Privacy Notice

At the Coats UK Pension Scheme, we are committed to ensuring that your privacy is protected and the personal information (known as “personal data”) we hold about you is handled appropriately. The personal data we hold about you is treated as confidential and is held and processed in accordance with current data protection legislation. This Privacy Notice explains the kinds of data we hold, why we hold it, what we do with it, and your rights in respect of your data. Please read it carefully.

By being a member of the Coats UK Pension Scheme or otherwise providing personal data to us, you agree to our privacy practices as set out in this Privacy Notice. We may change this Privacy Notice from time to time. You should check this policy frequently to ensure you are aware of the most recent version.

This policy was last updated in November 2023.

If you have any questions regarding this Privacy Notice or about our privacy practices, please contact us using the relevant details set out in the ‘Contact Us’ section at the end of this notice.

Who are we?

We are a “data controller”. This means that we are responsible for deciding how we hold and use personal data about you. We are required under data protection legislation to notify you of the information contained in this Privacy Notice.

For the purposes of that legislation, the data controller is Coats UK Pension Scheme Trustees Limited (company number 11328104) of The Pavilions, Bridgwater Road, Bristol, BS13 8FD, acting in its capacity as the trustee of the Coats UK Pension Scheme.

Why do we need to use personal data?

We have a duty to ensure that the Scheme is administered properly and that benefits are paid to the members and beneficiaries who are entitled to receive them. We could not do this properly without using personal data. We therefore use your personal data in order to achieve one or more of the following purposes:

  • To establish and maintain records of who is eligible to receive benefits from the Scheme, including death benefits if a member dies;
  • To calculate and pay those benefits, including any tax that may be payable to HMRC; and
  • To confirm the identity of people receiving benefits, to ensure we pay the right person.

In addition, we may also need to use personal data to:

  • Allow the Scheme’s sponsoring employers to understand the make-up of the Scheme and how it can manage its liabilities;
  • Better understand the Scheme’s long-term funding requirements;
  • Issue communications and information (whether through us or through third parties);
  • Respond to member and third party queries and disputes;
  • Prepare the Scheme accounts, audits and our reports to the Pensions Regulator;
  • Carry out actuarial valuations and calculations for the Scheme;
  • Decide or advise upon the investment of the Scheme’s assets and to implement investment decisions;
  • Demonstrate our past compliance with our duties;
  • Ensure the Scheme’s records are backed-up and new administrative processes are tested before they are put in place; and
  • Carry out the general administration of the Scheme (for example, to back up data, or ensure trustee directors are properly appointed and conflicts of interest are managed).

Who do we hold personal data about?

Personal data is information that can be used to identify a person. You are reading this Privacy Notice because we hold personal data about you. This means you will fall into one of the following categories of persons about whom we hold data:

  • deferred pensioners;
  • pensioners (including those in receipt of dependants’ or spouses’ pensions);
  • former members/pensioners with no further entitlement under the Scheme;
  • ex-spouse participants;
  • non-members who will or may receive benefits from the Scheme (for example, on the death or divorce of a member);
  • non-members who have received benefits from the Scheme and have no further entitlement;
  • non-members who have submitted enquiries; and
  • current and former trustee directors.

What personal data do we use?

Depending on the purpose for which we are using it, the personal data we have about you may include:

  • Personal details such as your name, national insurance number, date of birth, contact details (e.g. address, phone number or email), marital status and gender;
  • Information used to verify your identity such as utility bills, bank statements or government documents (e.g. a council tax bill);
  • Employment details such as your employment history, pensionable service records, salary information, contribution records and additional voluntary contribution contract;
  • Financial details such as your bank account and tax information; and
  • Personal details such as information about family members you have nominated to receive benefits if you die.

As part of running the Scheme, we may also need to hold and use information about you and/or your dependants and beneficiaries (known as “special categories of personal data”). Under data protection legislation, details relating to health and sexual orientation are regarded as special categories of personal data.

We may at times need to process special category personal data, for example, considering information about your health if you apply for ill-health early retirement.

Except where data protection legislation allows it, special category personal data cannot be processed or passed to a third party without your explicit consent.

How do we collect your personal data?

