• 876-929-5142 | 876-618-0094 | 876-618-0100 | 888-225-5472 (local calls only)
  • info@fhccu.com

Whatever Your Goals, Start Here, Start Now.



First Heritage Co-operative Credit Union

8-10 Eureka Road

Kingston 5




Effective Date:

At First Heritage Co-operative Credit Union, we are dedicated to protecting your privacy and ensuring the security of your personal data. This Privacy Notice explains how we collect, use, share, and protect your personal data in accordance with Jamaica's Data Protection Act, its Regulations, and any other applicable law.

1. Data Controller

First Heritage Co-operative Credit Union is the data controller responsible for the processing of your personal data.

2. Categories of Personal Data

We may collect and process the following categories of personal data:

  • Identity data which includes name, username, identification  details, Personal Identification Number  (PIN) , photo, marital status,  race, nationality, age, title, date of birth and gender, Tax Registration Number, signature.
  • Contact data which includes residential (home) address, telephone numbers, mailing/postal address, email address.
  • Financial data which includes bank account details, financial status and history of transactions, borrowings, debit card details and receipts.
  • Transaction data which includes transaction details on your accounts and other details of products and services conducted with us.
  • Technical data - These include your login identity data, internet protocol (IP) address and other technology on the devices you use to access our systems.

Employment/Income Data such as employment letters, pay slips source of funds and source of income.

  • Usage data which includes information about how you use our website, products and services.
  • Marketing and communications data which includes your preferences in receiving marketing information from us and your communication preferences.
  • Visitors’ personal information such as identification details of visitors to our premises (for example name, Identification Card, photograph etc.).
  • Biometric data such as images, voice and other similar information, surveillance footage by CCTV cameras on our premises.
  • KYC and other Data such as beneficiary information, references, politically exposed information, beneficial owner’s information.
  • Minors’ personal information – These are collected/processed with the consent of the parent/ guardian.
  • Employee Information including, job application details, employment contract, performance appraisals, background checks, salary information, communications to and from the employee.
  • Data collected through interactions - correspondences (electronic, verbal or written), records of current or past complaints.

3. Use of Cookies

Our Credit Union uses cookies when you visit our website. These cookies are essential for enabling user movement around our website and providing access to features such as your member-only resources, online banking, and other secure areas of the website.

We collect your personal data when you:

  • Visit our website or submit an online application
  • Apply for any of the Credit Union’s products or services
  • Conduct any branch, mail or online transaction
  • Send us an e-mail, mail or phone inquiry
  • Visit any of our branch locations

We may also collect data about you from third parties such as:

  • People who act for you or who you give consent to transfer data to us
  • Publicly available sources
  • Credit reference, debt collection and fraud prevention agencies

4. Purpose of Processing

We collect and process your personal data for the following purposes:

  • Providing Financial Services: To facilitate account opening, provide the requested products and services and manage said accounts/services as well as to facilitate payment instructions and provision of  account information to third parties on your behalf
  • Risk Management/Compliance with Legal Obligations: For the purpose of managing  our  risk, for crime prevention and regulatory reporting which include;
  • Fraud and money laundering prevention, detection and reporting
  • Compliance with Laws and regulations for example filing reports relating to FATCA and the Common Reporting Standard.
  • Credit scoring, automated and partially automated data processing
  • Customer Service: To communicate and  manage our relationship with you which will include:
  • Notifying you about changes in our policies
  • Communicating and obtaining feedback about our products and services; testing of new products and managing our brand
  • Providing information to allow you to partake in a prize draw competition
  • General Administration and Protection of our Business: To record CCTV footage  and telephone recordings to;
  • ensure the safety and security of our employees, customers and any other person visiting the Company’s premises.
  • resolve complaints and improve service standards
  • Other legitimate business purposes including; engaging third party service providers and providing employment to job applicants and managing the relationships

We may collect sensitive Personal Data about you including religious beliefs, political opinions, trade union membership, next of kin or family details, information about your health, criminal convictions and offenses and biometric data. These are used for purposes such as:

  • For Know Your Customer (KYC) assessment
  • To determine politically exposed status
  • Reviewing of criminal records to help prevent and detect criminal behavior
  • For legal and insurance claims processing
  • To facilitate employees joining of a trade union.

