Steinbach CU

Privacy Policy

Steinbach Credit Union is committed to protecting the privacy and confidentiality of member information. This policy explains how SCU collects, uses, shares, and safeguards the personal and financial information entrusted to the credit union by its members.

Understanding Your Options

Privacy at Steinbach Credit Union is not a legal formality — it is a core operating principle. As a member-owned cooperative, SCU answers to its members rather than to outside shareholders, and protecting member information is fundamental to that accountability. This policy describes your privacy rights and how you can exercise them.

Information Collection

Steinbach Credit Union collects information necessary to provide financial services, comply with regulatory requirements, and protect member accounts. The categories of information SCU collects include personal identification details such as full legal name, residential and mailing addresses, date of birth, social insurance number where required for tax reporting, and government-issued identification documentation. Financial information collected includes account balances and transaction history, income and employment details for credit evaluation, credit history reports obtained with member consent, and asset and liability information provided during loan applications.

In addition to information provided directly by members, Steinbach Credit Union may collect information from credit reporting agencies for loan underwriting and account review purposes, from other financial institutions during fund transfers and account verification, and from public records where relevant to the services being provided. Digital information is collected when members interact with SCU online banking, the mobile app, and the credit union website — including login activity, device identifiers, browser type, IP address, and pages or features accessed. This digital information supports security monitoring, platform improvement, and the member experience. For broader context on financial privacy protections, members may consult resources published at consumerfinance.gov.

How We Use Information

Steinbach Credit Union uses member information for purposes directly related to providing financial products and services and operating the credit union. These purposes include processing transactions and maintaining accurate account records, verifying member identity for security and fraud prevention, evaluating applications for credit products including loans, mortgages, and lines of credit, communicating with members about their accounts, available services, and important updates, complying with legal and regulatory obligations including tax reporting and anti-money laundering requirements, and detecting and preventing fraud, unauthorized transactions, and other potentially prohibited or illegal activities.

Steinbach Credit Union may also use aggregated and de-identified information — data that cannot reasonably be linked to any individual member — for analytical purposes such as evaluating service usage patterns, planning product improvements, and assessing operational efficiency. This aggregated information does not identify individual members and is not subject to the same access and correction rights as personal information. SCU does not use member information for purposes beyond those disclosed in this policy without first obtaining member consent, except where otherwise permitted or required by law.

Information Sharing

Steinbach Credit Union limits the sharing of member information to circumstances where disclosure is necessary to provide services, required by law, or authorized by the member. SCU may share member information with service providers and business partners who perform operational functions on behalf of the credit union, including payment processing networks, statement production and mailing services, digital banking platform providers, and audit and compliance firms. Each service provider is contractually required to protect member information with safeguards at least as rigorous as those SCU employs and to use the information only for the specific purpose for which it was shared.

Steinbach Credit Union may disclose member information as required by applicable law, including in response to a valid court order, subpoena, or regulatory request from a government agency with proper jurisdiction. SCU may also disclose information to credit reporting agencies in accordance with standard financial industry practices, to other financial institutions during fund transfers and transaction settlement, and to parties authorized by the member through a written consent or power of attorney. Steinbach Credit Union does not sell, rent, or trade member personal information to third parties for their own marketing purposes under any circumstances.

Your Rights

Steinbach Credit Union members have rights regarding their personal information, consistent with Canadian privacy legislation and the credit union's commitment to transparency and member control. Members have the right to access their personal information held by SCU by submitting a written request to the privacy officer. The credit union will respond to access requests within the timeframes required by applicable law and will provide the requested information in an understandable format. In limited circumstances, access may be restricted where disclosure would reveal personal information about another individual, compromise an ongoing fraud investigation, or violate legal privilege.

Members also have the right to request correction of inaccurate or incomplete personal information in SCU records. If a correction request is disputed, the member may file a statement of disagreement that will be retained with the disputed information. Members may withdraw consent for certain uses of their information, although this may affect the credit union's ability to provide specific services that depend on that information. Members who have questions about privacy practices or wish to file a complaint may contact the Steinbach Credit Union privacy officer through the member support phone line or by written correspondence addressed to the main branch. If a privacy concern is not resolved satisfactorily, members may contact the Office of the Privacy Commissioner of Canada or the applicable provincial privacy authority for further recourse. Additional information about financial privacy rights is available at ncua.gov.

Data Retention

Steinbach Credit Union retains member information for the duration of the member relationship and for a period afterward as required by applicable laws, regulations, and legitimate business needs. Account records, transaction histories, and tax-related documentation are retained for a minimum of seven years following the calendar year in which an account is closed, consistent with Canadian tax record-keeping requirements. Credit application records are retained for a period consistent with credit reporting standards and regulatory expectations. Security and access logs for digital banking systems are retained for a period that supports fraud investigation and security incident response.

When the required retention period for a category of information expires, Steinbach Credit Union securely destroys or anonymizes the information in accordance with established data disposal procedures. Physical records are shredded or incinerated through certified destruction services. Electronic records are deleted using methods that prevent recovery, and backup media is cycled on a schedule that ensures outdated information is not retained beyond its required retention period. Members who close their accounts receive confirmation of account closure and information about the retention schedule for their records.

