This notice sets out how Verity Trustees Limited (as trustee of its pension schemes) (the “Trustee”) and its subsidiary companies TPT Retirement Solutions Limited and TPT Investment Management Limited (the “Companies”) (together “we”, “our” or “us”) use information about visitors to their websites, companies and businesses with which they contract and beneficiaries (including members) under the pension schemes.
The websites are:
tpt.org.uk, employers.tpt.org.uk, members.tpt.org.uk, memberonline.tpt.org.uk
(the “Websites”)
The pension schemes are:
Social Housing Pension Scheme (SHPS), Scottish Housing Associations’ Pension Scheme (SHAPS), Independent Schools’ Pension Scheme (ISPS), Growth Plan Series 1, 2 & 3, Growth Plan Series 4, Flexible Retirement Plan (FRP), Ethical Fund, Pension Scheme for the Education Sector (PSES), The CARE Scheme, The Scottish Voluntary Sector Pension Scheme (SVSPS), The Northern Ireland Charities Pension Scheme (NICPS), A2Dominion Housing Group Limited, Abri Group Limited Pension Scheme, Action For Blind People, Anchor Trust, Arthritis Care, Bromford, Cambridge Building Society, Christian Aid, Clarion Housing Group, Coventry Building Society, Darlington Building Society, Family Building Society, Flagship Housing Group, Frank Roberts, Guinness Partnership Pension Scheme, Harpur Trust, Heywood and Partners Limited Pension Scheme, Hinckley and Rugby Building Society, Housing Plus, IndependentAge, Leonard Cheshire Disability, Livability, Manchester Grammar School, Medicash Health Benefits Limited, Methodist Homes for the Aged, Mind, Moat Homes Pension Scheme, National Council for Voluntary Organisations, Notting Hill Genesis Pension Scheme, Notting Hill Genesis 2023 Pension Scheme, One Housing Group, OPTIVO, Orbit Group, Oxfam, Oxford Diocese, Paddington Churches Housing Association, Pobl Pension Scheme, Reading Transport Staff Retirement Scheme, Riverside, Royal College of Nursing, Royal National College for the Blind, Sanctuary, Save the Children, Seabourne, SeeAbility, Sovereign, St. Mungo Community Housing Association, Stonham, The Children's Society, Thirteen Housing Group Pension Scheme, Together For Mental Wellbeing, Together Trust, United Reformed Church, Vivid Housing Limited, Wales & West Housing Group Pension Plan, Waterloo Housing Association, Winchester College, Workers' Educational Association, YHA.
(the “Schemes”)
Administration of the Schemes – important notice
This privacy policy sets out how the Trustee and the Companies collect and process information about members of the Schemes (“you”), your dependants and nominated beneficiaries.
Please see ‘section 1. Collection of your information’ for the type of information that the Trustee and the Companies may hold about you and ‘section 2. How we use your information’ for the reasons for which we use your information.
The Trustee is trustee of the Schemes and is the controller of your personal information (along with the Companies) for the purposes of applicable data protection law. This privacy policy describes what personal data we collect about you, the basis upon which we process it, how we store it and with whom we share it. The Trustee as data controller (along with the Companies) is committed to protecting your information and acting in accordance with your rights under data protection law.
Personal data that we hold will be processed in accordance with relevant UK data protection law including the Data Protection Act 2018.
Your visiting and use of the Websites are subject to this privacy policy. This privacy policy is incorporated into the terms and conditions that govern your use of the Websites. We recommend that you read this privacy policy alongside the terms and conditions. If you have any concerns about this privacy policy, please contact us using the details set out at the end.
Collection of your information
1.1 all visitors to the Websites
We collect and process the following personal information about you only if you complete and submit a form on our Websites: your personal details such as your name, membership/employer number, company, job title, email address and phone number.
We collect and process generic information about you when you visit the Websites whether or not you complete and submit a form. We use third-party data processors and further detail about these is set out below. In relation to these third-party data processors, we are the data controller.
