Privacy Policy

This privacy policy covers interactions you may have with 1st Alliance (Ayrshire) Credit
Union including any online banking area. Through using this website, you agree consent to
your data being used as per this privacy policy.

How your data is used
We will collect information from all our members to ensure that we provide you with high
standards of service, and to protect your privacy. Where your information is used, we will
endeavour to communicate how and where we may use your data.
We may use your data in the following ways:
• Processing any applications you make for financial services we offer.
• Assisting you with any enquiries or complaints you may have.
• Passing to approved external business partners in order to provide our services. If you
would like to read the full details of how your data may be used by us and partners,
please obtain a copy from our Downloads section, phone 01294 557 123 or ask one of
our staff.
• For internal and external auditing purposes.
• To other external parties where it is a legal requirement to do so, such as credit
reference agencies or fraud prevention organisations.
• For analysis to develop and improve our services to you and other members.
• To generate industry statistics. However, where we do so, it will not contain any
information that identifies you personally.
• To send you Marketing material. However, you can opt out of this by contacting us
directly using the details in the “Contact Us” section at the bottom of this policy.
We will never divulge your information to another third party that has not already been
mentioned, except where you have provided consent to do so.
We will retain any information we hold about you regarding the use of any of the services
you are registered for, if your account is deactivated or closed, and if your registration or
activation request is declined or abandoned.
This information will be held for so long as permitted, for legal, regulatory, fraud, crime
prevention, and legitimate business purposes.

The data we collect
We will also continue to exchange information about you with CRAs on an ongoing basis, including
about your settled accounts and any debts not fully repaid on time. CRAs will share your information
with other organisations. Your data will also be linked to the data of your spouse, any joint
applicants or other financial associates. This may affect your ability to get credit.
The identities of the CRAs, and the ways in which they use and share personal information, are
explained in more detail at:
● Transunion at www.transunion.co.uk/crain
● Equifax at www.equifax.co.uk/crain
● Experian at www.experian.co.uk/crain
They may retain information for up to 6 years after any credit agreement between us has ended.
When we share this information, all parties conform to industry standards.
Credit Reference Agencies also share information about people with many financial organisations.
Their records can tell us:
● whether you have kept up with paying your bills, rent or mortgage, and other debts such as
loans, phone and internet contracts.
● your previous addresses.
● information on any businesses you may own or have owned or directed.
● whether you are financially linked to another person, for example by having a joint account
or shared credit.
● whether you have changed your name.
● whether you have been a victim of fraud.
Where you are financially linked to another person their records can provide us with details about
that person’s credit agreements and financial circumstances.
They also use publicly available information to record information about people, including
information from:
● The Royal Mail Postcode Finder and Address Finder.
● The Electoral Register;
● Companies House;
● The Accountant in Bankruptcy and other UK equivalents;
It is our policy to manually review automated decisions whenever possible. However, you have the
right to request a manual review of the accuracy of any decision we make if you are unhappy with it.
The Credit Union uses a company called NestEgg Ltd to process this data on our behalf. NestEgg Ltd
provides an automated ‘decision’ to help the Credit Union make it easy for members to apply for
loans and savings accounts. NestEgg Ltd is not responsible for making decisions, they do not see your
personal information. Their software makes a recommendation to a loans officer.
When you apply for a loan and / or savings account up to five searches may appear on your credit
file. For the purposes of credit scoring, this will typically only affect your credit score as if one credit
application were made.
Each of these five ‘footprints’ relate to the different sources of data being used to assess an
application; these include the credit report itself and an affordability check. The Credit Union needs
to prove the information belongs to you which is when an ID check is required. In cases where an
application is made by a new member; the Credit Union will use an ID check and may also run a
report to check ownership of any bank account details you may give us. These checks are required
by law to prevent money laundering.
Some of these footprints will be in the name of NestEgg Ltd and others in the name of the Credit
Union.
Fraud Prevention Agencies
We use your information to carry out checks for the purposes of preventing fraud and money
laundering. These checks require us to process and share personal data about you.
The personal data can include information that you have shared with us in making your loan
application, other information we have collected or hold about you, or information we receive from
third parties such as Credit Reference Agencies.
We will share your:
● name;
● address;
● date of birth;
● contact details;
● financial information;
● employment details;
The personal data we may collect includes, but is not limited to:
• IP Address (the unique address of your computer, tablet or mobile device)
• Name
• Employment information
• National Insurance number
• Date of birth
• Bank account details
• Address information
• Phone numbers
• Email address
Security
We take the protection of your information very seriously and high security measures will be
taken to ensure your data is protected. All online banking activity is protected by a secure
certificate using the TLS1.2 standard encryption which provides an industry standard level of
security.

