The Co-operative Pension Scheme (Pace)
Privacy notice for General Data Protection Regulation (GDPR)
We, PACE Trustees Limited, are the Trustee of Pace. We are committed to protecting your information and acting in accordance with your rights under data protection law.
Collection of your information
We collect and use the following information about you:
- your personal details such as your name, gender, date of birth, home address including postcode, national insurance number, bank account details (e.g. to pay your pension), and country of residence;
- information relating to your benefits, including your member identifying number (which is assigned to you by Pace), the date you joined or left Pace, your earnings, the category and value of contributions and benefits that you receive, your target retirement age, and any relevant matters impacting your benefits such as additional voluntary contributions, pension sharing orders (including information in divorce or dissolution certificates), tax protections or other adjustments;
- records of communications with you (including any complaints); and
- in some cases, special categories of personal data such as your marital status or information concerning your health (e.g. in the case of ill-health early retirement and ill-health reviews, and where incapacity or similar reasons determine the benefits paid to you), and (in exceptional cases where it may affect your benefits) information relating to convictions or offences.
Some of this information is collected directly from your employer.
Where applicable, we also collect information about your dependants or next of kin (for example, when you submit a nomination form, or where we collect marriage and birth certificates, for example at your retirement or when deciding how to distribute death benefits). You should therefore provide a copy of the information in this notice to those individuals.
How we use your information
We use your information for the following purposes:
- communicating with you in relation to Pace, including any changes to your benefits and contributions and providing you with a copy of our pensioner magazine Evergreen (or its replacement) from time to time;
- for general administration of Pace, including: to record and pay benefits; for actuarial valuations; for reviews we or our administrators conduct for statistical and reference purposes; and for other checks or administrative activities that may become necessary from time to time (like member tracing) should we happen to lose contact with you or to prevent fraud;
- for meeting our ongoing regulatory and compliance obligations, or to comply with any applicable legal or regulatory reporting or disclosure requirements;
- to monitor and improve our processes and our use of technology, including testing and upgrading of systems, and to learn about other processes we can use to improve the administration of Pace; and
- when we undertake activities to help us manage the liabilities of Pace, including (for example):
- insuring your Pace benefits with one or more insurance companies;
- sharing data with administrators for liability management exercises (for example, if we decided to offer you transfer values or to exchange future pension increases); and
- sharing data with advice providers so that you can choose to receive financial advice in relation to liability management exercises.
Our use of your information as described above is permitted by applicable data protection law because it is:
- necessary for our legitimate interests in pursuing the purposes set out in (a) to (e) above;
- when we make the disclosures to a sponsoring employer (i.e. an employer with responsibilities for meeting the liabilities of Pace – this is typically a company that is part of The Co-operative Group or is a former member of The Co-operative Group) for the audit and corporate transaction purposes referred to below, necessary for that sponsoring employer’s legitimate interests in meeting regulatory responsibilities and conducting proper operational management;
- required to meet our legal or regulatory responsibilities, including when we make the disclosures to authorities, regulators or government bodies referred to below;
- necessary for the performance of a task carried out in the public interest;
- when we use special categories of personal data:
- necessary for making a determination in connection with eligibility for, or benefits payable under, Pace (where authorised under local or EU law);
- for preventing fraud or other unlawful acts;
- for establishing, exercising or defending legal claims; or
- where the data has been manifestly made public by you; and
- used with your consent which we obtain from you from time to time, such as when you ask us to make disclosures or allocate benefits or where the Pace rules require you to provide information which we cannot otherwise use without your consent.
Where the personal data we collect from you is needed to meet our legal or regulatory obligations or to pay benefits to you or your nominated beneficiaries, if we cannot collect this personal data we may be unable to record or pay your or your beneficiaries’ benefits.
Disclosures of your information
We share some or all of your information with the following recipients as and when it becomes necessary:
- our suppliers, including The Co-operative Group and Legal & General (as providers of administration services), and other providers of services to us and them, such as financial advisers (to provide you with financial advice), payroll providers (to record and pay benefits), the scheme actuary (for actuarial calculations), and printing, communication, IT and hosting, marketing, and tracing providers (and when we share information with these recipients we take steps to ensure they meet our data security standards, so that your personal data remains secure);
- the sponsoring employers, who will use the information for audit purposes, and in relation to corporate transactions involving those sponsoring employers;
- insurance and reinsurance companies, when we carry out the activities referred to in (e) above;
- public authorities, regulators or government bodies, including when required by law or regulation, under a code of practice or conduct, or when these authorities or bodies require us to do so; and
- other persons from time to time when the disclosure is needed to exercise or protect legal rights, including those of the Trustees or other stakeholders, or in response to requests from individuals or their representatives who seek to protect their legal rights or such rights of others.
Transfers of your information abroad
The use and disclosure of your information, including for the purpose referred to in (e) above, may involve transferring your information outside of the European Economic Area. In those cases, except where the relevant country has been determined by the relevant public authority to ensure an adequate level of data protection, we will ensure that the transferred information is protected, for example by a data transfer agreement in the appropriate standard form approved for this purpose by the European Commission or (where applicable) relevant authority in the United Kingdom. Further details of these transfers including copies of any data transfer agreements we use are available from us on request.
Retention of your information
We keep your information for the longer of the period required in order to meet our legal or regulatory responsibilities, and the period envisaged within our record retentions policy. We determine the period envisaged within such documentation with regard to Pace’s operational and legal requirements, such as facilitating the payment of benefits to you or your nominated beneficiaries, calculating and managing the liabilities of Pace, and responding to legal claims or regulatory requests.
In general, we will retain your information for 12 years after all entitlements to your benefits cease. For example, information will be retained for 12 years after the death of a member and their nominated beneficiaries (if any).
You have rights under data protection law to access and correct your information and (in some circumstances) to restrict its use or have it deleted.
You also have the right to object to the processing of your information in some circumstances, and to tell us that you do not wish to receive marketing information.
You can exercise any of these rights by contacting our privacy office at the details set out below.
You also have the right to withdraw your consent to the use of your information, to the extent such use is based on your consent. You can notify us of your withdrawal of consent by contacting us at the details set out below.
You can also lodge a complaint about our processing of your personal information with the Information Commissioner in the UK or, if you live elsewhere in the European Economic Area, with the supervisory authority in your home country. Details for the office of the Information Commissioner in the UK are available at www.ico.org.uk.
Further information may be required to carry out requests
In some cases, it may be necessary to obtain additional information from you, such as in order to carry out your request for a transfer or allocation of benefits. We will notify you when your information is required for this purpose.
Status of this privacy notice
This privacy notice was updated in March 2019. It is a notice explaining what we do, rather than a document that binds us or any other party contractually. We reserve the right to amend it from time to time, and will take appropriate steps to bring any such amendments to your attention.
Pace Trustees Limited
1 Angel Square
Telephone: 0330 606 1000
Privacy Office Contact:
Pace Trustees Limited
c/o Data Protection Team
1 Angel Square