Privacy Statement

Protecting your privacy is important to “Rocky Credit Union”.

Rocky Credit Union has adopted this Privacy Statement to provide you with an overview of the collection, use, retention, and disclosure of personal information that you may provide while using the Rocky Credit Union’s products and services (collectively referred to as “Services”).  Rocky Credit Union encourages you to read this Privacy Statement, as well as any Terms and Conditions that may be applicable to a particular product and service, in order to understand how we collect and process personal information in the course of providing the Services and your interaction with the Services.

By using the Services, you consent to the collection, use, retention, and disclosure of your personal information for processing as described in, and subject to the limitations set out in, this Privacy Statement.

Personal Information

Personal information is any information that would identify a person directly, or indirectly in combination with data from other sources. For example, personal information includes a full name, home or work address, phone number, national identification number (SSN, SIN, etc.), email address, banking details, IP address, biometric data, payment information, usage data, or any information that may individually identify a person.

Rocky Credit Union may collect personal information including without limitation your name, phone number, email address, IP address, and device identifiers, in the course of its Services, and may use or disclose that personal information as described with this Privacy Statement.

Rocky Credit Union may also create de-identified or anonymized data from personal information by excluding data components (such as your name, email address, etc.) that makes the data able to personally identify you, through obfuscation, or through other means. In addition, Rocky Credit Union may collect and use aggregated, anonymous information to provide data about the Services to advertisers, potential business partners and other unaffiliated entities.  As this information does not identify a person, and is therefore not personal information, Rocky Credit Union’s use of such aggregated, anonymized and/or de-identified data is not subject to this Privacy Statement.

Consent and Collection of Personal Information

If you use Rocky Credit Union’s website, or conduct a transaction through an the Rocky Credit Union’s website where personal information is essential, your consent is implied to collect and use your personal information to facilitate that use or complete that transaction requested or initiated by you only. Examples of instances in which personal information may be collected by Rocky Credit Union are, but are not limited to:

  • When you request information or Services, and/or when requested information or Services are provided to you,
  • When you access and navigate Rocky Credit Union’s website, or engage in communication and/or business transactions with Rocky Credit Union,
  • When Rocky Credit Union is administering, planning, and managing its relationship with you or communicating with you in relation to this relationship,
  • Where Rocky Credit Union seeks to better understand how Rocky Credit Union may improve its products and services, to develop and conduct its business and operations, and for other internal business purposes,
  • Where Rocky Credit Union seeks to provide you with information on current and future products and services or other developments with respect to Rocky Credit Union and its affiliates and partners,
  • Where Rocky Credit Union needs to comply with applicable legal and regulatory requirements, or protect Rocky Credit Union’s legal rights and property, or
  • If you knowingly submit Personal information through Rocky Credit Union’s website for the purpose of registering for a service, a contest, or authentication.

During these instances, Rocky Credit Union may collect data such as, but not restricted to: name, email address, phone number, address, areas of the Services or Rocky Credit Union websites you visit, transaction type(s) you engage in or request (and amounts thereof), content you view, your IP address, data downloaded or submitted by you, as well as the nature of the individuals or entities with whom you communicate or transact business using the Services.

If at any point you wish to withdraw consent to personal information collection, please contact the Rocky Credit Union Privacy Officer noted in this Privacy Statement.  Please note that certain Services may only be able to be offered or provided to you if you disclose the personal information necessary to facilitate those Services, and therefore Rocky Credit Union may not be able to provide you with certain Services in the event that you choose not to disclose that personal information to Rocky Credit Union.

Anonymous Information

When you interact with a Rocky Credit Union Service, similar to most other websites, apps, and online services, certain anonymous technical information about your visit is automatically logged and collected by Rocky Credit Union.  This may include information about the type of browser you use, operating system, the date and time you access the Service, the links you accessed while using the Service, and the internet address of the website, if any, which linked directly to the Rocky Credit Union Service. This information is used for system administration purposes such as diagnosing problems with Rocky Credit Union’s Services, servers and websites, compiling aggregated and statistical information, and to improve the operation and content of Rocky Credit Union’s websites and Services.  It is not personally identifiable, and is not considered personal information and subject to this Privacy Statement.

