Privacy Center

U.S. Privacy Notice

Questions?

Call: 800.936.7730 (U.S.) or 00800.4728.2000 (Int’l) or go to servicecu.org.

Who we are

What we do

Definitions

European Union Privacy Notice (May 25, 2018)

Introduction

Service Credit Union is a New Hampshire state-chartered credit union headquartered at 3003 Lafayette Road, Portsmouth, New Hampshire, 03801 USA. We are a member-owned cooperative financial institution offering a wide variety of financial products and services to our members throughout the world.

We understand that the privacy of your personal information and data is very important to you, and Service Credit Union is fully committed to protecting and using the personal data of its members and all individuals lawfully, fairly, and transparently.

In addition to complying with United States and New Hampshire privacy and data protection laws, the credit union intends to comply with the European Union’s General Data Protection Regulation (“GDPR”), and the German Federal Data Protection Act, to the extent applicable to our members currently living in a European Union country, as soon as feasible, and where those obligations do not conflict with United States law and regulations with which the credit union must comply.

This European Union Privacy Notice applies to any information relating to an identified or identifiable person in the European Union (generally someone living in the European Union) in the credit union’s capacity as either controller or processor of that personal information. The credit union does not apply the GDPR protections and standards to the information of individuals not living in the European Union.

For the purposes of this European Union Privacy Notice, the following definitions apply:

• “Personal Data” means any information relating to an identified or identifiable individual potential member, member, former member, joint account holder, beneficiary, and in limited circumstances non-members. Personal Data includes but is not limited to your name, address, identification number such as Social Security Number, and account number.
• “Processing” means any operation or set of operations which is performed on Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure, dissemination or making available, alignment or combination, restriction, erasure, or destruction.

This European Union Privacy Notice generally describes Service Credit Union’s policies and practices regarding its collection and use of your Personal Data, and summarizes your privacy rights under the GDPR. Because the GDPR is very lengthy and complex, this European Union Privacy Notice does not detail all GDPR privacy rights or the limits to those rights.

Data Protection Officer

Service Credit Union has appointed its Chief Risk Officer and General Counsel to act as the credit union’s data protection officer, who you may contact if you have any questions or concerns about Service Credit Union’s personal data policies or practices, or its compliance with the GDPR. The following is the contact information for the Chief Risk Officer and General Counsel:

Patrick F. Harrigan
Chief Risk Officer and General Counsel
Service Credit Union
3003 Lafayette Road
Portsmouth, New Hampshire 03801 USA
GDPR@servicecu.org
+1 603-422-8312

Collection and Processing of Personal Data

Service Credit Union collects and processes Personal Data only to market and provide financial products and services to individuals, including but not limited to opening and maintaining deposit accounts, making personal loans, and providing payment services.

The credit union’s Personal Data subject to the GDPR is:

1. Processed lawfully, fairly, and transparently;
2. Collected for specified, explicit and legitimate purposes, and not further Processed in a manner incompatible with those purposes;
3. Adequate, relevant and limited to what is necessary for the purposes for which they are Processed;
4. Accurate, and where necessary, kept up to date;
5. As soon as feasible, kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are Processed; and,
6. Processed in a manner that ensures appropriate security of the personal data, including protection against unauthorized or unlawful Processing and against accidental loss, destruction or damage, using appropriate technical security measures.

Service Credit Union also minimizes the risk to your rights and freedoms by not collecting or storing sensitive personal information about you, such as racial or ethnic origin, political opinions, or religious beliefs.

Legal Basis for Processing Personal Data

Service Credit Union processes your Personal Data only to provide financial products and services the credit union has contractually agreed to provide you, where necessary with your consent, or to comply with laws.

Transferring Personal Data from the EU to the US

Service Credit Union is headquartered in the United States, and the Personal Data we collect from you may be Processed in the United States. The United States has not received a finding of information security “adequacy” from the European Union under Article 45 of the GDPR. Therefore, Service Credit Union relies on the specific grounds in GDPR Article 49 to transfer your Personal Data from the European Union to the United States. In particular, the credit union transfers Personal Data collected in the European Union to its Portsmouth, New Hampshire, headquarters for Processing only to provide financial products and services the credit union has contractually agreed to provide to you, where necessary with your consent, or to comply with laws.

Service Credit Union applies appropriate safeguards to protect the privacy and security of your Personal Data while in transit to the United States.