Cookies
To provide you with a good online journey, we will store a number of cookies on your
machine, to help us associate important information with you.
For more information on cookies, please view our Cookies Policy.

External links
You may encounter links to external websites when using our website, this policy does not
cover these websites and we encourage you to view each website’s privacy policy before
submitting any information.
Credit Referencing Agencies
In order to process credit applications, you make we will supply your personal information to credit
reference agencies (CRAs) and they will give us information about you, such as about your financial
history. We do this to assess creditworthiness and product suitability, check your identity, manage
your account, trace and recover debts and prevent criminal activity.
● The Insolvency Service and other UK equivalents;
● County Court Records.
This tells us, among other things:
● Your age, address and whereabouts;
● whether you are on the Electoral Register;
● whether you have been declared bankrupt;
● whether you are insolvent; and
● whether there are any County Court Judgements against you.
Credit Reference Agencies may also be Fraud Prevention Agencies.
We use this information to help us make sure we are lending our money responsibly and to help us
decide whether a loan is appropriate for you. We cannot do this without:
● confirming your identity;
● verifying where you live;
● making sure what you have told us is accurate and true;
● checking whether you have overdue debts or other financial commitments; and
● confirming the number of your credit agreements and the balances outstanding together
with your payment history.
We also have a duty to protect the Credit Union and the wider society against loss and crime, so we
use and share Credit Reference Agency information:
● to identify, prevent and track fraud;
● to combat money laundering and other financial crime; and
● to help recover payment of unpaid debts.
We use information in this way to fulfil our contract to you, to meet our legal and regulatory
responsibilities relating to responsible lending and financial crime, to protect the Credit Union from
loss, to pursue our legitimate interests and to prevent crime.
Automated assessment
We may use automated decision making in processing your personal and financial information to
make credit decisions.
● Device identifiers, including IP address; and
● Any other information that it is in our legitimate interest to share in order to prevent or
detect fraud, or that we are legally obliged to provide.
We and fraud prevention agencies may also enable law enforcement agencies to access and use
your personal data to detect, investigate and prevent crime.
We process your data in these ways because we have a legitimate interest in preventing fraud and
money laundering in order to protect our business and to comply with laws that apply to us.
Fraud prevention agencies can hold your personal data for different periods of time, and if you are
considered to pose a fraud or money laundering risk, for up to six years.
If we, or a fraud prevention agency, determine that you pose a fraud or money laundering risk, we
may refuse to provide the loan or any other services you have asked for. We may also stop providing
existing services to you.
A record of any fraud or money laundering risk will be retained by fraud prevention agencies and
may result in others refusing to provide services, financing, or employment to you. If you have any
questions about this then please contact us.
Contact us
If you want more information on how we use and hold your data, or if you think we may be
holding incorrect information, please get in touch on the details below and we will happily
review the information we store. We will keep all the records we have on you unless you tell
us otherwise.
If you no longer wish us to hold your personal data, please contact us on the details below.
Please note that we may not be able to provide you with our services without access to your
data.
• In person at – 147 Main Street, Kilwinning, KA13 6EQ
• By email to – info@allianceayrshire.co.uk
• By telephone on – 01294 557 123
• In writing to – 147 Main Street, Kilwinning, KA13 6EQ