PAN Trustees (“PAN”)
incorporating PAN Trustees UK LLP, PAN Professional Trusteeship Limited, PAN North LLP and PAN Group Life Trustees Limited

GDPR Privacy Notice

What is the Purpose of this Document?

PAN is committed to protecting the privacy and security of any personal information held as part of its duties when acting as sole trustee or co-trustee to a pension scheme.

This privacy notice describes how we collect and use personal information for those individuals who are members of the pension schemes for which PAN acts as trustee in accordance with the General Data Protection Regulation (GDPR).

It applies to all members/beneficiaries/potential beneficiaries including all pensioners as well as individuals in receipt of a benefit upon the death of a member.

PAN is a “data controller”. This means that we are responsible for deciding how we hold and use personal information. We are required under data protection legislation to notify members of the pension schemes to which we provide services of the information contained in this privacy notice. We may update this notice at any time.

It is important that you read this notice, together with any other privacy notice we may provide on specific occasions when we are collecting or processing personal information about you, so that you are aware of how and why we are using such information.

Data Protection Principles

We will comply with data protection law which states that the personal information we hold about individuals must be:

  1. Used lawfully, fairly and in a transparent way
  2. Collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes
  3. Relevant to the purposes we have told you about and limited only to those purposes
  4. Accurate and kept up to date
  5. Kept only as long as necessary for the purposes we have told you about
  6. Kept securely

The Type Of Information We Hold

Personal data, or personal information, means any information about a living individual from which that person can be identified. It does not include data where the identity has been removed or encrypted (anonymous data).

In certain circumstances, there may be “special categories” of more sensitive personal data which require a higher level of protection.

We may collect, store, and use the following categories of personal information:

  • Personal details such as an individual’s name, gender, age, date of birth, email address, postal address, telephone or mobile number and identifiers such as national insurance number or passport number.
  • Family, lifestyle and social circumstances such as details about current marriage or partnerships and marital history, details of family and dependants.
  • Employment details relevant to the membership of a pension scheme, such as salary, length of service, employment and career history, recruitment and termination details, attendance record (including periods of maternity, paternity or other family leave or periods of temporary absence), job title and job responsibilities, financial details such as bank account details, payroll records and tax status information.
  • Membership details such as the date of joining a relevant pension scheme, the section to which a member belongs, contribution records (including normal and additional voluntary contributions) and details about investment decisions in relation to membership of any Money Purchase (defined contribution) section. Where relevant, details of any elections and options made in respect of the benefits to which a member is entitled on retirement, death or earlier date of ceasing to be in pensionable service and details of any election to cease to be a member.
  • Details of past correspondence an individual has had with the trustees and their appointed staff or advisers, including the administrators, the scheme secretary and relevant company staff with pensions responsibilities.

In special situations we may also collect, store and use the following “special categories” of more sensitive personal information where relevant to the payment of benefits of a specific pension scheme to which we are a trustee:

  • Information about a member’s health, including any medical condition, health and sickness records.
  • Information about the member’s family, lifestyle, dependants or other potential beneficiaries that might imply data about a member’s sexual orientation, ethnicity or religious beliefs.

We will only collect such special category information if we need it to determine a member’s rights and entitlement or level of benefits under a pension scheme.

How is Personal Information Collected?

We typically collect personal information about members and their beneficiaries through the scheme application process either directly from the member or from the company.

In addition, we may also collect personal information during the course of your membership when a member/beneficiary or the company contacts us or as a result of any other engagement or correspondence that a member/beneficiary or the company may have with us. This information may reflect issues such as changes in salary, service, contributions and personal circumstances relevant to a member’s benefit under the scheme or any elections a member may make.

How We Will Use Information

We will only use personal information when the law allows us to. Most commonly, we will use personal information in the following circumstances:

  • Where it is necessary for our legitimate interests (or those of a third party) in the running of the pension scheme and where a member’s interests and fundamental rights do not override those interests.
  • Where we need to perform any agreement we have entered into with a member.
  • Where we need to comply with a legal obligation.

We may also use personal information in the following situations, which are likely to be rare:

  • Where we need to protect a member’s interests (or someone else’s interests).
  • Where it is needed in the public interest or it is requested from us by a statutory authority.

Situations In Which We Will Use Personal Information

We will use a member’s personal information primarily to allow us to manage his/her membership including the provision of retirement and death benefits to or in respect of the member, and to enable us to comply with our legal obligations.
So, for example, we will use personal information:

  • to administer the scheme, including to process data to calculate and pay contributions and benefits, to prepare and issue communications and correspondence to a member, and to respond to any correspondence with a member or the company about member benefits;
  • for HMRC purposes;
  • to carry out our obligations arising from any agreement that we have with, or concerning, a member and to provide a member with the information, benefits and services that a member requests from us;
  • to notify a member about the relevant pension scheme and any changes to it;
  • risk management, including where appropriate the insurance of all or part of the scheme liability to pay benefits to a member;
  • complying with any present or future law, rule, regulation, guidance or directive, and complying with any industry or professional rules and regulations or any applicable voluntary codes; and
  • complying with demands or requests made by local and foreign regulators, governments and law enforcement authorities, and complying with any subpoena or court process, or in connection with any litigation.

