Introduction

Edge Credit Union (we or the Bank) is an international bank. Our mission is to promote the good of the people anywhere in the world by maintaining monetary and financial stability. You can find more detailed information about what we do elsewhere on our website. For a number of the activities that we undertake to achieve our mission, we need to process personal data. This may include data that relates to our staff, to business contacts, to customers or staff of the firms we regulate, or to members of the public. We recognise our privileged position in receiving this data. The Bank is committed to protecting the privacy of the individuals whose data we process, and to meeting its responsibilities to process personal data in a way that is consistent with the principles set out in data protection laws.

Special category data

Data protection laws recognise certain types of information as being particularly sensitive. In some instances, as part of the functions described above we may need to process special category or criminal data about individuals. Where this is the case, we will only do so where we have identified this is necessary and where this for one of the reasons where data protection laws allow us to do so. We maintain policies and procedures to apply additional care to this data.

Emailing us

We monitor emails or other electronic communications with us, including any attachments these contain. We do this to meet the legitimate interests we have in ensuring the security of our networks and systems, for compliance and professional standards purposes, as well as in some instances where this is necessary for the performance of a task carried out in the public interest or in the exercise of official authority of the Bank. Emails are scanned by Mimecast. You can read their privacy policy here: https://www.mimecast.com/company/mimecast-trust-center/gdpr-center/privacy-statementOpens in a new window. Blocking software may also be used. Please be aware that you have a responsibility to ensure that any email you send to us is lawful and appropriate. Emails sent to us from outside the Bank are retained for legal and compliance reasons for 7 years

Individuals information rights

You have a number of rights under data protection laws in relation to data held about you. For example, under certain circumstances, by law you have the right to:

1. Request access to your personal information (sometimes known as a subject access request). This enables you to receive a copy of the personal information we hold about you.
2. Request correction of the personal information that we hold about you. This enables you to ask us to have any incomplete or inaccurate information we hold about you corrected
3. Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).
4. Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes.

The Bank Data Protection Officer

The Bank has appointed a Data Protection Officer, who is supported by the Privacy Team in the Banks Compliance Division and whose role includes acting as a point of contact for individuals in relation to concerns around how their data is processed.