In order to function as a business, Assiniboine Credit Union needs to collect a certain amount of personal information from you. At the same time, you have a right to know that your privacy is being respected and your confidential information is collected, used and protected appropriately. For that reason, we have policies and practices in place to safeguard and maintain the accuracy and security of information we collect.
Assiniboine Credit Union meets or exceeds all privacy standards established by industry guidelines, provincial legislation, the federal Personal Information Protection and Electronic Documents Act (PIPEDA) and all other applicable laws.
We have comprehensive security safeguards and standards in place to protect our systems and your personal information against unauthorized access and use.
- All Assiniboine Credit Union employees are familiar with procedures that safeguard member personal information. The protection of your personal information is specified in our employment agreements and regularly confirmed in writing.
- Every employee is required to pass an annual privacy training course.
- We audit our procedures and security measures regularly to ensure that they are properly administered and remain effective and appropriate.
- We retain your information only as long as it is required for the reasons it was collected. Depending on the product or service and the nature of the personal information, this period may extend beyond your relationship with us but only as long as it is necessary to accomplish the purpose for which it was collected, or as required by law.
- When your personal information is no longer needed, we have procedures in place to securely destroy, delete, erase or convert it to an anonymous form.
- Our systems ensure your Personal Identification Number (PIN), password and other access codes are kept private and confidential. For example, when you use your PIN at an ATM, the code is scrambled after you enter it. In addition, only you know your access codes. Our employees can’t find out what they are and will not ask you to reveal them.
- When you enroll in online services such as Internet banking, the passwords you use are encrypted to ensure data security.
- As part of their contracts with us, our suppliers and agents have confidentiality agreements in place and may not use your personal information for unauthorized purposes.
- We ensure all legal enquiries or orders are valid and disclose only the personal information required or permitted by law to be disclosed.
- We will never use email to send you information about important financial matters, such as the status of your account or any security breaches. We also will not request sensitive financial or personal information by email. Please contact us if you receive an email about these matters.
You look to us to offer responsible, reliable financial services and value-added advice. Collecting current, accurate personal information allows us to provide you with the best possible financial advice, as well as products and services you may find valuable.
To this end, Assiniboine Credit Union and our affiliates and partners in the Canadian Credit Union system collect, use or disclose your personal information to:
- verify your identity.
- provide you with the products and services you request.
- determine what products or services may benefit you.
- develop, offer, manage, and provide products and services that meet your needs.
- determine what products or services meet your needs.
- determine your eligibility for products and services.
- detect and prevent fraud, and to help safeguard your and our financial interests.
- help us collect debts or enforce obligations which are owed or guaranteed by you to us.
- respond to lawful requests for information about you.
- meet those purposes we may indicate on our website or otherwise communicate with you.
- meet our regulatory requirements.
- carry out any other purpose that you authorize or that is required or permitted by law.
The information we request depends on the product or service you want. Much of the personal information we ask for is either mandatory by law or vital for us to be able to do business with you. Here are a few examples where you must provide us with specific information in order to obtain the product or service you want.
- Social Insurance Number (SIN) - In order to comply with the Canada Revenue Agency's income reporting requirements, we must collect your SIN when you open a savings account or apply for an RRSP, RRIF or TFSA or other product that earns investment income.
- Financial information - Your financial information is also necessary to access your eligibility for credit products you request, such as line of credit, loan or mortgage. At the same time, it helps us give you the most appropriate financial planning advice about investments and other products and services.
- Health information - Information about your health may be required to determine your eligibility for some of the insurance products you request.
- Date of birth - Knowing your birth date helps us identify you and reduces the risk if someone is trying to impersonate you.
Transfer of personal information to service providers outside Canada
We may engage service providers to assist us in fulfilling the purposes that are set out in this agreement, and in some instances, these service providers may be located outside Canada. We only select service providers that protect personal information in a manner that is comparable to the protection we provide under our own privacy policies. Please be advised that personal information may be subject to, and accessed under, the laws of the countries in which our service providers operate. If you have any questions about our transfer of personal information to our service providers outside Canada, or if you would like to learn more about our privacy policies in that regard, please contact our Privacy Officer.
We are not in the business of selling member lists or personal information about you to others but, under certain circumstances, we may release your personal information to outside parties, including:
To provide you with service
We give the minimum amount of personal information necessary for our suppliers and agents to produce goods and services provided to you through us. For example, we must provide a cheque production company with the personal information you want printed on your Assiniboine Credit Union cheques.
For independent member satisfaction surveys
Also, as part of our commitment to continuous improvement, we sometimes employ the services of professional research companies to conduct independent member satisfaction surveys. If you do not want to participate in these surveys, please contact our Privacy Officer.
For credit granting purposes
With your consent we may disclose your ACU credit history to other lenders or credit bureaus if you apply for credit at another financial institution. In these cases, we release only the information required to identify you and credit records about your repayment history.
To complete a business transaction
We may disclose your personal information in order to complete a business transaction, such as a merger with another credit union or the sale to, or purchase of, another credit union. In such circumstances, we will only disclose your personal information to the other party to the transaction if the disclosure is necessary to complete the transaction and there is a written agreement that restricts the collection, use and disclosure of such personal information to purposes that relate to the business transaction.
If the business transaction is not completed, all personal information disclosed and collected by us will be destroyed or returned.
