This privacy notice is to let you know how we manage your personal information at MC Systems. This is information that we collect when you establish and maintain a relationship with us. This notice also tells you about your privacy rights and how the law protects you.
OUR AGREEMENT WITH YOU
As a customer, you agree to us collecting, using and appropriately disclosing your personal information in accordance with our contract with you. We may change our products and services at any time without notice, and consequently, our Privacy Notice may be updated at any time in the future. Continued use of our products and services implies ongoing acknowledgement and consent to same.
OUR PRIVACY PROMISE TO YOU
We will:
- Secure and protect your personal information
- Not disclose your personal information outside the JN Group without your consent
- Enable you to express your preferences so that you can manage how we use your personal information.
WHO WE ARE
MC Systems is a member company of The Jamaica National Group Limited (the parent company). MC Systems takes its data protection and information security responsibilities very seriously. The effective management of all personal data, including its security and confidentiality, lies at the very heart of our business and underpins our practices and processes.
As a firm with a global presence, we are subject to the varying requirements of data protection legislation in the jurisdictions where we operate. Our aim is to be as consistent as possible and obey all applicable laws and apply the highest standard of privacy laws to our approach.
WHAT INFORMATION DO WE COLLECT
We gather various types of information that may identify you as an individual (“personal information”). The information collected depends on the entity providing the service, as well as the service requested.
We collect your information in the following circumstances:
- When you request information about our products and services;
- When you apply for our products and services;
- When you talk to us on the phone, including recorded calls and notes we make;
- When you use our websites, web chats and mobile device apps;
- When you send emails and letters;
- When you participate in customer surveys;
- When you take part in our competitions or promotions.
- When you register or apply for benefits under our rewards programs.
We may also collect data when you use our services. This data collection covers two areas:
- details about how and where you access our services and
- account activity that is shown on your statement as follows:
- Payments and Transactions: This includes the amount, frequency, type, location, origin and recipients.
- Profile and Usage of Information: This includes any security details you create and use to connect to our services. It also includes your settings and marketing choices. Additionally, we gather statistical data about your browsing actions and patterns, from the devices you use (such as computers and mobile phones) to connect to our internet, mobile and telephone banking services. We may collect information about your computer including, where available, your IP address, operating system and browser type, for system administration and to report aggregate information to our advertisers.
HOW DO WE USE YOUR PERSONAL INFORMATION
We may use the information we collect from our customers and their users in connection with the services we provide for a range of reasons, including to:
- provide, operate and maintain the services;
- process and complete transactions, and send related information, including transaction confirmations and invoices;
- manage our customers’ use of the services, respond to enquiries and comments, and provide customer service and support;
- send customers technical alerts, updates, security notifications, and administrative communications;
- verify the identity of customers;
- investigate and prevent fraudulent activities, unauthorized access to the services, and other illegal activities; and
- perform any other functions about which we notify customers and users.
Below we detail the main ways in which MC Systems may use your personal information and the reasons for collecting your information.