Personal Information Use

Rocky Credit Union may use collected personal information for such purposes as:

  • Helping to establish and verify the identity of users, and to keep user accounts secure,
  • Opening, maintaining, administering and servicing users’ accounts or memberships,
  • Providing Services and support to users,
  • Improving Rocky Credit Union’s websites, including tailoring its websites to users’ preferences,
  • Providing users with product or Service updates, promotional notices and offers, and other information about Rocky Credit Union,
  • Corresponding with you, and responding to your questions, inquiries, comments, and instructions,
  • Maintaining the security and integrity of Rocky Credit Union systems, and,
  • Complying with applicable laws.

Once collected, Rocky Credit Union will store and process your personal information in secure locations.

Personal information will only be retained by Rocky Credit Union for the length of time required to fulfill the purpose or complete the transaction for which it was collected, or as may be required by law. Beyond that point, personal information in the possession or control of Rocky Credit Union will be anonymized or securely destroyed.

Security

Rocky Credit Union maintains reasonable physical, technical, and administrative security measures to minimize the risk of unauthorized loss, theft, copying, misuse, access, disclosure, alteration, or destruction of your personal information.

Rocky Credit Union also restricts access to your personal Information to only those persons who have a legitimate business need or legal requirement to view it in connection with the Services.  You, as a personal information owner, may also authorize any persons you may choose to have access to your personal information.

Although Rocky Credit Union does utilize security measures appropriate to the level of risk, no method of data transfer or storage on the internet is 100% secure and security risks cannot be eliminated entirely.  As such, Rocky Credit Union cannot guarantee perfect security, integrity, or confidentiality of personal information.

In the event of a data breach or security incident involving the Services, Rocky Credit Union will take all reasonable steps to comply with the breach reporting obligations that may be applicable to it under Alberta privacy laws.  Rocky Credit Union may also seek to notify you in such event. If notification is appropriate or required, Rocky Credit Union may notify you by email, messaging to your device, or other reasonable means.

Disclosure of Personal Information

Rocky Credit Union does not provide personal information to unaffiliated third parties for their use in marketing directly to you.  We may use unaffiliated companies, or trusted third party service providers, to help maintain and operate our Services for reasons related to our business operations and to better serve you, and those companies may receive your personal information for that purpose.  When Rocky Credit Union shares personal information with third-party services that support our delivery of the Services, we require that they use your personal information only for the purposes we’ve authorized, and that they protect your personal information to at least the same standards used by Rocky Credit Union.

Rocky Credit Union may also disclose personal information about you in connection with legal requirements, such as in response to an authorized subpoena, governmental request or investigation, or as otherwise permitted by applicable law (including, without limitation, to prevent fraud or abuse, or to protect Rocky Credit Union’s legal rights, property, or the safety of Rocky Credit Union, its employees, users or others).

Finally, as Rocky Credit Union’s business develops, it may sell or buy corporate assets, and in such transactions personal information may be one of the transferred business assets.  If Rocky Credit Union, its internet businesses, or substantially all of its shares or assets, is acquired or an acquisition is contemplated, personal information may be one of the assets assessed or transferred in connection with that transaction.

“Cookies” and Advertisers

Rocky Credit Union websites, or the third party companies used to host, operate, or maintain these websites, may place a “cookie” on your computer in order to allow you to use these websites and to personalize your experience.

A “cookie” is a small piece of data, or an alphanumeric identifier, that can be sent by a web server to your computer or device, which then may be stored by your browser on your computer or device. Cookies allow Rocky Credit Union to recognize your computer or device while you are on our websites and help customize your online experience and make it more convenient for you. Cookies are also useful in allowing more efficient log-in for users, tracking transaction histories, and preserving information between browsing sessions. The information collected from cookies may also be used to improve website functionality.

The advertisers and/or other content providers that may appear on Rocky Credit Union websites may also use cookies that are not sent by Rocky Credit Union. Such ads or content may contain cookies that help track and target the interests of users of our websites in order to present “personalized” advertisements or other messages that the user might find interesting. Rocky Credit Union is not responsible for any such cookies.

Most web browsers have features that can notify you when you receive a cookie or prevent cookies from being sent. If you disable cookies, however, you may not be able to use certain personalized functions of Rocky Credit Union websites.

Rights With Respect to Personal Information

Rocky Credit Union is committed to ensuring you retain full access to and control of your personal information. To that end, we endeavor to respect your right to be informed regarding the collection, use and disclosure of personal information, and your right of correction and access to it, via this Privacy Statement.