1.1.1 We collect statistical information via Google Analytics about your use of the Websites to help us develop and improve them and to provide relevant, helpful information to you. Information we collect includes information about your computer such as domain name, browser type and version, operating system, IP address, cookie information, time stamp, what web pages you visit the Websites, what information you download and how long you spend on each page.
1.1.2 We also use a third-party technology service called Hotjar on the Websites in order to understand better our users’ needs and to optimise their experience. Hotjar is a technology service that helps us better understand our users’ experience (e.g. how much time they spend on which pages, which links they choose to click, what users do and don’t like, etc.) and this enables us to build and maintain our service with user feedback. Hotjar uses cookies and other technologies to collect data on our users’ behaviour and their devices. This includes a device's IP address (processed during your session and stored in a de-identified form), device screen size, device type (unique device identifiers), browser information, geographic location (country only), and the preferred language used to display our website. Hotjar stores this information on our behalf in a pseudonymized user profile. Hotjar is contractually forbidden to sell any of the data collected on our behalf.
For further details, please see the ‘about Hotjar’ section of Hotjar’s support site.
1.1.3 We also collect information on web behaviour via our email automation tool supplier Dotdigital which tracks and identifies a visitor as a Dotdigital contact while they browse the Websites’ pages. Dotdigital uses cookies and other technologies to collect data on our users’ online behaviour and their devices. This data is used by us for better organising and targeting of contacts. Please see our cookie policy for more information on cookies. The cookie policy also forms part of the terms and conditions that govern your use of the Websites.
1.1.4 We use Leadoo’s tracking service to follow what users are doing on the Websites and combine this data with other data we can gather – for example from chat interactions. Leadoo uses tracking called eTag in order to combine the same users’ actions over several sessions. This works similarly to cookie-based tracking. For further details, please read Leadoo Marketing Technologies Ltd’s own privacy policy (https://leadoo.com/privacy-policy/) for more information on what is tracked and what your rights are. Leadoo is a third-party data processor and we act as the data controller for the purposes of the data protection legislation. You can stop the tracking by emptying your browser’s cache after the visit. For more on how Leadoo works as a data processor, please see https://leadoo.com/privacy-policy-processor/
1.1.5 We use Umbraco Engage which allows us, through the use of a performance cookie, to analyse the website behaviour of the website visitor. Based on this information, we can improve the user experience and personalise content for each specific website visitor. In order to do so, we process your pseudonymised IP address and cookie ID, how you were referred to our website and your browser data. Only we have access to this data. The cookies will be deleted from your device after one year. The data collected through the use of the cookie will be retained for a maximum of two years. Hereafter, the data will be anonymised and retained for another two years. This way, we can identify trends on the website and improve the website.
1.2 members only
We collect and process the following information about you:
1.2.1 your personal details such as your name, gender, date of birth, home address including postcode, national Insurance number, bank account details (in some cases) and country of residence;
1.2.2 information relating to your benefits, including your member number (which is assigned to you by the relevant Scheme), the date you joined or left the Scheme, your earnings, the category and value of contributions and benefits that you receive, your target retirement age and any relevant matters impacting your benefits such as additional voluntary contributions, pension sharing orders (including information in divorce or dissolution certificates), tax protections or other adjustments;
1.2.3 records of communications with you (including phone calls and any complaints); and
1.2.4 in some cases, special categories of personal information such as your marital status or information concerning your health (for example in the case of ill-health early retirement and ill-health reviews; and where incapacity or similar reasons determine the benefits paid to you) and (in exceptional cases) information relating to convictions or offences (for example in relation to fraud).
1.2.5 While much of the information we hold has been provided by you, we also obtain information from your employer, other pension schemes from which you may have transferred, HMRC, the Department for Work and Pensions and other regulatory bodies, our medical advisors and from tracing organisations.
1.2.6 If you sign up to access your scheme benefit details through DB Online or Retirement Savings Account, we will (or our administrator will on our behalf) also collect and process the personal information you provided via these online services.
You can view the portal terms and conditions via the links below:
DB Online (which is run by us) uses cookies to distinguish you from other users of the Websites. This helps us to provide you with a good experience when you browse our Websites and allows us to improve them. For detailed information on the cookies we use and the purposes for which we use them, please see our cookie policy.