| What we collect your data for | How we use your data that we collect | Our reasons for collecting your data |
| Establishing a relationship | To provide our Products and/or Solutions | 1. Keeping our records up to date, working out which of our products and services may interest you and telling you about them
2. Seeking your consent when we need it to contact you 3. Defining types of customers for new products or services 4. Developing products and services, and what we charge for them 5. Being efficient about how we fulfill our legal and contractual duties |
| Maintaining a relationship | Update customer personal data. | |
| Update contractual agreement terms and conditions. | ||
| Offers related to our existing contract with you. | ||
| Marketing and Product Development | To test new products. | |
| To manage how we work with other companies that provide services to us and our customers. | ||
| To develop new ways to meet our customers’ needs. | ||
| To communicate to you, information related to our products and services. | ||
| Transaction Processing/ Business Operations | To execute business in accordance with industry best practice. | 1. Being efficient about how we fulfill our legal and contractual duties
2. Complying with rules and guidance from regulators |
| To deliver our products and services. | ||
| To facilitate and manage customer transactions. | ||
| To manage fees, charges and interest due on customer accounts. | ||
| To manage accounts receivables / payables. | ||
| To manage and provide treasury and investment products and services. | ||
| Regulatory Requirements and Governance | To adhere to laws and regulations that applies to us. | 1. To ensure adherence to internal controls and external regulatory requirements
2. Developing and improving how we deal with financial crime, as well as doing our legal duties in this respect |
| To detect, investigate, report, and seek to prevent financial crime. | ||
| To manage risk for us and our customers. | ||
| To respond to complaints and seek to resolve them | ||
| Legal Proceedings | Customer Complaints | 1. Manage and advise on customers’ legal queries or issues
2. Execute legal actions or query on behalf of client 3. 4. Use any special categories of data as needed to establish, exercise or defend legal claims |
| Transaction Processes | ||
| Other Legal Proceedings |
WHAT LAWFUL BASIS DO WE HAVE FOR PROCESSING YOUR PERSONAL DATA
In accordance with the law, our internal procedures for processing (collecting, storing and securing) your personal information are governed by controls, which ensure the protection and security of your personal information. The law allows us to use personal information based on lawful bases for legitimate purposes. The following are the lawful bases upon which we process data:
- Processing is necessary for fulfilment and performance of a contract to which you are a party. We process your personal information to open accounts, maintain account details, perform administrative tasks and provide services.
- Processing is necessary for compliance with a legal obligation or duty. When you apply for a product or service, we are required by law to collect and process certain personal information about you. Please note that if you do not agree to provide us with the requested information, it may not be possible for us to continue to operate your account or provide services to you.
- Processing is necessary for the purposes of our legitimate interests or that of a third party, except where such interests are overridden by your interests or fundamental rights and freedoms. Our use of your personal information may also be based on our legitimate interest to ensure network and information security if you use any of our systems; provide you with the most appropriate products and services (direct marketing); and make available reports (risk, financial, accounting, etc.) to internal management and supervisory bodies.
- Consent is given. Your personal information may be processed for certain services, based on your request or agreement. Consent is received at that point to provide these services, and therefore, process your information. For example, putting a standing order in place on your account or adding a vehicle to your motor insurance policy.
MC Systems may process personal information based on any of the above, in order to provide our services to you.
WHEN DO WE SHARE PERSONAL DATA
We do not rent or sell your personal information to anyone. We may share your information, including how we manage your account(s) or visits to our website, with other companies within the JN Group and/or with relevant third parties, and as permitted by law, including, but not limited to the following:
- People who provide a service to us or are acting as our agents, on the understanding that they will keep your information strictly confidential and, otherwise, process it in accordance with data protection rules.
- Anyone, to whom we transfer or may transfer all or any part of our business or assets; from whom we acquire any business or assets; or who acquires substantially all of the assets of the JN Group.
- Credit reference and fraud prevention agencies.
We may also provide information about you if we have a duty to do so in order to comply with any legal obligation, or in order to enforce or apply our terms of use, or if the law allows us so to do.
If MC Systems receive your personal information and subsequently transfers that information to a third-party agent or service provider for processing, MC Systems remains committed to ensuring that such third-party agent or service provider processes your personal information to the standard required to meet GDPR and other local privacy laws.
INTERNATIONAL DATA TRANSFERS
We will only send your data outside of the European Economic Area (‘EEA’) or outside of Jamaica in the following circumstances:
- to follow your instructions,
- to comply with a legal duty or
- to work with our service providers who help us to manage your accounts and to provide you with services.
These countries may not have similar data protection laws to those in your country of residence. However, we will always protect your information on the basis that anyone to whom we pass the information protects it in the same way we would and in accordance with this privacy notice and applicable laws. All international transfers outside the EU are protected by EU-based model contract clauses, where there are terms approved by the EU commission.
