Your Pension - Your Future 

Introduction

We, the Trustees of the Zurich Financial Services UK Pension Scheme (the "Scheme") will use your personal information to assess, deal with and pay any benefits you may be entitled to under the rules of the Scheme and also (if applicable) under the Zurich Financial Services UK (Unregistered) Life Insurance Scheme. We will handle your data in compliance with all relevant data protection legislation, including in compliance with the UK's General Data Protection Regulation ("GDPR").

As a data controller, we share Scheme data with third parties who also act as data controllers of your personal information for the purposes of data protection legislation, including:

• Hymans Robertson, which provides actuarial services including periodic valuations of the Scheme's assets and liabilities. You can read their privacy notice here. 
• Ernst & Young, which provides audit services. You can read their privacy notice here. 
• Aon, which provides pensions consultancy services. You can read their privacy notice here.

They have their own privacy notices because they need to tell you about how they collect, hold, use, share, and transfer your personal information. 

1. Personal information collected about you

In addition to any information supplied by you, personal information about you may be obtained from other sources, particularly the Zurich group and, if required, any former pension scheme or employer of yours. It may also be obtained from government departments such as HMRC and DWP and from publicly accessible sources. The information may include your date of birth and earnings (in order to calculate benefits and contributions) and bank account details (in order to pay pensions). Other personal information may be held, such as your completed Nomination Form setting out how you wish any lump sum death benefits to be paid.  

We may need to collect additional information, for example when dealing with the benefits for ill-health, divorce and death. This could include:

• Information about your health if it's relevant to early payment of scheme benefits. 
• Details of your personal relationships, which could include sexual orientation, when determining who should receive benefits on your death. 

We might also, very rarely, have information about criminal convictions and offences, but only where it is relevant to the payment of Scheme benefits.  

Some of your personal data may be collected indirectly through the pensions dashboards system. This is because we will obtain personal data from the dashboards system, including during the process of matching members with their Scheme benefits. More information on the dashboard is available in Section 4.

2. Use of personal information

Under the GDPR the Trustee is permitted to process personal information to administer the Scheme and generally to fulfil its legal and regulatory obligations. We may also process personal information in connection with legal proceedings or disputes or where it has some other legitimate interest in doing so.

When we convert personal information into anonymised form for the purposes set out in Section 3, that processing will be for our legitmate interests.

If health or other sensitive information is to be processed, you will be contacted separately if we need your consent for that. We will generally rely on consent when processing special categories of personal data such as information about your health. However, sometimes there may be legal reasons, for instance about social protection and what's in the public interest, which mean we can use health information and details about personal relationships relevant to who should receive benefits on your death (which might indirectly reveal your sexual orientation) without consent. Sometimes we need to use your special categories of personal data in order to establish, exercise or defend legal claims.

3. Disclosure of personal information and pseudonymisation or anonymisation 

Personal information may be transferred to and processed by the UK Pension and Benefits Team and other third parties and contractors involved in the running of the Scheme. These include service providers and professional advisers who work with us to ensure that the Scheme is administered and run effectively and efficiently. 

In addition, personal information may be converted into either pseudonymised or anonymised form so that it can no longer be associated with you and can be shared with a service provider or adviser for purposes outside of administering the Scheme. For example, this could be for data testing purposes (see Section 4 about pensions dashboards), or it could be for Scheme analytics (such as about life expectancy which means predicting how long members need their benefits). In such circumstances we may use such information without further notice to you. It's anonymised or pseudonymised so that your privacy rights are protected. 

Zurich administers part of the Scheme, and also Zurich's computer systems are used for Scheme purposes which is why personal information will be stored on them. Railpen administers another part of the Scheme and they also provide the systems used for administration of the whole Scheme. Zurich, Railpen and other third parties and contractors will be subject to confidentiality and data protection requirements under which they may only access and process personal information for what they do for us and that means they use data as described in this notice. Personal information may also be transferred to others where they have a legitimate interest in processing it or where we are required by law to provide the information, including:

• Zurich group companies (e.g. to formulate a compensation or termination package);
• any buyer or prospective buyer of any Zurich company or business (e.g. for due diligence purposes);
• any pensions dashboard providers and integrated service provider which connects to the pensions dashboards system for the purposes of complying with our legal obligations and for our legitimate interests in relation to the testing and operation of pensions dashboards. You can find more information on data retention in Section 6.
• other pension schemes and insurance companies to whom transfer payments may be made;
• HM Revenue & Customs, The Pensions Regulator and any other relevant regulators or statutory bodies;
• our professional advisers including the third parties mentioned at the start of this notice and others such as lawyers and consultants; and
• tracing agencies and providers of mortality checks, IT and data storage providers.