If a Member Fails to Provide Personal Information

If a member fails to provide certain information when requested, we may not be able to manage his/her membership of the relevant scheme properly. Our ability to calculate and pay benefits due to or in respect of the member under the relevant scheme may be prejudiced. We may also be prevented from complying with regulatory requirements or other legal obligations.

Change of Purpose

We will only use personal information for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use personal information for an unrelated purpose, we will notify the member and we will explain the legal basis which allows us to do so.

Please note that we may process personal information without the member’s knowledge or express consent, in compliance with the above rules, where this is required or permitted by law.

How We Use Particularly Sensitive Personal Information

“Special categories” of particularly sensitive personal information (for example details of race or ethnicity, religious beliefs and sexual orientation or a member’s mental or physical health) require higher levels of protection. We need to have further justification for collecting, storing and using this type of personal information. We may process special categories of personal information in any of the following circumstances:

  1. With the member’s explicit written consent.
  2. Where we need to carry out our legal obligations and in line with our data protection policy.
  3. Where it is needed to assess a member’s benefit entitlement on health grounds, subject to appropriate confidentiality safeguards.

Less commonly, we may process this type of information where it is needed in relation to legal claims or where it is needed to protect a member’s interests (or someone else’s interests) or where the member is not capable of giving consent, or where the member has already made the information public.

Our Obligations as Trustees

We may need to use your particularly sensitive personal information in the following circumstances:

  • information relating to a leave of absence, which may include sickness absence or family related leave, may be used to make any adjustments to a member’s membership, contribution and benefits to comply with the temporary absence provisions under the Rules;
  • information about a member’s physical or mental health, or disability status, may be used when determining any ill health pension which may be payable;
  • information about a member’s race or national or ethnic origin, religious, philosophical or moral beliefs, or a member’s sexual life or sexual orientation, might be used to ensure the Scheme is operated in compliance with the equality laws, or to ensure that any benefits payable under the trustees’ discretion (such as a lump sum on your death) are paid in accordance with your wishes.

Do We Need A Member’s Consent?

We do not need a member’s written consent if we use special categories of a member’s information to carry out our legal obligations or if otherwise permitted by law. Where this is not the case, however, we will approach the member for written consent to allow us to process certain particularly sensitive data. If we do so, we will provide the member with full details of the information that we would like and the reason we need it, so that the member can carefully consider whether he/she wishes to consent. A member should be aware that it is not a condition of his/her membership of the relevant scheme that he/she agrees to any request for consent from us.

Data Sharing

We may have to share personal information data with third parties, including third-party service providers (such as our administrators and actuary), and the company (including any subsidiary, associated or successor companies that are relevant to an individual’s membership of the relevant plan).

We require third parties to respect the security of personal data and to treat it in accordance with the law.

We, or the third parties, may transfer personal information outside the EEA.

If we or they do, you can expect a similar degree of protection in respect of your personal information.

Why Might PAN Share Personal Information With Third Parties?

We may share personal information with third parties where required by law, where it is necessary to administer and manage membership (because they process personal data on our behalf) or where we have another legitimate interest in doing so.

Who We May Share Information With

We may share or disclose member information to any of the following recipients as may be necessary or desirable to administer the scheme and/or comply with contractual or legal obligations relating to it with:

  • Scheme administrators, the sponsoring employer and any members of its group of companies;
  • our service providers professional advisers and auditors (including the Scheme actuary) who in certain circumstances might also be ‘data controllers’;
  • local or foreign regulators, governments and law enforcement authorities and local and foreign courts, tribunals and arbitrators, other judicial committees or enactments of laws; and
  • insurance companies (who may insure some death benefits payable under the scheme or who provide annuity policies in respect of any members).

How Secure Is Information Held By Third Party Service Providers?

All our third-party service providers are required to take appropriate security measures to protect personal information in line with our policies. We do not allow our third-party service providers to use personal data for their own purposes. To the extent to which they process personal data we only permit them to do so for specified purposes and in accordance with our instruction.

Transferring Information Outside the EEA

We may transfer, store or process the personal information we collect about to or in a country outside the European Economic Area (“EEA”).

Where there is an adequacy decision by the European Commission in respect of that country this means that the country to which data is transferred is deemed to provide an adequate level of protection for any personal information held.