The Retirement Savings Account portal is run by a third party provider, Mercer Limited, which is a data processor on behalf of the Trustee. Therefore, Mercer Limited’s use of personal data and cookies on the Retirement Savings Account is governed by its own cookie policy and privacy notice. You can find its cookie policy by following the link above.
1.2.7 Where applicable, we also collect information about your dependants or next of kin (for example, when you submit a nomination form or where we collect marriage and birth certificates on a benefit event, such as at retirement or when deciding how to distribute death benefits). You should therefore provide a copy of the information in this notice to affected individuals. You are required to have the consent of those individuals or an alternative valid lawful basis to provide us with this information and to share this privacy notice with them. The data we hold is to assist the Trustee to calculate and pay the benefits to which Scheme members (or anyone claiming through scheme members, for example as dependants) are entitled.
2. How we use your information
2.1 We use your information for the following purposes:
2.1.1 communicating with you in relation to your benefits and contributions, handling requests for transfers and allocation of death benefits or valuations for divorce, dealing with complaints and making disclosures at your request such as in relation to transfers to other schemes;
2.1.2 for general administration of the Schemes, including: to record and pay benefits; reviews we or our administrators conduct for statistical and reference purposes; and for other checks or administrative activities that may become necessary from time to time (like member tracing) should we happen to lose contact with you or to prevent fraud;
2.1.3 for meeting our on-going regulatory and compliance obligations and investigating or preventing crime;
2.1.4 to improve our and our administrators’ processes and our use of technology, including training our employees, testing and upgrading of systems, developing solutions for access to historic data and to learn about other processes we can use to improve the administration of the Schemes, internal operations and other business activities; and
2.1.5 when we or your employer undertake activities from time to time to help us and them manage the liabilities of the Schemes, such as obtaining life insurance, longevity hedging, scheme mergers, bulk transfers, pension increase exchanges and enhanced transfer value exercises, including (where relevant) disclosures to administrators for calculating offers made to you in relation to these activities and disclosures to independent financial advisers to allow you to obtain financial advice.
2.2 The lawful bases on which we rely for processing this information, in addition to consent (where relevant) are:
2.2.1 it is necessary for our legitimate interests in pursuing the purposes set out in 2.1.1 to 2.1.5 above, and (when we make the disclosures to your employer) necessary for your employer’s legitimate interests in meeting accountability and regulatory requirements, ensuring that the Schemes are run in a cost effective way and that you are offered appropriate pension options, such interests in each case not being overridden by your privacy interests;
2.2.2 it is required to meet our legal or regulatory responsibilities, including when we make the disclosures to authorities, regulators or government bodies referred to below;
2.2.3 it is necessary for the performance of a task carried out in the public interest;
2.2.4 when we use special categories of personal information, necessary for making a determination in connection with eligibility for, or benefits payable under, the Schemes (where authorised under law), for preventing fraud or other unlawful acts, for establishing, exercising or defending legal claims, or where the processing relates to personal information manifestly in the public domain;
2.2.5 it is processed with your consent which we obtain from you from time to time, such as when we consider requests by you to access your benefits on the grounds of ill-health (which may require us to consider information – with your consent – about your medical condition), when you ask us to make disclosures or allocate benefits or where the Schemes’ rules require you to provide information which we cannot otherwise process without your consent. Where we are relying on your consent to process such data, you can withdraw it at any time. You can do this by contacting us (see paragraph 9 below for details);
2.2.6 it is required to fulfil a contractual obligation; and
2.2.7 where the personal information we collect from you is needed to meet our legal or regulatory obligations or to pay benefits to you or your nominated beneficiaries. If we cannot collect and process this information, we may be unable to record or pay your or your beneficiaries’ benefits. We will identify any such “required” data to you when we seek to collect it.