HOW LONG DO WE KEEP YOUR PERSONAL DATA FOR
Retention periods for records are determined based on the type of record, the nature of the activity, product or service, the country in which the relevant company is located and the applicable local legal or regulatory requirements. We normally keep customer account records for up to seven years after your relationship ends, then the information is securely destroyed.
We have CCTV at the different entities in various locations. CCTV recordings are kept until the storage is full and then they are overwritten. We have some cameras that take constant images and some that are activated by motion, consequently causing our retention policy to vary by premises. Our retention policy for CCTV footage varies between 14-90 days depending on the location and nature of recording. We will supply footage if we have it, but do not commit to supplying any footage over 14 days.
Job applicant’s data is kept only for the duration of the application process, and then it is destroyed if the applicant is unsuccessful.
We may also keep your data for longer than seven years if we cannot delete it for legal, regulatory or technical reasons..
YOUR RIGHTS IN RELATION TO PERSONAL DATA
| Your rights | Meaning |
| The right to object to the processing | You have the right to object to the processing of your personal data in certain situations. |
| The right to information | You have the right to be informed whether and to what extent we process your data. |
| The right of access | Subject to certain exceptions, you have the right to obtain a confirmation as to whether or not we process your personal data, and if we do, request access to your data. |
| The right to rectification | If the personal data that we process is incomplete or incorrect, you have the right to request their completion or correction at any time. |
| The right to deletion | Subject to certain exceptions, if you consider that we should stop processing some or all of your personal data, you have the right to request its deletion. However, there may well be reasons why an immediate deletion may not be possible (for example where retention is required to meet legal or regulatory obligations). |
| The right to restrict the processing | You have the right to request that we restrict the processing of your personal data in certain situations:
· If you contest the accuracy of your personal data, you may request that its processing is restricted while we verify its accuracy. · If the processing of your personal data is considered unlawful, but you do not require the deletion of your personal data. · If we no longer need the data for the purposes of its processing, but you need it for the establishment, exercise or defence of legal claims. · If you object to our processing of your data based on our legitimate interests |
| The right to data portability | Where the processing takes place on the basis of your consent or contract, and is carried out by automated means, you have the right to request that we provide your personal data to you in a machine-readable format. |
| Rights in relation to automated decision making and profiling | You have the right to object to decisions based exclusively on the automated processing of your personal data. |
| The right to withdraw your consent | If your personal data is processed on basis of your consent, you have the right to withdraw your consent at any time. The withdrawal of your consent does not affect the lawfulness of processing based on consent before its withdrawal. |
HOW CAN I EXERCISE MY DATA SUBJECT RIGHTS
If you would like to access, review, update, rectify, and delete any personal information we hold about you, or exercise any other data subject right available to you under the EU General Data Protection Regulation (GDPR), you can obtain contact information from the “How to Contact Us” section of this privacy notice. We will examine your request and respond to you as quickly as possible.
Please note that we may still use any aggregated and de-identified personal information that does not identify any individual. We may also retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
USE OF AUTOMATED DECISION-MAKING AND PROFILING
We sometimes use systems to make automated decisions about you or your business. This helps us to make sure our decisions are quick, fair, efficient and correct based on what we know. Automated decisions can affect the products, services or features we may offer you now or in the future. They are based on personal information that we have or that we are allowed to collect from others. Here are the types of automated decision we make:
Pricing
We may decide what to charge for some products and services based on what we know. This will help us decide whether to offer you the product and what price to charge you.
Tailoring Products, Services, Offers and Marketing
We may place you in groups with similar customers. These are called customer segments. We use these to study and learn about our customers’ needs and behaviours, and to make decisions based on what we learn. This helps us to design products, services and offers for different customer segments, and to manage our relationships with them. It also helps us tailor the information that individuals receive or see on our own and other websites and mobile apps, including social media.
Detecting Fraud
We use your personal information to help decide if your personal or business accounts or customer relationships may be being used for fraud or money-laundering. We may detect that an account or customer relationship is being used in ways that fraudsters work. Additionally, we may notice that an account or customer relationship is being used in a way that is unusual for you or your business. If we think there is a risk of fraud, we may stop activity on the account or customer relationship, or refuse access to it.
