References to "we" refer to the Associated Entities participating in the CU Home Hub Scheme, including participating Credit Unions, Solicitors, Surveyors, and Homebuying Software Limited. Each entity is included under this privacy policy due to their involvement in the CU Home Hub Scheme. It's important to note that while each entity is covered by this policy for their involvement in the CU Home Hub Scheme, they each maintain their own distinct processes and policies outside of the CU Home Hub Scheme, which are separate from those outlined herein. We do not endorse the individual processes and policies of each entity, as they fall outside the scope of the CU Home Hub Scheme.
We process your personal information in accordance with this privacy notice and in compliance with the relevant data protection regulation and law – the General Data Protection Regulation (GDPR) (EU)2016/679) and the European Communities (Electronic Communications Networks and Services) (Privacy and Electronic Communications) regulations 2011. This notice provides you with the necessary information regarding your rights and obligations, and explains how, why and when we collect and process your personal data. It is important that you take the time to read this notice so that you understand how we will use your personal data and your rights in relation not your personal data.
Our Data Protection Officer (DPO) can be contacted at info@cuhomehub.ie for any inquiries or concerns related to your personal data and its processing.
We process your personal information to meet our legal, statutory, and contractual obligations and to provide you with our products and services. We will never collect any unnecessary personal data from you and do not process your information in any way, other than already specified in this notice.
The personal data that we collect from you is:
Information you give us – this is information you give us by filling in forms (enquiry, application, contact forms) or by communicating with us by telephone, email, or by any other means.
You must ensure that in respect of any information you provide us with which does not relate to you (for example, information about your associates), you have provided the individual to whom the information relates with a copy of this Privacy Notice and obtained any necessary consents to disclose such information.
Our platform uses Google Analytics to automatically gather certain statistical information such as the number and frequency of visitors and their IP addresses. This information is used as aggregated statistical information about users, providing usage by IP address. This information helps us to measure how individuals use our services, so that we can continually improve
We record all telephone conversations to process applications, manage facilities, resolve complaints, improve our service and for training, verification, and quality assurance purposes.
Financial Information – we will use information provided by your professional advisors, including accountants where applicable and where you have given your consent to do so, when assessing and preparing your application and to verify your, or if applicable, your associate’s identity. Such information may include some details about your finance status and other loans you have taken out.
We may obtain information about individuals from public databases, which include (but is not limited to) the electoral register and Companies Registration Office. We may also avail of information which is published within the public domain.
Fraud Prevention – When verifying your identity as part of our application process, we may access information recorded by fraud agencies within Ireland. This may include information about any criminal convictions and any allegations regarding criminal activity that relate to you.
Failure to provide personal data – Where you do not provide us with your personal data, we may not be able to provide you with our services or respond to any questions or requests you submit to us. We will tell you when we ask for personal data which is a contractual requirement or needed to comply with our legal obligations.
We take your privacy very seriously and will never disclose, share, or sell your data without your consent, unless required to do so by law. We only retain your data for as long as is necessary and for the purposes specified in this notice. Where you have consented to us providing you with promotional offers and marketing, you are free to withdraw consent at any time. The purposes and reasons for collecting, processing, and storing your personal data are detailed below:
This use of the data is necessary for our legitimate interest in managing our business including legal, personnel, administrative and management purposes such as improving customer service, market research, quality assurance, training staff and for the prevention and detection of crime provided our interests are not overridden by the data subject’s interest. Please note, that in certain circumstances you have a right to object to processing of your personal data where that processing is carried on for our legitimate interest.
The above list is not exhaustive given the nature of the business and therefore this statement will be reviewed to reflect this as required.
By providing your personal information to us, you consent to the collection, processing, and use of your data as outlined in this privacy notice. Additionally, you have the option to provide consent for receiving marketing communications from us. You can indicate your marketing consent preference during the data collection process. We seek two types of consent:
You have the right to withdraw your consent for marketing communications at any time by contacting us using the details provided below. Please note that withdrawing consent for marketing communications will not affect our ability to provide other services to you. However, any processing of your personal data for marketing purposes prior to the withdrawal of consent will remain lawful. If you wish to withdraw consent for marketing communications or have any questions regarding the processing of your personal data, please contact us at info@cuhomehub.ie
You have the right to access any personal information that we process about you and to request information about:
If we are processing your data on the legal basis of consent, you are entitled to withdraw your consent at any time. However, the withdrawal of your consent will not invalidate any processing we carried out prior to your withdrawal and based on your consent.
If you believe that we hold any incomplete or inaccurate data about you, you have the right to ask us to correct and/or complete the information and we will strive to update/correct it as quickly as possible; unless there is a valid reason for not doing so, at which point you will be notified.
You also have the right to request erasure of your personal data (‘Right to be Forgotten’) in certain circumstances, including where:
You can ask that we restrict your personal data being processed in accordance with data protection laws, as well as to object to any direct marketing from us and to be informed about any automated decision-making that the lender uses including profiling, which produce legal effects concerning you or similarly significantly affects you other than where the decision is:
Where a Credit Union bases a decision solely on automated decision-making, you will always be entitled to have a person review the decision so that you can contest it and put your point of view and circumstances forward.
Where you have provided personal data to us, you have a right to receive such personal data back in a structured, commonly-used and machine-readable format and to have that data transmitted to a third-party controller without hindrance but, in each case, only where the processing is carried out by automated means and where the processing based on your consent or on the performance of a contract with you.
