Personal Banking Business Banking Online Banking Community About HCCU
Click here to return home
 


Home > Legals > General Privacy Policy & Internet Privacy Policy
< Previous Page

General Privacy Policy

Protecting Your Privacy

At Holiday Coast Credit Union, we take seriously our responsibility for protecting your privacy and the confidentiality of your personal information.

As part of our business we are committed to providing a number of services to our members, including financial services. To provide these services it is necessary for us to collect, store and use your personal information. We have been recording such information for over 30 years of operation and we believe we have earned our members trust in doing so. We are continuing to improve and revise the security and accessibility of this information in line with new technology and will continue to do so.

We will only deal with your personal information in the ways we describe to you in this policy.

Personal Information Collected

We collect most personal information from you directly. For example, we may collect personal information when you apply for membership, open an account, deal with us over the telephone, send us a letter, visit our web site, or when you contact us in person.

The type of information we collect will include your name and may include: contact details; tax file number; date of birth; income and financial details; employment details; credit record and transaction history.

We do not generally collect any information that is 'sensitive personal information' such as relating to your health etc, unless it is necessary to provide you with a specific product or service. However such information will only be collected from you and will only be used for the purpose for which it was collected. We do not disclose sensitive personal information to third parties without your permission or instruction.

We will use this information for the purposes that you have provided it.

Where you provide information in an application for membership, we will use this information:

  • For our register of members and shareholders; and
  • For the provision and offer of membership services.

Where you provide information in an application for a financial product or service, we will use this information:

  • To create and maintain a financial service relationship.
  • To recommend products and services that may meet your needs.

If you cannot provide us with the information we require to provide and maintain these services we may be unable to accept or continue your membership or to provide you with financial services.

We may need to source information about you from a third party; for example, a credit reporting agency or an insurer. Wherever possible this will be done with your authorisation or where this is not possible we will inform you when such information is collected.

Use and Disclosure

Personal information is treated as confidential within the credit union and is used by us for the purpose for which it was collected or for a related purpose. Related purposes may include:

  • Our own market analysis and product development;
  • Informing you about new products or services; and
  • Detecting and preventing fraud and other criminal activity.

Sometimes we may need to give some personal information about our members to other organisations who provide services to assist us in supplying to members, or in administering, the products and services members require, or assist us in giving members the information that they are entitled to as members. Examples of such organisations are:

  • Our related entities;
  • Credit Union Services Corporation Australia Ltd and it subsidiaries,
  • Computer bureaus etc which process our work,
  • Printing and mailing houses,
  • Insurers,
  • Valuers,
  • Legal advisers,
  • Conveyancers.

Wherever our business is outsourced to third party contractors, such as mailing houses and Information Technology professionals, we undertake to ensure that these parties are bound by confidentiality and non-disclosure agreements. Information provided to these parties remains the property of the credit union and is only used for the specific purpose for which it is supplied and on completion it is returned to us. Wherever possible, the credit union will elect to deal with agents who are bound by the provisions of the Privacy Act. Where this is not possible we will make every effort to verify that they otherwise comply with the National Privacy Principles as provided by the Office of the Federal Privacy Commissioner.

Confidentiality

We have a duty to keep confidential all personal information we hold about you, including:

  • Your name, address and financial information;
  • The balance in your account; and
  • Transactions on your account.
  • Any other information you may disclose to us.

We will not disclose your personal information unless the disclosure is:

  • Required by law (eg. the Australian taxation Office has the power to order us to disclose information on your account/s, we may receive a subpoena or court order);
  • Authorised by law (eg to protect our interests or where we have a duty to the public to disclose or where it is necessary in proceedings before a court or tribunal); or
  • With your specific consent.

Disclosure to Third Parties

Except where required by law, we only disclose personal information to third parties with your express or implied consent. We do not disclose names and addresses to third parties for their own use and in particular we do not disclose names and addresses to third parties for their direct marketing.

Your Consent

Your consent to us may be express or implied.

