can access, modify and delete any personal and other information that is made available to you in your Account or in-app.

You have rights under the Data Protection Act, in relation to your personal data. These rights include:

• Right to be informed about how your personal data is being processed;
• Right to request access to your personal data;
• Right to consent and withdraw consent;
• Right to request the correction of your personal data;
• Right to object to the processing of your personal data.
• Right to request transfer of your personal data;
• Right to require that your personal data is not subject to automated decision-making only.

If you wish to exercise any of the rights set out above, please contact us or our Data Protection Officer DataPro Consulting Limited by email at : [email protected].

Notifiable data breaches

We take data breaches very seriously. We will endeavour to meet the 72 hour deadline as imposed by the Data Protection Act to report any data breach to the Information Commissioner. Further, where there is likely to be a high risk to your rights being breached then we will endeavour to contact you without undue delay.

Our report will inform you of:

• the nature of the security breach;
• the measures taken or proposed to be taken to mitigate or address the possible adverse effects of the breach; and
• the name, address and other relevant contact information of our Data Protection Officer or other designated representative.

We will review every incident and/or breach and take action to prevent future incidents or breaches.

Children’s privacy

Our services are not offered to persons under the age of 18 without parental or guardian consent. Any information that is in breach of this provision will be deleted. If you become aware that a child has provided us with information please contact our Data Protection Officer.

Changes to the Privacy Notice

We are constantly trying to improve our website and services, so we may need to change this Privacy Notice from time to time as well. We will alert you to material changes by, for example, placing a notice on our website and/or sending you an email (if you have registered your e-mail details with us) when we are required to do so by the Data Protection Act, 2020.

You can see when this Privacy Notice was last updated by checking the date at the top of this page. You are responsible for periodically reviewing this Privacy Notice.

Contact Us

We welcome your comments or questions regarding this Privacy Policy. If you have a question or comment regarding this Privacy Policy or you would like to make a complaint, please contact our Data Protection Officer using the details below:

Data Protection Officer
DataPro Consulting Limited
[email protected]
(876) 618-9880

Direct Marketing

We would like to send you information about our products and services, which may be of interest to you. Where we have your consent or it is in our legitimate interests to do so, we may do this by post, email or text message (SMS).

We have a legitimate interest in providing our prospective members with services that are well suited to their needs. To this end, provided that our processing of your data will not impose on your interests, rights and freedoms to an extent that overrides our legitimate interest, we will use your personal information to grow our business intelligence through data analysis and the compilation of statistics so as to provide you with relevant information; identify The Credit Union’s services that may be of interest to you; develop and improve our financial services in response to member’s needs; and make customized business conservation offers.

You are entitled to object at any time to the processing of your personal information for direct marketing. You can also withdraw your consent at any time. To learn more, see ‘How to unsubscribe’ below.

How to unsubscribe

If you no longer wish to receive our marketing communication you have the right to opt out of direct marketing, you can unsubscribe at any time by selecting the unsubscribe link we include in every marketing communication, or you can email us at [email protected] and we will promptly remove you from ALL correspondence.

Please note that in relation to service communications the Credit Union may be required contractually or legally to continue to send you service-related messages only for administrative or customer service reasons.

Contact the Office of the Information Commissioner

If you are not satisfied with the way we have handled your complaint, you have the right to raise the matter with the information Commissioner using the contact details below:

Information Commissioner’s Office
The Masonic Building (2nd Floor)
45 -47 Barbados Avenue
Kingston 5, Jamaica
Telephone (876) 920-4390
Email address [email protected]