The data we hold about you may have been collected from you directly, such as when you:

  • Applied to join the Scheme;
  • Write to, phone or e-mail us with a query or complaint;
  • Provide us with any additional information, for example through the on-line portal; or
  • Are appointed as a trustee director or as a Scheme service provider.

We may also collect data about you from other parties, such as from:

  • The Scheme’s employers;
  • Another pension scheme, if you have transferred benefits into the Scheme or if you were previously a member of the Coats Pension Plan, the Brunel Holdings Pension Scheme or the Staveley Industries Retirement Benefits Scheme;
  • An existing member of the Scheme who gives your details in an expression of wish form or who was your former spouse;
  • Your legal representatives/guardian; or
  • Service providers who help us trace members with whom we have lost contact.

We also collect data from regulatory authorities (such as The Pensions Regulator) or government departments (such as HMRC or the Department for Work and Pensions).

Who might we share your personal data with?

In order to achieve the purposes we have outlined above, we may from time-to-time share your personal data with third parties.  We will not share your information except when it is appropriate to do so and will always ensure appropriate protections are in place.  The categories of recipients of your personal data may include the Scheme’s:

  • Sponsoring employers and their staff and professional advisers;
  • Administrator;
  • Payroll provider;
  • Software providers;
  • Insurers;
  • Actuary;
  • Auditors and accountants;
  • Legal advisers;
  • Investment advisers and managers;
  • Bankers;
  • Communications service providers;
  • Medical advisers; and
  • Other professional service providers, such as pensions consultancies, tracing services or providers of services such as marital status checking services.

We may also share your personal data with:

  • insurance companies and other organisations for the purposes of liability and risk management exercises;
  • third parties with whom you have put us in contact such as another pension scheme to which you wish to transfer, your financial adviser or your GP;
  • official organisations where we are obliged to do so, such as HMRC, the Pensions Regulator and the Pensions Ombudsman.

In some instances, we will share your personal data with organisations who are:

  • Data controllers in their own right – this is likely to be the case where we work with service providers whose work means that they will need to decide how to use the personal data and how to process it in order to carry out their work for the Scheme.
  • Joint data controllers with us – this is likely to be the case where the organisation is acting alongside us in making decisions about what personal data is collected and why, and what it is used for. The Scheme’s Actuary, Jeremy Dell of Lane Clark & Peacock LLP, has identified himself as a joint data controller with the Trustee. The joint data controller relationship will only extend to the processing of personal data that is carried out by the Scheme Actuary in the performance of the functions that are the statutory responsibility of the Scheme Actuary. In addition, Lane Clark & Peacock LLP may also be a joint data controller with the Trustee. (Lane Clark & Peacock LLP’s privacy notice (which applies to work that relates to the statutory responsibilities of the Scheme Actuary and to work carried out by Lane Clark & Peacock LLP) is accessible through the following link: https://www.lcp.uk.com/privacy-policy/). However, the Trustee will remain your primary point of contact for data protection purposes.

Will personal data be transferred outside the UK?

We may transfer and process your personal data outside of the UK and European Economic Area. Where we do share your personal data with a recipient outside of the UK, we ensure that any such transfers are carried out with appropriate safeguards in place and in accordance with current data protection legislation.

What legal basis do we have for processing your personal data?

Under data protection legislation, we can only use your personal data if we have a lawful basis for doing so. Subject to certain exceptions (see below), the lawful basis on which we use your personal data is that it is necessary for us to do so to comply with our legal obligation as trustee to administer the Scheme so that you can receive the benefits you are entitled to. We may also use your personal data to pursue the legitimate interests we or the Scheme’s sponsoring employers have in properly running the Scheme and understanding how it is made up and its potential future development. We also have a legitimate interest to provide our members with a high quality service.

The law is more restrictive about the lawful bases on which we can use ‘special category’ personal data. To the extent that we use such data, we will do so on the basis of your explicit consent, unless there are other bases on which we may do so (for example, where we are obliged to on the grounds of public interest or in order to comply with our legal obligations). Where we are relying on your consent to process your data, you are free to withdraw this at any time.

What rights to do you have in respect of your personal data?