We obtain your express consent by you writing to notify us of your consent or by signing to acknowledge a statement of consent. Your implied consent includes your consent, by taking up membership, to allow us to disclose your identifying information to our service providers to enable us to operate and provide services and products to you. Confidentiality of the information will at all times be maintained.

Without such consent we may not be able to maintain your membership and accounts with the credit union.

Direct Marketing and Your Privacy

From time to time we will use the personal information we collect from you to inform you of products and services that we consider may be of interest to you.

If you do not wish to receive direct marketing information, you can tell us at any time by contacting our Compliance Manager.

Tax File Number, Medicare Numbers and Pension Numbers

We use and disclose these numbers only for the purposes required by law.

If You Think the Information we Hold About You is Incorrect or You Want to Update it

We rely on the accuracy of the information you provide to us. If you believe or know that information we hold about you is incorrect, out of date or incomplete, please contact us on 1300 365 7 24 and we will make all reasonable efforts for correct the information.

Security of Your Personal Information

We take all reasonable precautions to protect your personal information from loss, unauthorised access, modification and unauthorised disclosure. Personal information about your accounts and membership is only accessible by you and by those who are authorised to access it. Only authorised employees have access to your personal information and only for approved purposes. Your personal information can only be amended and deleted by authorised means.

Records that we hold, containing your personal information may be in hardcopy documents or as electronic data.

Hardcopy documents are secured on our premises and at archive sites by locks and security systems. Wherever practicable, hardcopy documents are returned to you and not kept on our premises. Electronic data stored on our computers is protected by computer and network security products, including firewalls, encryption, virus software, as well as user identities and passwords.

Our website uses the highest level of technology to ensure maximum security, including 128-bit encryption technology. However, no data transmission over the Internet can be guaranteed to be totally secure. You should assess these potential risks when deciding whether to use our online banking services. You can contact the credit union on 1300 365 7 24 for alternative banking access or visit our Website at www.hccu.com.au to learn more about our internet policy. Whenever you bank on our website, you should ensure that you log out when you leave the computer to prevent unauthorised activity on your account and access to your information.

Access to Your Personal Information

You may request access to the personal information we hold about you. We will provide you with such access wherever possible and within reasonable time. In most cases these requests will be free, but we may apply a fee for such access, to cover our costs depending on the extent of the information sought and what may be required by the Credit Union to meet your request. Before we act upon requests of this nature, we will tell you how much this service will cost.

Sometimes we are not required to provide you with access - for example, if the law says we can deny access. If we refuse you access to your personal information, we will tell you the reason why. If we are not required to provide you with access to the information requested, we will consider, if reasonable, whether the use of a mutually agreed intermediary would allow sufficient access to meet your needs and ours.

We would ask that any such request is stated as clearly as possible and adequately identifies the information you are seeking and where it is located.

Changes to our Privacy Policy

This information relates to our current privacy policy. We may vary this policy from time to time. Changes to our policy will be published on our website, and in our branches from time to time.

Resolving Privacy Issues

If you believe that the credit union has failed to observe the privacy of your personal information, you can register your concern or complaint with our Compliance Manager.

We will respond as soon as possible and usually within 2 working days, to let you know the person in our organisation who will be responsible for investigating the matter. If we are unable to resolve the matter within 10 working says we will contact you to let you know its progress and status and when we expect the matter to be resolved.

How to make a complaint or enquiry

You can contact our Compliance Manager to register a complaint or concern, or to answer your questions relating to this Privacy Policy.

The Compliance Manager
Holiday Coast Credit Union Ltd
Private Mail Bag 9
Wauchope NSW 2446

Telephone: 1300 365 7 24

Email: ubelong@hccu.com.au

^ Back to top

Internet Privacy Policy

We at Holiday Coast Credit Union understand that when our members access our website or interact with us online, the privacy and confidentiality of their personal information is very important to them. That's why we are committed to safeguarding and protecting the confidentiality of any personal and financial details you provide us.

The following explains what information we gather from you when you go to our website, how we use that information and how you can contact us for more information.

