Our privacy statement

We handle a lot of information about our members so that we can run the pension plan.

We’ve updated our privacy policy to make sure we’re ahead of the new laws about handling information – the ‘General Data Protection Regulation’.

Our privacy policy will tell you:

  • what information we have about you and how we keep it safe

  • why we need it and how we use it

  • who we share it with and why.

You can also get in touch at any time to ask to see what information we have about you. And if it’s out of date, you can correct it.

Read the full privacy statement

ROYAL MAIL DEFINED CONTRIBUTION PLAN (‘the Plan’)

Privacy notice from the Plan Trustees

The Trustees need personal information about you and your potential beneficiaries in order to run the Plan and pay benefits.

In legal terms we are a ‘data controller’ responsible for the collection and use of your personal information and we are required to tell you some things about the personal information we have about you and what your rights are in relation to it.

Collection of your information

We collect and process personal information about you, such as:

  • your personal details such as your name, gender, date of birth, home address, email address, phone number, national insurance number, bank account details (in some cases), and country of residence;
  • information relating to your benefits, including your member identifying number (which is assigned to you by the Plan), the date you joined or left the Plan, your earnings, the category and value of contributions and benefits that you receive, and any relevant matters impacting your benefits such as voluntary contributions, pension sharing orders, tax protections or other adjustments; and
  • in some cases, special categories of personal data such as information concerning your health (e.g. in the case of ill-health early retirement and ill-health reviews, and where incapacity or similar reasons determine the benefits paid to you).

Where applicable, we also collect information about your nominated beneficiaries, dependents or next of kin, for example in relation to the distribution of benefits due from the Plan on your death.

In some cases, the above information may also be collected from other sources, such as:

  • Your employer, the Royal Mail Group;
  • Zurich, who administers the Plan on our behalf;
  • Other schemes (if you have transferred benefits from them);
  • Government departments such as HMRC and DWP;
  • Publicly accessible sources (e.g. the electoral roll) if we have lost touch with you and we are trying to find you.

If we ask you for other information not mentioned above in the future, we will provide you with information about how and on what basis we will process that data. We will also explain whether you have a choice about providing it and the consequences for you if you do not do so.

How we use your information

We use your information for the following purposes:

  1. communicating with you in relation to your benefits and contributions, handling requests for transfers and allocation of death benefits, dealing with complaints, and making disclosures at your request such as in relation to transfers to other schemes;
  2. for general administration of the Plan, including: to identify you and your potential beneficiaries and make sure your details are up to date; to record, calculate and pay benefits; to make trustee decisions (such as whether to permit early retirement or how to distribute your benefits after your death); for reviews we or our administrators conduct for statistical and reference purposes; and for other checks or administrative activities that may become necessary from time to time (like member tracing should we happen to lose contact with you) or to prevent fraud;
  3. for meeting our on-going regulatory, legal and compliance obligations, and investigating or preventing crime; and
  4. to improve our processes and our use of technology, including testing and upgrading of systems, and to learn about other processes we can use to improve the administration of the Plan

Our use of your information as described above is permitted by applicable data protection law because it is:

  1. necessary for our legitimate interests in administering the Plan efficiently, and (when we make the disclosures to Royal Mail Group for the audit and corporate transaction purposes referred to below) necessary for Royal Mail Group’s legitimate interests in providing the Plan to its employees and former employees;
  2. required to meet our legal or regulatory responsibilities, including dealing with legal claims, making sure your benefits are paid correctly and making the disclosures to authorities, regulators or government bodies referred to below;
  3. in some cases, necessary for the performance of a task carried out in the public interest (e.g. a Financial Conduct Authority investigation) or necessary for establishing, exercising or defending legal claims or where the processing relates to personal data manifestly in the public domain; and
  4. in limited circumstances, processed with your consent which we will obtain from you where the law requires us to do so.

Where the personal data we collect from you is needed to meet our legal or regulatory obligations or to calculate or pay benefits to you or your nominated beneficiaries, if we cannot collect this personal data we may be unable to record, calculate or pay your or your beneficiaries’ benefits.

Disclosures of your information

We may share your information with the following recipients:

  • our suppliers, including the Royal Mail Group and other providers of services to us and them, such as administrators, Banks and Deposit takers, retirement advisors, other professional advisors such as the Plan lawyers, financial advisors, payroll providers (to record and pay benefits), and printing, communication, IT and hosting, marketing, and tracing providers. When we share information with these recipients we take steps to ensure they meet our data security standards, so that your personal data remains secure;
  • the Royal Mail Group for audit purposes or in relation to corporate transactions initiated by them;
  • public authorities, regulators or government bodies, including when required by law or regulation, under a code of practice or conduct, or when these authorities or bodies require us to do so; and
  • others persons from time to time when the disclosure is needed to exercise or protect legal rights, including those of the Trustees or other stakeholders, or in response to requests from individuals or their representatives who seek to protect their legal rights or such rights of others.

Transfers of your information abroad

The use and disclosure of your information, including for the purposes referred to in (a) to (d) above, may involve transferring your information outside of the European Economic Area. In those cases, except where the relevant country has been determined by the relevant public authority to ensure an adequate level of data protection, we will ensure that the transferred information is protected, for example by a data transfer agreement in the appropriate standard form approved for this purpose by the European Commission or (where applicable) relevant authority in the United Kingdom. Further details of these transfers including copies of any data transfer agreements we use are available from us on request.

Retention of your information

We will keep your information for the longer of the period required in order to meet our legal or regulatory responsibilities, and the period envisaged within our retention management policy documentation. We determine the period envisaged within such documentation with regard to the Plan’s operational and legal requirements, such as facilitating the payment of benefits to you or your nominated beneficiaries, and responding to legal claims or regulatory requests.

Security measures

We have in place measures to protect the security of your personal information and keep it confidential. We review these measures regularly to make sure they remain appropriate. When sharing your personal information with our administrators or another third party we will make sure that they also have measures in place to protect it and keep it confidential and agree to use the personal information only for the purposes we set out.

Your rights

You have rights under data protection law of access to and rectification or erasure of your personal data and to restrict or object to its processing, to tell us that you do not wish to receive marketing information, and (in some circumstances) to require certain of your information to be transferred to you or a third party. If you have any questions or wish to exercise any of the above rights, you can contact us as detailed below.

You also have the right to withdraw your consent to the use of your information, to the extent such use is based on your consent.

You can also lodge a complaint about our processing of your personal information with the office of the Information Commissioner (www.ico.org.uk).

Further information may be required to carry out requests

In some cases, it may be necessary to obtain additional information from you, such as in order to carry out your request for a transfer or allocation of benefits. We will notify you when your information is required for this purpose.

Status of this privacy notice

This privacy notice was prepared in March 2018. It is non-contractual. We reserve the right to amend it from time to time.

The Trustees of the Royal Mail Defined Contribution Plan Contact details:

Ben Piggott, Secretary to the Trustees, RMPTL, 2nd Floor, 11 Ironmonger Lane, London, EC2V 8EY