When required or permitted by law
We are obligated to provide personal information in response to a valid demand, search warrant or other legal enquiry or order. We may also disclose personal information to help us collect a debt owed to us and in the case of a breach of agreement or contravention of law.
Our Privacy Agreement is a key part of our commitment to treat you fairly, provide you with superior member service and maintain the accuracy and security of your personal information.
The agreement is guided by the following 10 principles:
PRINCIPLE 1 – ACCOUNTABILITY
We are responsible for maintaining and protecting all member personal information under our control and have designated a Privacy Officer who is accountable for our compliance with the 10 principles that comprise our Privacy Agreement and applicable law.
PRINCIPLE 2 – IDENTIFYING PURPOSES
When we ask for your personal information, we identify what it will be used for.
PRINCIPLE 3 – CONSENT
We require your knowledge and consent for the collection, use or disclosure of your personal information, except where it is required or permitted by law.
PRINCIPLE 4 – LIMITING COLLECTION
We collect personal information by fair and lawful means and limit our collection to those details necessary for identified purposes.
PRINCIPLE 5 – LIMITING USE, DISCLOSURE AND RETENTION
We use or disclose your personal information only for the purpose(s) for which it was collected, unless you consent otherwise, or when it is required or permitted by law. We retain personal information only for the time required to fulfill the purpose(s) for which it was collected.
PRINCIPLE 6 – ACCURACY
We maintain and update your personal information as accurately and completely as necessary to fulfill the purposes for which it is used.
PRINCIPLE 7 – SAFEGUARDING MEMBER INFORMATION
We protect your personal information with security safeguards appropriate to the sensitivity level of the personal information.
PRINCIPLE 8 – OPENNESS
We make information available to you concerning the policies and practices that apply to the management of your personal information.
PRINCIPLE 9 – MEMBER ACCESS
At your request, and subject to applicable law, you will be informed of the existence, use and disclosure of your personal information, and be given access to it. You may verify the accuracy and completeness of your personal information provided, and may request that it be amended.
PRINCIPLE 10 – HANDLING MEMBER COMPLAINTS AND SUGGESTIONS
Our Privacy Officer will answer any questions or enquiries you have about this Privacy Agreement or our privacy practices.
- email: PrivacyOfficer@acu.ca
Note: For your protection, do not send sensitive financial or personal information by email.
Assiniboine Credit Union
Box 2, Station Main
Winnipeg MB R3C 2G1
ACU members can control the information you receive from us and our system affiliates (except for statement inserts) by stating your withdrawal or partial withdrawal of consent. Some information we collect is necessary for us to provide products and services to you and providing this information is not optional. You have the right, at any time and subject to the applicable law, to withdraw the consent given to us to collect, use and disclose your personal information, or you may alter the terms of your consent.
If you wish to withdraw or partially withdraw your consent, please contact our Member Communication Centre at 204.958.8588 (toll-free 1.877.958.8588).
Please note that a reasonable time period may be required to process your withdrawal of consent.
Assiniboine Credit Union members have a right to access their personal information that we have in our possession. If you want to access this information, or if you have a complaint or concern related to privacy, please print and complete the Member Information Access and Privacy Concern Form [PDF] and email to PrivacyOfficer@acu.ca or fax to 204.478.5524, or mail to the Privacy Office at:
Assiniboine Credit Union
Box 2, Station Main
Winnipeg MB R3C 2G1
The Privacy Office will respond to your request or complaint within 30 days of receiving this form. If there are any costs associated with the information gathering, we will notify you in advance.
However, if you suspect theft or fraud
Do not use The Member Information Access and Privacy Concern Form to report instances of theft or fraud. If you suspect the theft of your identity in any way, or suspect that your private information has been stolen, please report it immediately:
204.958.8588 (toll free 1.877.958.8588)
Hours: Monday to Friday 8am – 8pm (CST)
Saturday 9am – 4pm (CST)
For card loss, see lost or stolen cards.
To find out more about our privacy policies, kindly contact our Privacy Office by email or postal mail.
Please note: for your protection, don't send sensitive financial or personal information by email
Assiniboine Credit Union
Box 2, Station Main
Winnipeg MB R3C 2G1
We are proud of the policies and practices we use to protect your personal information. We also believe that you have the right to know how your personal information is being collected, used and disclosed. That is why we have developed procedures to restore the integrity of your personal information if the policies and practices we use to safeguard your personal information are breached.
Our procedures to respond to security breaches include breach notification. We will notify you, as soon as reasonably practicable in the circumstances, of any security breaches of your personal information, and what it might mean to you.
We will consider the sensitivity of the personal information that is involved and the probability that the personal information has been, is being or will be misused. If the breach creates a real risk of significant harm to you, such as the potential for financial loss, identity theft or negative effects on your credit, we will notify you of the breach as soon as we can. We will ensure that you have enough information to take whatever steps are possible to reduce the risk of the harm that could result from the breach.
Second, if there has been a material breach of the security of your personal information (determined by a number of factors, including the sensitivity of the personal information and the number of individuals whose personal information was involved), we will also notify the Office of the Privacy Commissioner of Canada and the applicable provincial information and privacy commissioner and/or ombudsman as appropriate.
Third, we will investigate whether any other government institutions may be able to help us reduce the risk of harm from the breach. If so, we may notify those institutions, so that they can help us respond to the breach.
In all cases, we will strive to make our notifications as soon as we confirm the breach has occurred, and that notification is required, in a manner which is consistent with applicable laws.