We recommend that you read and review the information provided on the Holiday Coast Credit Union Website from time to time. Information provided may be subject to change so we encourage you to check our online policies regularly. Certain sections of the Holiday Coast Credit Union Website may contain specific and additional provisions, which also relate to your privacy protection, and should be reviewed by you from time to time. We also recommend you read this policy in conjunction with our general policy on Privacy.

The Information we Collect

The information that we will collect about you will depend on how you use the facilities offered by the Holiday Coast Credit Union Website.

We will track traffic patterns throughout the Holiday Coast Credit Union Website. If you visit the Holiday Coast Credit Union Website to read, browse or download any information, our system will record:

  • What country you are viewing our site from; and
  • What operating system you are using; and
  • Which browser you are using; and
  • What hour of the day you visit our site; and
  • Which day of the week you visit our site; and
  • What pages you viewed.

The information collected is used to improve the structure, performance and marketing campaigns of the Credit Union. The information collected is statistical and is not used in any way to uniquely identify any specific individual user.

Where the Credit Union is promoting and selling products and services to you we may require specific personal and financial information to better assist us to cater to your needs and requirements. All the information we gather is stored by the Credit Union on a secure site protected by state of the art 'firewalls' to ensure your personal information remains secure and in the strictest confidence with the Credit Union.

The Holiday Coast Credit Union Website may at different times offer you a number of interactive facilities. These facilities may require you to input information in the form of personal financial information. These may include, but are not limited to, tools such as budget planners or loan calculators.

If you use any of the interactive facilities we do not capture and store any personal or financial information that you may have entered when using these tools. Once you leave any interactive facility, upon returning to re-use the facility at a later time you will be required to re-enter the required information to allow the program to compete any calculations or function, either in text form or graphically.

How we Capture Information

We use technology called cookies when you visit our site. Cookies are small pieces of information, which can be stored on your hard drive (persistent cookies) or in memory (session cookies). They can record information about your visit to the site, allowing it to remember you next time you visit and provide a more meaningful experience

We use cookies to offer you increased security. Despite common myths, the cookies we send to your PC cannot read your hard drive, obtain any information from your browser or command your computer to perform any action. They are designed so that they cannot be sent to another site or be retrieved by any site other than Holiday Coast Credit Union.

We use two types of cookies:

Persistent cookies - identify pages accessed and provide personalised features, for example choosing which page you would like to make your start page. They are used to help us develop the design and layout of the web site, improve applications, and measure their effectiveness

Session cookies - are used for security reasons as part of the customer identification process, for example with Internet Banking. These cookies allow you to be recognised once you have signed in and provide you with your confidential account information. They also keep track of time spent on a page, so that if a session in Internet Banking remains inactive for two minutes or longer it will automatically be terminated for your protection. We also use these types of cookies in multi page forms, to help the site remember what you do from one page to the next.
Personal Information

The personal information supplied by you to us is used for identification purposes and will assist you to register as a user of the Holiday Coast Credit Union Website.

Should the product or service require you to supply information about you to the Credit Union you warrant and agree that you must:

Provide true, accurate, current and complete information about yourself as requested ("Registration Data"); and
Maintain and promptly update the Registration Data to keep it true, accurate, current and complete.
You agree that, if you provide any information that is untrue, inaccurate, not current or incomplete or the Credit Union has reasonable grounds to suspect that such information is untrue, inaccurate, not current or incomplete the Credit Union has the right to suspend or terminate your access to the Holiday Coast Credit Union Website.

Storage Of Your Personal Information

The Credit Union will endeavour to take all reasonable steps to keep secure any information, which we hold, about you and to keep this information accurate and up to date. Your information is stored within secure systems that are protected in controlled facilities. In addition, our employees and authorised agents are obliged to respect the confidentiality of any personal information held by the Credit Union.

However, the Credit Union will not be held responsible for events arising from unauthorised access to your personal information.