3. Disclosures of your information (members only)
We share information with the following recipients:
3.1.1 our suppliers, including:
(i) providers who help us administer parts of the Schemes;
(ii) our auditors;
(iii) our actuarial service providers, and the scheme actuary (who is a person appointed by the Trustee);
(iv)companies that provide services to the Trustee, primarily in respect of accounting services for some employers;
(v) our provider, which undertakes customer satisfaction surveys on our behalf;
(vi) our professional advisers to obtain advice including legal and medical advice;
(vii) other providers of services to us, including financial advisers, payroll providers (to record and pay benefits) mortality analysis providers, printing, communication, IT and hosting, archiving, marketing, and tracing providers
(and when we share information with any of these recipients we take steps to ensure they meet our data security standards, so that your information remains secure);
3.1.2 your employer or former employer, who will use the information for audit purposes, in relation to corporate transactions they are involved in, to consider whether to participate in the activities referred to in 2.1.5 above and to allow you to flex your benefits including your pension options;
3.1.3 insurance and reinsurance companies and independent financial advisers where we carry out the activities referred to in 2.1.5 above;
3.1.4 public authorities, regulators or government bodies, including when required by law or regulation, under a code of practice or conduct, or when these authorities or bodies require us to do so;
3.1.5 third parties to which you ask us to disclose your information, for example where you wish to transfer your pension; and
3.1.6 other persons from time to time when the disclosure is needed to exercise or protect legal rights, including those of the Trustee or other stakeholders or in response to requests from individuals or their representatives who seek to protect their legal rights or such rights of others.
4. Transfers of your information abroad (members only)
In some cases, the use and disclosure of your information involves transferring your information outside of the UK. We comply with the requirements of applicable data protection laws in relation to international data transfers by ensuring at least one of the following safeguards is implemented:
4.1 we will only transfer your personal data to countries that have been deemed to by a competent approving authority provide an adequate level of protection for personal data; and
4.2 when transferring personal data to third-party processors or controllers, we typically use standard contractual clauses approved for use by a competent approving authority.
Further details of these transfers including the form of safeguards used are available from us on request using the contact details below.
5. Retention of your information
5.1 We keep your information for the longer of the period required in order to meet our legal or regulatory responsibilities and the period envisaged within our data retention policy. For members, we determine the period envisaged within such policy having regard to the Schemes’ operational and legal requirements, such as facilitating the payment of benefits to you or your beneficiaries, calculating and managing the liabilities of the Schemes and responding to legal claims or regulatory requests.
5.2 In general, for members we will retain your information relating to your benefits for 12 years after all entitlements to your benefits cease or, if longer, 6 years after your normal pension age (as defined in the rules of the scheme). For example, information will be retained for 12 years after the death of a member and their beneficiaries (if any).
6. Your rights
6.1 You have rights under data protection law of access to and rectification or erasure of your personal information and to restrict its processing and (in some circumstances) to require certain of your information to be transferred to you or a third party.
6.2 You also have the right to object to the processing of your information in some circumstances and to tell us that you do not wish to receive marketing information.
6.3 You can exercise any of these rights by contacting our privacy team using the contact details set out below.
6.4 You also have the right to withdraw your consent to the use of your information to the extent such use is based on your consent. You can notify us of your withdrawal of consent by contacting us at the details set out below. This will not affect the lawfulness of any processing conducted before your consent was withdrawn.
6.5 You have the right to make a complaint at any time to the Information Commissioner's Office (ICO) which is the UK regulator for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.
7. Further information may be required to carry out your requests
In some cases, it may be necessary to obtain additional information from you, for example to carry out your request for a transfer or allocation of benefits. We will notify you when your information is required for this purpose.
8. Status of this privacy policy
This privacy policy was reviewed in May 2024. Its purpose is to explain what the Schemes do with your information and how these actions fit into the legislative framework. It does not comprise a complete statement of the legislative and regulatory framework that governs data protection. We shall amend the contents of this privacy policy from time to time - so please check the Websites regularly for updates. Where material changes are made, we will take reasonable steps to bring any such amendments to your attention.
9. Contact information and exercising your rights
If you wish to exercise your rights described in paragraph 6 above, or if you have any questions about our use of information or this notice, please contact us by letter, phone call or email at:
TPT Retirement Solutions Limited, Verity House, 6 Canal Wharf, Leeds LS11 5BQ
0113 394 2677