Disclosure of Personal Data to Third Parties

Service Credit Union discloses Personal Data to independent third parties only for the credit union’s everyday business purposes to serve you, including but not limited to account opening and maintenance, transaction processing, loan origination and processing, payment processing, credit bureau reporting, responding to court orders or valid subpoenas or other information requests, and to market the credit union’s products and services to you. For example, to process your debit or credit card transactions, the credit union must share your Personal Data with various payment network providers. Service Credit Union never sells your Personal Data to third parties.

Data subject rights

Under the GDPR, you have the following rights regarding your Personal Data:

• To confirm that the credit union is Processing your Personal Data;
• To access your Personal Data;
• To request correction of inaccurate Personal Data or to have incomplete Personal Data completed;
• To require the erasure of your Personal Data, subject to United States and New Hampshire record retention laws and regulations, which may require data retention for a specified time;
• To block or restrict the Processing of your Personal Data;
• To receive your Personal Data in a format which may be transferred to another company;
• To object to a decision based solely on automated Processing or your Personal Data, including profiling, unless necessary for entering into, or performing, a contract between you and the credit union; and,
• To file a complaint with your local European Union state data protection authority.

Personal Data of Children

Service Credit Union Processes Personal Data of children under the age of 16 only with the written consent of the holder of parental responsibility over the child prior to Processing the child’s Personal Data. The credit union only Processes the Personal Data of a child over the age of 16 with that child’s explicit consent.

Website Cookies

Service Credit Union uses cookies on its website to improve performance and for other purposes, and has a Service Credit Union Cookie Policy which you can access on our website in the Privacy Center. You may also manage cookie use during your website visits by the Cookie Preference Management Tool, also available in the Privacy Center.

Security of your information

Considering the state of the art of data security, the implementation costs, and the nature, scope, context and purpose of Processing, as well as the likelihood and severity of the risks to your rights and freedoms, Service Credit Union has implemented appropriate technical and organizational measures to ensure a level of information security appropriate to the risks. We also continually invest in testing and updating our security technology and procedures.

It is the responsibility of all Service Credit Union employees to protect and insure the confidentiality of all Personal Data, and the credit union regularly trains our employees on the importance of maintaining the privacy and security of your Personal Data. We are also committed to taking appropriate disciplinary measures to enforce our employees’ privacy responsibilities.

Service Credit Union’s information security policies, processes or technology do not guarantee absolute security of your Personal Data. You should take all normal personal information security steps to protect your Personal Data such as using and not sharing your secure passwords, closing browsers after use, and not using insecure public networks.

Data storage and retention

Service Credit Union is implementing a program where it retains your Personal Data only for as long as it is required to do so under United States federal and state law applicable to the credit union.

Changes and updates to the Privacy Notice

Service Credit Union and its membership, products and services change from time to time, and information security threats and security technologies also constantly evolve. Accordingly, we reserve the right to amend this European Union Privacy Notice at any time, for any reason, without notice to you, other than the posting of the amended European Union Privacy Notice on our website. You should check our website frequently to see the current European Union Privacy Notice that is in effect and any changes we may have made to it.

Questions, concerns or complaints

If you have any questions, concerns, or complaints about your Personal Data and Service Credit Union, or this European Union Privacy Notice, please contact Service Credit Union’s Chief Risk Officer and General Counsel.

Cookie Policy

Data protection and privacy are core values for us at Service Credit Union (SCU). SCU is committed to protecting and respecting your privacy and giving you, our member, the option of accepting cookies on our website. This Cookie Policy provides an overview of what cookies are and why we use them. SCU may change this Cookie Policy at any time by updating this page. You can always view the latest version by visiting this page.

What Are Cookies?

Cookies are tiny files that are downloaded to your computer to improve your online experience. They store information, such as the device you are using or your login information, on your hard drive or browser so a website can recognize that you are a returning visitor. Cookies make it easier for you to maintain your preferences on a website.

Why Do We Use Cookies?

Service Credit Union uses cookies to offer you a better browsing experience, personalize content, analyze traffic and share information about your use of our site with our social media, advertising and analytics partners.

The cookies we use help us retain user preferences, store information and provide anonymized tracking data to our third-party analytics vendor. SCU can use this tracking data to monitor visitor behavior on our site, such as what you are clicking and viewing, or where you are submitting information. By measuring how you use our website, we can then tailor it around your preferences.

Specifically, we may collect information about your computer or device, including but not limited to your IP address, browser type and operating system.