Security Of Your Personal Information

You will receive an Access Number and you will be required to select your own PIN upon completing the Service's registration process. You understand and agree that you are responsible for maintaining the confidentiality of the Access Number and PIN, and are fully responsible for all activities that occur under your password or account designation. You warrant and agree that you must:

Immediately notify the Credit Union of any unauthorised use of your Access Number and PIN and any breach of security; and
Ensure that you exit from your Internet session each time.
The Credit Union will not be liable for any loss or damage arising from your failure to comply with this requirement.

Unfortunately, no data transmission over the Internet can be guaranteed to be 100% secure. While the Credit Union will strive to protect your personal information via means of encryption technologies, the Credit Union cannot ensure or warrant the security of information transmitted and you do so at your own risk.

You acknowledge that the technical processing and transmission of the data, including your Content, may involve transmissions over various networks and changes to conform and adapt to technical requirements of connecting network or devices and you will take all reasonable steps to ensure your browser is suitably configured so that you will be advised whether the information you are sending to us will be secure (encrypted) or not secure (not encrypted).

The Credit Union currently uses 128-bit encryption technology. The Credit Union reserves the right to immediately terminate your access to some or all parts of its Service if you withdraw your consent to the Privacy Statement and/or the Website

Operation and Security Summary of KeyNet

As part of the KeyNet Internet Banking system, when you log on, a session object is created to pass encrypted (secured) information from one screen to another. This session is not written to your hard disk at all, but stored in memory.

Once the Internet Banking session is terminated, the session object is destroyed.

However, to be able to utilise a session object (and therefore KeyNet) your browser must have cookies enabled.

There are a number of levels of security incorporated in KeyNet that mitigate any security risk on behalf of the member of the Credit Union. Firstly, all sessions between members and the Credit Union are encrypted using 128-bit Secured Sockets layer (SSL) security, which is the highest level of civilian security available. The issuers of these PKI certificates, Verisign Inc, advise that with current computer technology it would take a trillion-trillion years to break it.

Our member's passwords are also protected in that they never display, encrypted before transmission, stored as a hexadecimal string via a one-way industry standard algorithm and cannot be reproduced. This protects members, staff and the Credit Union. If a member forgets their password then the record will need to be deleted. It cannot be displayed.

A further protection is provided by a limited number of retries being allowed. This can be set by the Credit Union and changed from time to time, but the default setting is for 3 attempts only. Should a member exhaust their retries they are locked out of the system until the member contacts the Credit Union.

Additionally, the login page is not cached, so that whenever a member returns to the login page the member number and password fields are clear, necessitating the entry of both every time.

Further to that, if a member inadvertently leaves their session open, it will time out after 5 minutes and revert to the (cleared) login screen.

Newer browsers (eg Internet Explorer 5.0 and above) have the facility to store passwords when they recognise that the password data is being entered. This facility is turned off programmatically in KeyNet so that a possible breach in security is avoided.

Contact Us

If you feel that we have not lived up to our online privacy commitments or you have any queries relating to our policies, please email us. Our objective is to respond within our service standard of five working days.

As we plan to keep our statement on privacy current, this information can be subject to change. Please return periodically to review the latest on Internet privacy.

^ Back to top

Disclaimer

The information on this site, including source code, is the property of the Credit Union and subject to Copyright. Unauthorised use of the information is not permitted.

The information on this site is of a general nature and it is not intended that it should be used for the purpose of making decisions about acquiring any product or service of the Credit Union. The Credit Union accepts no responsibility for any loss, cost or expense arising from use of the information in this site. Full product and service information is available from any branch of the Credit Union.

All the information on this site is subject to change without notice and the Credit Union cannot guarantee the accuracy or completeness of the information. It is our aim to uphold the integrity and accuracy of all details within this Web Site, but is done so without guarantee. Products and services of the Credit Union are only available in Australia and only available to persons or corporations that satisfy membership criteria.

This site may contain information of, or links to, other parties and their opinions are not necessarily those of the Credit Union. The presence of any link or information of other parties should not be construed as an endorsement of those parties or the accuracy of their information.

Full information on all products and services is available from any of our branches or by phoning 1300 365 724, or emailing ubelong@hccu.com.au

^ Back to top