5. Legal Basis for Processing

We process your personal data based on the following legal grounds:

  • Contractual Necessity: Processing required to perform the agreement we are about to enter into or have entered into with you.
  • Legal Obligations: Processing required to comply with a legal obligation.
  • Legitimate Interests: Processing necessary for our legitimate interests, where these do not conflict with your fundamental rights as a data subject.

Legitimate Interest means the interest of our business in conducting and managing our business, to enable us to give you the best service or product in a secure environment; and satisfy the interests of our various stakeholders as a financial institution.

  • Consent: Processing with your explicit consent.

6. Data Sharing and Recipients

We may share your personal data with:

  • Regulatory Authorities: As required by law.
  • Service Providers: Third party companies that assist in providing services to you:
    1. Third Parties that the Company shares information with in Jamaica:
  • Financial institutions, insurance and other companies through which your transactions are processed;
  • Regulators/Oversight Bodies such as the Bank of Jamaica, Financial Services Commission and the Jamaica Stock Exchange
  • Government and Law Enforcement authorities such as police or Crime prevention Agencies such as the Financial Investigation Division, the courts, statutory authorities in response to litigation and demand issued on legal/regulatory grounds
  • Companies that we work with to provide other services to you e.g. credit reference bureaus, employers, debt collection agencies, debit card service provider, technology service providers, employers, outsourced services parties such as processors
  • Third parties having legal obligations e.g. trustees and executors, guarantors, anyone holding a power of attorney to operate an account on your behalf
  • Third parties who perform professional services such as lawyers and auditors, also those providing consultancy, insurance and accounting services
  • Fraud prevention/detection agencies such as, private investigators
  • Agencies used to conduct surveys on behalf of the Credit Union and its Subsidiary
  • Emergency and disaster response providers in cases where a person’s health and safety is at stake when an emergency call is made


  1. Third Parties that the Company shares information with outside of Jamaica:

We may be required to transfer or store your personal data in another country to fulfill a legal obligation, for our legitimate interests, or to protect the public interest. We ensure that there are adequate safeguards such as contractual arrangements where the other country in which we store or process personal does not have the same level of regulatory protection for Personal Data.

Personal Data is transferred mostly in the following circumstances:

  • When we store data in the public cloud.
  • When we use third party service providers who reside in other countries such as our technological systems providers whose computing operations are based in foreign countries.

If FHC receives your data and thereafter transfers it to a third party service provider for processing, FHC is committed to ensuring that such third party service provider processes your data in accordance with the standards outlined in the Data Protection Act and other applicable legislations.

  • Affiliates: Other entities within our corporate group.
  • Other Parties: With your consent or as permitted by law.

7. Data Retention

We retain your personal data for as long as necessary to fulfill the purposes outlined in this Privacy Notice, or as required by applicable laws. The usual retention period is seven years after the end of your relationship with FHC. However, we may keep your personal data for longer periods due to regulatory/legal reasons or if required for an ongoing investigation.

8. Your Rights

You have the right to:

  • Access your personal data.
  • Erase your data under certain conditions.
  • Rectify inaccurate data.
  • Data portability.
  • Restrict processing in certain circumstances.
  • Withdraw consent.

9. Security Measures

We implement appropriate technical and organizational measures to ensure the security and confidentiality of your personal data. Security policies and procedures are in place to protect your personal data from unauthorized loss, misuse, alteration, or destruction.

10. Changes to this Privacy Notice

We may modify this Privacy Notice from time to time to reflect our current privacy practices. Any changes to the processing of personal data will be communicated to you through an appropriate channel. The latest version will be available on our website.

11. Contact Us

If you have any questions or concerns regarding this Privacy Notice or your personal data, you may submit your requests in writing to the Credit Union as follows:

In person – at any FHC branch, addressed to the Office of the Data Protection Officer

Mail: First Heritage Co-operative Credit Union Limited, 8-10, Eureka Road, Kingston 5 and addressed to the Data Protection Officer

Email: DPA@fhccu.com

About Us


On August 1, 2012, Churches Co-operative Credit Union and GSB Co-operative Credit Union merged to form the new entity First Heritage Co-operative Credit Union Limited (FHC). This decision culminated the process of discussions that began in October 2010 when the idea of the amalgamation of the two Credit Unions was born.


Get in touch

8-10 Eureka Road, Kingston 5

888-225-5472 (Local Callers only)




This email address is being protected from spambots. You need JavaScript enabled to view it.