You have a right to object to the processing of your personal data in those cases where we are processing your personal data in reliance on our legitimate interests. In such a case, we will stop processing your personal data unless we can demonstrate compelling legitimate interests which override your interests and you have a right to request information on the balancing test we have carried out. You also have the right to object where we are processing your personal data for direct marketing purposes.
If we receive a request from you to exercise any of the above rights, we may ask you to verify your identity before acting on the relevant request. This is to ensure that your data is protected and kept secure.
We do not share or disclose any of your personal information without your consent, other than for the purposes specified in this notice or where there is a legal requirement. We use third-parties to provide the below services and business functions, however all processors acting on our behalf only process your data in accordance with instructions from us and comply fully with this privacy notice, the data protection laws and any other appropriate confidentiality and security measures. We share your personal data with the following categories:
The Central Credit Register (CCR) was established by the Central Bank of Ireland under the Credit Reporting Act 2013 and is a secure system for collecting personal and credit. Information on loans of €500 or more. From 1st October 2019, all Irish lenders are required to run a CCR Enquiry during their credit applications. A CCR Enquiry involves lenders transferring your personal and credit application data to the CCR. As such, in assessing the suitability of your finance application, Credit Unions will submit your personal and credit application data to the CCR as part of their application process.
For the foreseeable future, Credit Unions may also forward your data to the Irish Credit Bureau (ICB) for a credit check, until such a time as this agency is wound down. The legal basis upon which the CCR and ICB relies to process your data is their ‘Legitimate Interests’ (GDPR Article 6 (f)). For more information regarding the CCR and how it works, please visit www.centralcreditregister.ie.
The ICB’s Fair Processing Notice documents who they are, what they do, details of their Data Protection Officer, how it gets the data, why they take it, what personal data they hold, what they do with it, how long they retain it, who they share it with, what entitles them to process the data (legitimate interests), what happens if your data is inaccurate and your rights.
In addition, some Credit Unions may use Profiling, or auto-decision processes, in assessing applications.
We have always been committed to securing and protecting our customer’s data. In order to process and store your data securely and to deliver an efficient service to you, we must use the services of our IT partners. Our IT provider are GDPR compliant.
Due to the nature of our business and services, paper formats of confidential information are received by us on occasion. Electronic copies are only printed when necessary. Where paper information is no longer required, We use a confidential shredding process via a secure waste disposal provider. This provider is located in Ireland.
We take your privacy seriously and we take every reasonable measure and precaution to protect and secure your personal data. We work hard to protect you and your information from unauthorized access, alteration, disclosure or destruction and have several layers of security measures in place, including:
Although all reasonable steps have been taken to store your data securely, we cannot ensure that your data is not intercepted by third parties in the course of being transmitted to us. In the event that any information is intercepted when being transmitted to us via the internet we bear no responsibility or liability to you for the manner in which any such intercepted data is used by any third parties.
You are not obligated to provide your personal information to us however, as this information is required for us to provide you with our services, we will not be able to offer any of our services without it.
We only process your personal information in compliance with this privacy notice and in accordance with the relevant data protection laws. If, however you wish to raise a complaint regarding the processing of your personal data or are unsatisfied with how we have handled your information, you have the right to lodge a complaint with the supervisory authority.
We retain your personal data for as long as necessary to fulfil the purposes outlined in this privacy notice and to comply with legal and regulatory requirements related to mortgage applications. The retention period for mortgage application data is determined by various factors, including the duration of the mortgage process, contractual obligations, and regulatory obligations imposed by authorities such as the Central Bank of Ireland.
Typically, we retain mortgage application data for a period of six years after the date your mortgage application has been discontinued or completed. However, in certain circumstances where longer retention is required by law, we may retain your data for the duration of the legal requirement. After the retention period expires, we securely dispose of or anonymize your personal data in accordance with our data retention policies. If you have any questions regarding our data retention practices or wish to request the deletion of your personal data, please contact us at info@cuhomehub.ie
We may change this notice from time to time. All changes will be posted and updated here. We will notify you directly by email (if we hold one for you) if any significant changes occur. We advise you to check back here frequently to review the most current version of this notice.
Please note that each individual service provider accessible through our platform may have its own privacy policy governing the collection, processing, and use of your personal data. We are not responsible for the privacy practices or content of these service providers. We encourage you to review the privacy policies of each service provider before engaging with their services through our platform. By using our platform, you acknowledge and agree that the privacy practices of each service provider are governed by their respective privacy policies, and we disclaim any liability or responsibility in connection with the privacy practices of these service providers. If you have any questions or concerns regarding the privacy practices of a specific service provider, please refer to their privacy policy or contact them directly.
Service providers such as but not limited to:
We use cookies to personalize your online experience. A cookie is a small text file that is stored in your web browser on your computer, tablet, or smartphone by a web page server. Cookies contain information that can later be read by a web server in the domain that issued the cookie to you. Cookies cannot be used to run programs or deliver viruses to your computer. We use cookies to store your preferences and other information on your computer in order to save you time by eliminating the need to repeatedly enter the same information and display your personalized content and appropriate advertising on your subsequent visits to our website. Our cookie policy is posted separately on the main page of our website and may be viewed by clicking on the following link