If you would like to access, correct, remove, request a copy of, withdraw consent to collection of your personal information, or are looking for any additional information on how your personal information may be collected, used or disclosed by Rocky Credit Union, please contact the Rocky Credit Union Privacy Officer via the Contact & Questions area at the bottom of this Privacy Statement.  Subject to certain exceptions and limitations that may be prescribed by applicable law, you will be provided with reasonable access to your personal information, and will be entitled to have it amended or corrected as appropriate.

In certain circumstances, you may have the right to have your personal information, or certain components of your personal information, erased by Rocky Credit Union, to have your personal information moved, copy or transmitted from Rocky Credit Union’s systems to other systems, or to object to or restrict certain processing of your personal information by Rocky Credit Union.  In the event that you wish to inquire about, or seek to exercise any of these rights (as they may be applicable), please contact Rocky Credit Union’s Privacy Officer.

External Links

Rocky Credit Union Services may contain links to other websites, apps, or services, including those of advertisers or third party content providers who offer downloads as part of a Rocky Credit Union Service. Rocky Credit Union is not responsible for the privacy practices or the content of other websites, apps, or services.  We encourage you to read the Privacy Policies published by such third parties before divulging your personal information to them.

Mobile Apps


The following list of permissions and activities are required by our mobile app to operate. These include:
• “Access Camera” permission is used by the app to deposit a cheque via mobile deposit capture, store a custom profile picture and background.
• “Access Location” permission is used by the app to accurately locate the nearest ATM or branch in the “Find Us” feature.
• “Call Permission” is used to automatically call the user’s preferred branch by tapping on the phone number in the “Find Us” feature.
• “Contacts List” permission is used to set up new Interac e-Transfer® contacts and send an Interac e-Transfer®. Only the device contact information a user confirms is readable by Interac.
• “Internal Storage” permission is required to view, share and download PDF files from the mobile app to a user’s device.
• “App Activities” uses mobile app interaction data for analytics on usage and crash information for the current app version. We also monitor application stability using the crash logs to make ongoing improvements. Data collected on app activities, information and performance is completely anonymous and aggregated – individual users are not identifiable.

Changes to this Privacy Statement

Rocky Credit Union reserves the right to modify or supplement this Privacy Statement in its discretion, at any time. If a material change to the terms of this Privacy Statement is made, we will post a notice on our website and a link to the new or amended Privacy Statement.  The collection, use and disclosure of your personal information by Rocky Credit Union will be governed by the version of this Privacy Statement in effect at that time.  Your continued use of Rocky Credit Union’s websites and/or Services subsequent to any changes to this Privacy Statement will indicate your consent to the collection, use and disclosure of your personal information in accordance with the amended Privacy Statement.

Contact & Questions

If you have any questions or comments regarding this Privacy Statement or any aspects of Rocky Credit Union Services, please contact:

Mark Vos, Privacy Officer

403.845.2861

mvos@rockycu.com


CASL COMPLIANCE POLICY


PURPOSE:

ROCKY CREDIT UNION LTD. is committed to compliance with Canada’s Anti-Spam Law (CASL). We take important steps to ensure our customers and others who receive communications from us do not encounter spam in violation of CASL. We only send commercial electronic messages (CEMs) in compliance with this CASL Compliance Policy and our related internal procedures that address CASL obligations.

WHAT IS SPAM?

Spam is unsolicited electronic messages, also known as “junk” e-mail or text messages, often, but not always, sent in bulk form. An electronic message may be spam if:

  • The message is deceptive in that there is an attempt to hide the true sender or content of the message;
  • The recipient’s personal identity and context are irrelevant because the message is equally applicable to any other potential recipient; or
  • The recipient has not granted express or implied consent for the message to be sent.

WHAT IS A COMMERCIAL ELECTRONIC MESSAGE?

A CEM is any electronic message that encourages participation in a commercial activity, regardless of whether there is an expectation of a profit.

 

ROCKY CREDIT UNION LTD. only sends CEMs from our servers in compliance with this CASL Compliance Policy.

Generally, the sender of a CEM needs to obtain express or implied consent from the recipient before sending the message, as outlined in s. 1.1 of this Policy. The CEM must include information that identifies the sender, provides the sender’s contact information and enables the recipient to withdraw consent.