You have a number of rights. Your rights may include:

  • transparency over how we use your data and to make a subject access request (right of access);
  • a right to have your personal data updated and corrected (right of correction/rectification);
  • a right to ask us to delete your personal data, although we can override this request in certain circumstances, for example in order to pay benefits (right to be forgotten);
  • a right to ask us to restrict / limit the processing of your personal data in certain circumstances, for example in order to pay benefits (right to restriction);
  • a right to object to processing based on our legitimate interests or automated decision making and profiling, although we can override this objection in certain circumstances (right to object);
  • a right ask for a copy of the personal data held about you, or have this sent to a third party (right to data portability); and
  • a right to claim compensation for material or non-material damage caused if we breach the data protection rules (right to compensation).

If you have any queries about any of these rights, please contact us using the details set out below in the ‘Contact Us’ section. If you exercise any of these rights, we may ask for proof of identity and sufficient information about your interactions with us so that we can locate your personal information. If we agree that we are obliged to provide personal information to you (or someone else on your behalf), we will provide it to you or them free of charge except in exceptional circumstances.

If you wish to raise a complaint in relation to our processing of your personal data, you can contact us using the details set out below in the ‘Contact Us’ section. If you are not satisfied with our response or believe that we are not processing your personal data in accordance with the law, you have the right to lodge a complaint with the Information Commissioner’s Office. You can contact the Information Commissioner’s Office at: https://ico.org.uk/global/contact-us/.

Please note, there may be circumstances in which you wish to exercise these rights and we are not able or obliged to comply with your request. For example, where your personal data is required in order to administer the Scheme or pay any benefits due to you, we would not be obliged to act on a request to delete your personal data and may continue to process such personal data.

If you would like to find out more about your rights, you can visit the Information Commissioner’s Office website (https://ico.org.uk/for-the-public/).

How long will we keep your personal data for?

We need to hold your personal data for as long as necessary to provide your benefits and operate the Scheme. We will take reasonable steps to ensure your personal data is adequately protected and processed in accordance with this Privacy Notice. We also review our approach to data retention at appropriate intervals and if we were to conclude that personal data is no longer needed it would be deleted or destroyed securely.

Communication by email and via our website

For ease of use and compatibility, our email communications (other than payments where applicable) will not be sent in an encrypted form unless you require it and provide the certification to enable us to communicate with you in that way. E-mail, unless encrypted, is not a fully secure means of communication. Whilst we endeavour to keep our systems and communications protected against viruses and other harmful effects we cannot bear responsibility for all communications being virus-free.

Where you have a password which enables you to access certain parts of our website, you are responsible for keeping this password confidential. We ask you not to share your password with anyone. The transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our website. Any transmission is at your own risk.

If you use the feedback (e-mail) facility of our website, information such as your name, e-mail address, type of feedback and other information will be used to respond to you and may be stored for future correspondence. If you do not wish this information to be used in this way, you should not use the feedback facility.

When you visit the website we may collect information such as the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform. We may also collect information about your visit including the full Uniform Resource Locators (URL) clickstream to, through and from our website (including date and time), products you viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs) and methods used to browse away from the page.

Our website may, from time to time, contain links to websites of our partner networks and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy notices and that we do not accept any responsibility or liability for these websites. Please check the privacy notices before you submit any personal data to these websites.

Cookies

Our website uses cookies to distinguish you from other users of our website. This helps us to provide you with a good experience when you browse our website and also allows us to improve the website. For detailed information on the cookies we use and the purposes for which we use them see our Cookies Policy, available at https://www.coatspensions.co.uk/cookies/.

Contact Us

If you have a query or any concerns in relation to how we use your personal data, or would like to exercise any of your rights, please contact us using the details below.

Privacy Notice review

We regularly review this privacy notice. If you think we’ve got something wrong or missed something out, or you would like more information, please let us know.

Further Information

For further information on data protection, please either contact us directly or refer to the ICO’s website https://ico.org.uk

PLEASE READ THIS PRIVACY NOTICE IN CONJUNCTION WITH OUR WEBSITE’S COOKIES POLICY AND TERMS AND CONDITIONS, BOTH OF WHICH CAN BE FOUND IN OUR LEGAL SECTION.

Getting In Touch – Contact Details

By post: Coats Pensions Office, PO Box 2043, Pershore, WR10 9ES
By phone: 0141 207 6800
By email: pensions.services@coats.com