Security Measures

Steinbach Credit Union employs administrative, technical, and physical safeguards to protect member information against loss, theft, unauthorized access, disclosure, copying, use, or modification. Administrative safeguards include employee training on privacy and security obligations, access controls that limit information access to personnel with a documented business need, and regular privacy and security policy reviews. Technical safeguards include Transport Layer Security encryption for all digital banking sessions, firewalls and intrusion detection systems protecting SCU networks, multi-factor authentication for online account access, and automated monitoring for unusual access patterns or potential security breaches.

Physical safeguards at Steinbach Credit Union include secured facilities with monitored alarm systems, restricted access to areas where member information is stored or processed, visitor logging and escort procedures, and secure disposal methods for records that have reached the end of their retention period. SCU conducts regular security assessments and audits to verify that these safeguards remain effective against evolving threats. In the event of a security incident that may affect member information, Steinbach Credit Union will notify affected members and relevant authorities in accordance with applicable breach notification requirements.

Data Categories & Retention Periods

SCU Information Retention Schedule
Data Category Examples Retention Period
Member Identification Name, address, date of birth, government ID Duration of membership plus 7 years after account closure
Account Records Statements, transaction history, balances 7 years from the calendar year of account closure
Tax Documentation Interest statements, contribution receipts, tax forms 7 years from the calendar year of issuance
Credit Applications Loan applications, credit reports, underwriting documents 7 years from application decision or loan closure
Digital Access Logs Login timestamps, IP addresses, device identifiers 2 years from date of access event
Communication Records Secure messages, support inquiries, correspondence 3 years from date of communication
Closed Account Records Final statements, closure authorizations, payoff confirmations 7 years from calendar year of account closure
Marketing Preferences Consent records, communication opt-in and opt-out choices Duration of membership plus 2 years after closure

Related Services

“As a pharmacy owner, I handle sensitive information for my customers every day, so I pay close attention to how my own financial information is treated. Steinbach Credit Union's approach to privacy gives me confidence — the policy is written in plain language, the staff can explain it clearly, and I have never had a reason to question how my business or personal information is being handled.”
— Peter Giesbrecht, Owner, Giesbrecht Family Pharmacy, Mitchell

Frequently Asked Questions

  1. What information does Steinbach Credit Union collect?

    Steinbach Credit Union collects information necessary to provide financial services to members. This includes personal identification information such as name, address, date of birth, and government identification numbers; financial information including account balances, transaction history, credit reports, and income details; and digital information such as online banking login activity, device identifiers, and website usage patterns. SCU collects only the information required to serve members and comply with regulatory obligations.

    The specific information Steinbach Credit Union collects depends on the products and services a member uses. A member with a basic checking account provides less information than a member applying for a mortgage, which requires detailed financial documentation. SCU does not collect information beyond what is needed for the specific services requested, and members are informed at the point of collection about why the information is required and how it will be used. Members who have questions about a particular information collection can ask the representative handling their transaction or contact the privacy officer.

  2. How does SCU use member information?

    Steinbach Credit Union uses member information to provide and manage financial products and services, process transactions, verify identity, assess creditworthiness for loan applications, communicate about accounts and services, comply with legal and regulatory requirements, and protect against fraud and unauthorized transactions. SCU does not sell member personal information to third parties for marketing purposes. Information use is limited to the purposes disclosed in the privacy policy and for which the information was collected.

    Steinbach Credit Union may also use member information to improve products and services based on aggregated usage analysis, to personalize the online and mobile banking experience by highlighting relevant features, and to communicate information about products or services that may interest the member based on their existing relationship with the credit union. Members can manage their communication preferences through online banking settings or by contacting member support. Opting out of marketing communications does not affect transactional communications such as account statements, regulatory notices, or security alerts.

  3. Does Steinbach Credit Union share member information?

    Steinbach Credit Union may share member information with service providers who perform functions on behalf of the credit union, such as payment processing, statement production, and digital banking platform operation. These providers are contractually bound to protect member information and use it only for the specified purposes. SCU may also disclose information as required by law, such as in response to a court order or regulatory request. Information is never sold to third parties for their own marketing purposes.

    The service providers with whom Steinbach Credit Union shares information are carefully selected and regularly reviewed to confirm compliance with contractual privacy and security obligations. When a service provider relationship ends, the provider is required to return or securely destroy any member information in its possession. Members who have questions about specific information-sharing arrangements can contact the SCU privacy officer for additional detail about the categories of providers that may receive information and the safeguards in place to protect it.

  4. How long does SCU retain member information?

    Steinbach Credit Union retains member information for the duration of the member relationship and for a period afterward as required by applicable laws, regulations, and business needs. Account records are typically retained for a minimum of seven years following account closure to comply with tax and financial record-keeping requirements. After the required retention period expires, SCU securely destroys or anonymizes member information in accordance with established data disposal procedures.

    Different categories of information have different retention periods at Steinbach Credit Union, as detailed in the data retention table on this page. The retention schedule is designed to balance the operational need for historical records, legal and regulatory compliance requirements, and the privacy interest in minimizing the retention of personal information beyond its useful life. Members who close their accounts can request confirmation that their information has been handled in accordance with this retention schedule by contacting the privacy officer after the applicable retention period has expired.

Ready to Become a Member?

Join thousands of Steinbach families who trust SCU for their banking needs. Open your account today.

Open an Account