Last updated on 27 March 2018
Click on the image below to view a PDF copy of our privacy notice. Our privacy notice is also shown as text below.
Who we are
The SAUL Trustee is the trustee (“the Trustee”) of the Superannuation Arrangements of the University of London (SAUL) pension scheme (“the Scheme”).
As the Trustee of the Scheme, we hold certain personal information (known as “personal data”) about scheme members and, where applicable, their dependants and beneficiaries. Most of the personal data held and processed by the Trustee in running the Scheme will be personal data (in other words, it is information from which you as an individual can be identified).
What information we collect about you
Depending on the circumstances and the stage of your membership, we may hold some or all of the following information about you:
- your name and date of birth,
- your address,
- your national insurance number,
- details of contributions made to the Scheme by you and your employer,
- details of your earnings and employment history,
- details of any benefits you have transferred,
- details of your bank account (to pay benefits),
- your marital status,
- your retirement choices,
- your education details,
- your email address,
- details about your dependants and/or beneficiaries,
- medical and other details about your health, and
- if you visit our website, we’ll collect your computer’s IP address (for reporting purposes).
How we use that information
The Trustee has a legitimate interest in holding and processing the above information about you as it is needed for us to properly administer the Scheme and to calculate and pay benefits. We also keep the above information in order to allow us to comply with our obligations towards members under the Scheme governing documents, as well as under relevant legislation.
Personal data relating to the Scheme is held on paper and on computer systems. As the data controller, the Trustee must process this information fairly and lawfully.
As part of running the Scheme, we may also need to hold and process particularly sensitive information about you and/or your dependants and beneficiaries (known as “sensitive personal data”). Under the legislation, details relating to health, racial or ethnic origin, religious or other similar beliefs, sexual orientation and political affiliations are regarded as sensitive personal data. Except where the legislation allows it, this information cannot be processed or passed to a third party without your explicit consent.
The information which is collected and stored during normal use of this website is used to monitor use of the site and to help its further development. Such use does not result in any personally identifiable data being collected or stored.
Where you complete any online forms or request further information from us, details such as your name, location, email address, type of request and possible further information may be stored solely for the purpose of responding to your request and contacting you in the future. Such communications are not confidential.
The site enables some users to access specific content and data by means of a login code and password. These will be supplied to you by SAUL Trustee Company only. By logging onto any secure area, you are granting permission to SAUL Trustee Company, its appointed data handlers and software providers and the web infrastructure providers to provide that data to you via this website.
The design and operation of the site is such that we consider all reasonable steps have been taken to ensure that your personal details are secure and not accessible to any other user.
What else we might do with personal data
The Trustee may instruct companies specialising in tracing people, to transfer personal data to a country outside of the European Economic Area (EEA) if you move home and forget to tell us about your new address details. The specialist companies have appropriate safeguards that provide an adequate level of protection in this event.
Who we share it with
We are not allowed to disclose personal data about you to other parties except:
- when required for contractual or legal reasons or other specifically identified purposes, or
- where you have given your consent.
However, as the Trustee needs help from various advisers to properly administer the Scheme, we share personal data with the following:
- SAUL Trustee Company who are responsible for the day-to-day administration of the Scheme on behalf of the Trustee,
- the Scheme’s professional advisers, including the Scheme actuary, auditor, medical advisers, investment adviser and lawyers,
- HM Revenue & Customs and other statutory bodies (such as the Pensions Ombudsman and the Pensions Regulator) – the Trustee can be fined and subject to other action if it fails to provide certain information to these authorities,
- the providers who help us prepare and distribute various communications we send to you, such as the annual benefit statement,
- our appointed insurance company or companies for the purposes of life insurance and additional voluntary contributions,
- third party pension providers responsible for paying benefits to some members of historic pension schemes,
- depending upon how we pay pensions, the personal data we have to supply in order to effect a BACS or CHAPS transfer in the UK and/or a payment via Citi Bank when pensions are being paid overseas, and
- mortality and address tracing agencies.
How long we keep personal data for
We must keep all personal data safe and only hold it for as long as necessary. To meet the requirements of both UK tax and pensions law, we must keep certain personal data (for example, details about the date a member joins the Scheme, their name and address, and details of benefits paid) for a minimum of 6 years. But, given the nature of pension schemes, the Trustee may be required to keep your personal information for the rest of your life.
However, we review the personal data held in relation to the Scheme on a regular basis in accordance with our data retention schedule. You can request a copy of our data retention schedule by contacting SAUL Trustee Company.
- You have the right to see personal data that is held about you and a right to have a copy provided to you, or someone else on your behalf, in a machine readable (namely, digital) format.
- If at any point you believe that the personal data we hold about you is wrong, you can ask to have it corrected.
- You can require the Trustee to restrict the processing of your personal data in certain circumstances, for example, whilst a complaint about its accuracy is being resolved.
- You can object to your personal data being processed, although the Trustee can override this objection in specific instances.
- Where you have given us your consent to processing your personal data, you can withdraw that consent at any time by notifying us (see “Who to contact” below).
- You can request that your personal data is deleted altogether.
You should be aware that taking any of the above steps could impact on the payment of your benefits and/or your participation in the Scheme.
Information will generally be provided to you free of charge, although the Trustee can charge a reasonable fee in certain circumstances.
Who to contact about your personal data
If you wish to:
- see your personal data or to exercise any of the rights mentioned above, and/or
- make a complaint about how we have handled your personal data
please contact SAUL Trustee Company at 1 King’s Arms Yard, London EC2R 7AF, email email@example.com or phone 0207 7776 4340.
You can also request a printed copy of this Privacy Notice from the Scheme using the details above.
Making a complaint to the Information Commissioner’s Office
If you are not satisfied with our response to any query you raise with us, or you believe we are processing your personal data in a way which is inconsistent with the law, you can complain to the Information Commissioner’s Office whose helpline number is: 0303 123 1113.
From 25 May 2018, the General Data Protection Regulation (GDPR) will come into force in all EU and EEA member states. The Government has confirmed that the GDPR will apply in the UK from that date. It has announced a UK Data Protection Bill which is expected to incorporate the GDPR into UK Law and replace the Data Protection Act 1998. The Trustee will update this privacy notice as appropriate when full details of the UK legislation are known.