POLICY STATEMENTS:

1.            SENDING COMMERCIAL ELECTRONIC MESSAGES

1.1       Identification Information

ROCKY CREDIT UNION LTD. is transparent about identifying itself as the sender of a CEM to ensure the recipient knows we sent it. We do this by including our business names and sometimes our brand names in all communications. In circumstances where CEMs are sent on behalf of another organization, we accurately identify ourselves as the sender and identify the other organization as the party on whose behalf we are sending the CEM.

1.2       Contact Information

ROCKY CREDIT UNION LTD.’s CEMs also provide contact information for the recipient to get in touch with us with questions or comments. This information consists of a valid mailing address and one of the following additional current pieces of information:

  • Telephone number with access to an agent or voice mail system.
  • Email address.
  • Web address.

Each of these contact options remains valid for at least 60 days after the day on which the CEM was sent.

 

1.3       ROCKY CREDIT UNION LTD. only sends CEMs in the following contexts:

  • when the individual has explicitly provided their consent to receive such messages either verbally or in writing;
  • when the message is in response to a request for information or an inquiry;
  • when the message communicates factual information regarding a customer’s account or contractual relationship with ROCKY CREDIT UNION LTD.;
  • when the message facilitates, completes or confirms an agreed upon transaction;
  • when the receiver of the message has voluntarily disclosed their e-mail contact or conspicuously published their e-mail contact without indicating that they do not want to receive CEMs, and the message is relevant to the recipient’s business, role, functions or duties in a business capacity;
  • when contacting a referral;
  • when there is a clear business relationship between ROCKY CREDIT UNION LTD. and the recipient and the message concerns the activities of the recipient’s organization; or
  • when consent to receive the message can be implied through an existing business relationship (i.e. the customer has entered into a service agreement with ROCKY CREDIT UNION LTD. that is currently in place or that has been terminated less than two years ago).

1.4    All CEMs sent by ROCKY CREDIT UNION LTD. outline a mechanism to opt out of receiving further promotional messages from ROCKY CREDIT UNION LTD. or contain an unsubscribe link if required by CASL. When a message recipient unsubscribes from receiving further CEMs from ROCKY CREDIT UNION LTD., such a request will be processed as soon as possible, and no later than ten business days after consent has been withdrawn.

1.5    There are limited contexts in which you cannot request that ROCKY CREDIT UNION LTD. stop sending you messages, such as when we must communicate with you to enforce ROCKY CREDIT UNION LTD.’s legal rights.


2. PROTECTING YOU FROM SPAM AND THE ALTERING OF TRANSMISSION DATA:


CEMs sent, or caused to be sent, from ROCKY CREDIT UNION LTD.’s servers do not:

  • Use or contain invalid or forged headers or non-existent domain names;
  • Employ any technique to otherwise misrepresent or obscure the sender of an electronic message, the point of origin or the transmission path for the message;
  • Cause delivery of a message to a destination other than, or in addition to, that specified by the sender due to the alteration of transmission data;
  • Contain false or misleading information in the subject line or otherwise contain false or misleading content;
  • Use a third party’s Internet domain name, or relay from or through a third party’s equipment, without permission of the third party; or
  • Attempt to surprise or confuse you. ROCKY CREDIT UNION LTD. makes every effort to ensure that you have either specifically asked to receive electronic messages from us, or you can reasonably expect to.

ROCKY CREDIT UNION LTD. does not sell or exchange any of your information without your consent.


3. RESPONSIBILITY FOR COMPLIANCE WITH THIS POLICY

The Manager, Operations is responsible for periodically reviewing, approving and maintaining the ROCKY CREDIT UNION LTD. CASL Compliance Policy and Procedures, as well as ensuring spot checks of CEM activity are conducted to ensure continued adherence to this Policy.

The Manager, Operations is responsible for ensuring that this Policy and related procedures are communicated to and understood by their respective departments. All ROCKY CREDIT UNION LTD. employees are responsible for complying with Policy in their day-to-day business activities.

4. CONTACTING US WITH A SPAM COMPLAINT

If you receive an electronic message from ROCKY CREDIT UNION LTD. that you believe violates this policy, please contact us as follows:

E-mail:  info@rockycu.com

Phone: 403.845.2861

All ROCKY CREDIT UNION LTD. staff are aware of this CASL Compliance Policy, are appropriately trained and are required to ensure that CEMs are sent in accordance with this Policy and related procedures.