Establishing Customer Relationships
When you establish a customer relationship with us, we check that the product or service is relevant to you, based on what we know. We also check that you or your business meets the conditions needed to facilitate the customer relationship.
HOW TO CONTACT US
We are committed to the protection of your privacy rights and of your personal information. If you have any questions or require more details about how we use your personal information please see below:
- Contact our Member Ombudsman at 876-936-0262
- Write to us at 10-12 Grenada Crescent, Kingston 5, Jamaica
- Contact us at
- 876 929 8661
- 876 552 8124
- Email us at solutions@mcsystems.com
Please let us know if you are unhappy with how we have used your personal information.
You also have the right to make a complaint to an EU regulator if you are resident in the EU. If you are unhappy about the way we have dealt with your privacy, you can contact our Data Protection Officer or make a complaint to the Information Commissioners Office. Find out on their website how to report a concern or write to:
Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow, Cheshire
SK9 5AF
Helpline number: 0044 (0)303 123 1113
Changes to this privacy statement occur from time to time as the business develops and grows and adds more processing. You are encouraged to check back regularly to see any changes that may have occurred.
USE OF COOKIES AND OTHER TECHNOLOGIES
We use cookies and other internet tracking software to collect data while you are using our websites or mobile apps. Cookies allow us to store information about the computer device you use to access our website so that you can conduct business with us easily. They allow us to recognise when you revisit our websites and to evaluate our websites’ advertising and promotional effectiveness. We use both our own (first party) and partner companies’ (third party) cookies to support this activity.
We do not use Cookies to:
- track your internet usage after leaving the website
- store personal information others may read and understand.
Processing of personal data associated with the use of these cookies occurs based on our legitimate Interests to administer the website.
Our cookies are listed below.
| Cookie Name | Retention Time | Description |
| _ga | 2 years | This is a Google Analytics cookie used to distinguish users. |
| _gid | 24 hours | This is a Google Analytics cookie used to distinguish users and its main purpose is for performance of the site. |
| _gat | 1 minute | This is a Google Analytics cookie used to throttle the request rate limiting the collection of data on high traffic sites. |
| moove_gdpr_popup | 1 year | Stores your cookie consent state for the current domain |
You can deactivate the non-technical cookies by not consenting to non-essential cookies when your first visit the site. When you first visit the site, it gives you an opportunity to opt-in or opt-out of cookies.
You may also set your browser’s setting to deactivate cookies. If you use that option, some functions of this website (e.g. login, memory of preferences etc.) may not be available. Detailed guidance on how to control cookies preferences for the most common browsers can be found at:
- Google Chrome
- Mozilla Firefox
- MacOS Safari
- Microsoft Internet Explorer
- For other browsers please see allaboutcookies.org
You also have the option to install the Google Analytics opt-out browser add-on and thereby deactivate the use of Google analytics cookies and the associated data processing. You can find the Opt-out browser add-on here.
https://tools.google.com/dlpage/gaoptout
You can find the Google privacy notice here.
Google Analytics privacy notice.
LINKING TO OTHER WEBSITES / THIRD PARTY CONTENT
For your convenience, hyperlinks may be posted on the website or social media sites that link to other websites. We are not responsible for these sites, and this privacy notice does not apply to, the privacy practices of any linked sites or of any companies that we do not own or control. Linked sites may collect information in addition to that which we collect on our website. We encourage you to seek out and read the privacy notice of each linked site that you visit to understand how the information that is collected about you is used and protected.
INFORMATION PERTAINING TO CHILDREN
We do not knowingly collect or solicit personal information from anyone under the age of 18. If you are under 18, please do not attempt to register for our services or send any personal information about yourself to us. If we learn that we have collected personal information from a child under age 18, we will delete that information as quickly as possible. If you believe that a child under 18 may have provided us Personal Information, please contact us a soon as possible. You can find the information in the “Contact us” section of this privacy statement.