Cookie Categories

Strictly Necessary
These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you that amount to a request for services, such as setting your privacy preferences, logging in or filling out forms. You can set your browser to block or alert you about these cookies, but that means some parts of the site will no longer work. These cookies do not store any personally identifiable information.

Performance Cookies
These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and to see how visitors move around the site. All the information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies, we will not know when you have visited our site, and we will not be able to accurately monitor its performance.

Functional Cookies
These cookies enable the website to provide enhanced functionality and personalization. They may be set by us or by third-party providers whose services we have added to our pages. If you do not allow these cookies, then some or all of these services may not function properly.

Targeting Cookies
These cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant advertisements on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

Please click the button below to update your cookie preferences.

Cookie Settings

Marketing Consent Forms

At Service Credit Union (SCU), we are constantly improving our product and service offerings and want to be able to share this information with you. In order to share it with you, we ask that you consent to receiving these materials by visiting the following forms.

Direct Marketing Information & Consent

Parental Consent for Data Processing and Marketing to Child < 16

Data Subject Access Rights Portal

The link below will take you to a secure web form which you can use to exercise your GDPR data access rights. These include requests for information, requests to update information, requests for copies of your data, requests for data erasure, objections to processing, reviewing automated decisioning and filing of complaints with SCU.

Click here to access our Data Subject Access Rights Portal.

European Union’s General Data Protection Regulation (GDPR) FAQs

What is the GDPR?

The GDPR is a new set of rules that aims to give people in the European Union (EU), including those assigned to military bases in the EU, more information about and control over their Personal Data and how it is used and processed by businesses serving the EU. The rules focuses on your Personal Data and maintaining its confidentiality, integrity and accuracy.

When will it go into effect?

The GDPR becomes effective May 25, 2018.

Who does it affect?

The GDPR affects any person—referred to as a “Data Subject”—that is physically in the EU. It also affects businesses such as Service Credit Union that collect or process the Personal Data of any Data Subject. Data Subjects may also include citizens or residents of non-EU countries such as the United States—for example, if a U.S. citizen is temporarily living in the EU.

How is Personal Data defined under GDPR?

As it relates to Service Credit Union, “Personal Data” means any information relating to an individual member, potential member, former member, joint account holder, beneficiary and, in limited circumstances, non-members. Personal Data includes but is not limited to your name, address, identification number (such as Social Security Number) and account number.

The GDPR also extends the definition of Personal Data to any information that could lead someone to identify an individual—for example, an IP address, which could determine your location. It also includes sensitive Personal Data such as genetic data and biometric data, all of which could be further used to uniquely identify an individual.

How does GDPR affect you?

In terms of your relationship with SCU, you will need to opt in to communications from us and confirm how you want to be contacted. If you want to continue being notified of the credit union’s promotions, you will need to opt in to receive those communications. In general, business emails cannot be sent to an EU member who has not opted in. Visitors to our website will also have the option to consent to or block SCU using cookies to track their activity.

What kind of data does Service Credit Union collect?

The Personal Data that we collect and process from or on you will vary based on the SCU services you choose to use. Personal Data is only collected and used when it is relevant to providing those products or services. SCU does not collect Personal Data that is not related to the financial services we provide you.

Examples of Personal Data we may collect include your name, address, date of birth, government identification number, contact information (phone number and email), signature, security questions and answers, current debt and income information, credit history and banking history, and transactional behavior information.

For more information and to read the Service Credit Union European Union Privacy Notice, please visit our Privacy Center.

How is this data used?

The Personal Data that we collect is used to identify you and maintain your account securely. We share this data with vetted third-party vendors only when it is necessary for our everyday business purposes to serve you, such as when issuing a new debit card, offering online banking services or processing account statements. Additionally, through the cookies on our website, Service Credit Union uses your unique information to enhance your browsing experience and to refine our marketing both to you and others like you.

How does SCU protect my data?

We understand that the privacy of your Personal Data is very important to you, and Service Credit Union is, and has always been, fully committed to protecting and using the Personal Data of all individuals lawfully, fairly, transparently and securely. Service Credit Union has implemented appropriate technical measures to ensure a high level of information and data security. We also continually invest in testing and updating our security technology and processes to maintain a high level of security. Finally, independent auditors and examiners annually review Service Credit Union’s information security practices, further ensuring this high level of security.

If you have any further question about this policy, or how we collect or process your data, please visit servicecu.org/privacycenter at any time.