Where there is not an adequacy decision by the European Commission in respect of that country we will endeavour to ensure that information is treated securely and in accordance with this Privacy Notice and the EU and UK laws on data protection.

Data Security

We, and third parties on behalf of PAN, will only process personal information on member instructions and where the third party has agreed to treat the information confidentially and to keep it secure.

Under data protection laws, we and all third parties are required to implement technical and organisational security measures to ensure that personal information is protected against unlawful access. PAN will obtain details of these measures from all of its service providers, and will ensure that contracts with these service providers include details of the measures taken.

We are obliged to put in place appropriate security measures to prevent personal information from being lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to personal information to those employees and other third parties who have a business need to know.

We have put in place procedures to deal with any suspected data security breach and will inform an affected member or any applicable regulator of a suspected breach where we are legally required to do so.

Data Retention

How Long Will We Retain Member Information?

Pension schemes are, by their nature, long term arrangements and data is likely to be retained for a substantial period after the date that any benefits payable to your or your beneficiaries have ceased. General pension industry practice on data retention periods is still developing but it is anticipated that data could potentially be held for 75 years after the final benefit payment under the scheme.

We will retain personal information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. This means that we may continue to hold personal information after a member has opted out or ceased to have any pension benefit due under the scheme.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of personal data, the purposes for which we process personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

In some circumstances, we may anonymise personal information so that it can no longer be associated with an individual, in which case we may use such information without further notice.

Rights of Access, Correction, Erasure, and Restriction

An individual’s Responsibility to Inform us of Changes

It is important that the personal information we hold is accurate and current. Individuals are required to keep us informed if their personal information changes during their membership in any capacity.

Your Rights in Connection with Personal Information

Under certain circumstances, by law an individual has the right to:

  • Request access to his/her personal information (commonly known as a “data subject access request”). This enables an individual to receive a copy of the personal information we hold and to check that we are lawfully processing it.
  • Request correction of the personal information that we hold. This enables an individual to have any incomplete or inaccurate information we hold about him/her corrected.
  • Request erasure of personal information. This enables an individual to ask us to delete or remove personal information where there is no good reason for us continuing to process it. An individual also has the right to ask us to delete or remove his/her personal information where the individual has exercised his/her right to object to processing (see below).
  • Object to processing of personal information where we are relying on a legitimate interest (or those of a third party) and there is something about an individual’s particular situation which makes him/her want to object to processing on this ground. An individual also the right to object if he/she believes we are processing his/her personal information for direct marketing purposes.
  • Request the restriction of processing of personal information. This enables an individual to ask us to suspend the processing of personal information about him/her, for example, if he/she want us to establish its accuracy or the reason for processing it.
  • Request the transfer of personal information to another party.

If an individual wants to review, verify, correct or request erasure of his/her personal information, object to the processing of his/her personal data, or request that we transfer a copy of his/her personal information to another party, please write to or email PAN stating your National Insurance Number and pension scheme name. Most personal data on a pension scheme is held by the scheme’s administrator and it is likely that it will be the administrator responding to a data subject access request. Members can also contact the administrator of their scheme directly if they have the contact information.

Where we have a legitimate interest in holding or processing data, for example to pay benefits due, we will not be obliged to act on a request for erasure of data.

No Fee Usually Required

An individual will not have to pay a fee to access his/her personal information (or to exercise any of the other rights). However, we may charge a reasonable fee if a request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.

What We May Need From An Individual/Member

We may need to request specific information from to help us confirm an individual’s identity and check a right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.

Right to Withdraw Consent

In the limited circumstances where an individual may have provided consent to the collection, processing and transfer of his/her personal information (for example, sensitive data) for a specific purpose, the individual has the right to withdraw consent for that specific processing at any time. To withdraw consent, please contact PAN stating your National Insurance Number and name of the pension scheme.
Once we have received notification that an individual has withdrawn consent, we will no longer process that individual’s information for the purpose or purposes originally agreed to, unless we have another legitimate basis for doing so in law.

Questions & Complaints

If an individual has any questions about this privacy notice or how we handle information, please contact PAN quoting your National Insurance Number and pension scheme name.

If an individual thinks that we have misused personal information, or has have been affected by a breach of data security, they have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues. An individual can contact the ICO on 0303 123 1113 or via email or at the Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF.

Contact Details

To contact PAN please write to: PAN Trustees, The Annex, Oathall House, 68-70 Oathall Road Haywards Heath, West Sussex RH16 3EN or email

Changes to this privacy notice

We reserve the right to update this privacy notice at any time, and we will provide a new privacy notice when we make any substantial updates. We may also notify individuals in other ways from time to time about the processing of personal information.

Version 1.1 February 2020                                                                              Issued on behalf of PAN Trustees