4. Pensions dashboards

The government has set up a system called pensions dashboards. It's designed to help you see all your pension information online in one place. As part of this, we are required by law to match certain members (who search on dashboards) with information on their benefits in the Scheme. To do this, we must also provide certain information to the dashboards system (including the identity service, the pension finder service, the consent and authorisation service) so that it can be displayed when certain members ask to see it on a dashboard. 

As mentioned above this could include sharing data with dashboards providers (commercial and non-commercial), the integrated service provider, Zurich and Railpen.

We may also need to report information (which could include personal data) to other bodies including the Money and Pensions Service, the Pensions Regulator and the Financial Conduct Authority.

As part of this we may need to process some extra personal information about you, if we have this, such as electronic 'pension identifiers', previous or alternate names, your former address(es), your national insurance number ('NINO') and any partial NINO.

We may use your personal information for pension dashboards compliance testing. It's part of our legitimate interests and required to meet legal obligations. Without it, we can't connect to the dashboards.

For testing, we usually use anonymised data. This is why we've explained that converting personal information to anonymised data is justified by legitimate interests. Using your personal information to comply with dashboard regulations is necessary to meet our legal obligations. This includes matching and checking for benefits as described above.

5. Personal information processed by AI tools

Personal information may be processed using suitable AI tools in order to improve the efficiency, quality and speed of our internal processes, procedures and communications.

For this purpose, we rely on our legitimate interest to process your personal information when we are using AI tools. They help us to run the Scheme efficiently and effectively and to communicate clearly and concisely.

At the moment we use internal AI tools. We don't expect this to happen right now, but in due course we might use AI tools from third parties (which you might have heard of publicly). If this happens, we will make sure your information is protected just as we do when it's processed by our internal AI tools.

6. Retention of personal information

Personal information obtained will generally be kept for a long period after the death of the member or transfer out of the Scheme. This ensures we can satisfy our legal obligations in relation to the Scheme and pay any benefits due (including if your data originated from the pensions dashboard ecosystem and if you were matched up with the Scheme through that).

We need to keep your personal information for this period so that, if a query arises in the future about your benefits, we have enough information to deal with it where we have a legal obligation to do so. These are the criteria we apply to determine how long to keep your personal information:

• To meet the requirements of both UK tax and pensions law, we must keep certain personal information (for example, the date of joining the Scheme, name and address, and details of benefits paid) for a minimum of 6 years
• After this the Trustee considers it necessary to retain most personal information for at least a member's lifetime, and for an appropriate period after that (up to 75 years generally), so that we can answer queries from individuals who believe they have a benefit under the Scheme. In the case of transfers-out of the Scheme, data will be held for a similar period.

In relation to pensions dashboards:

• If we find a match for a particular member, we will keep that data for our normal retention periods.
• If there is a partial match, the data will be kept for a limited time in order to resolve the request. If it cannot be resolved within a period of 30 days, or it is concluded there is no match, the data will be deleted.

7. Transfers of personal information outside the UK

Under the GDPR, your personal information might be moved to any country within the European Economic Area (EEA) or any other country recognised by the UK's Secretary of State or the UK's Information Commissioner as having similar data protection laws, like Switzerland. 

We don't expect this to happen right now, but your personal information could be transferred and processed somewhere else in the future. If this happens, we will make sure your information is protected just like it is within the UK or EEA. 

For example:

• The recipient might have agreed to protect your information (these are called safeguards)
• If it's in the US, they might be a certified member of the UK-US Data Bridge scheme.

If you want more information or a copy of any contractual protections, please contact the Scheme Secretary.

8. Your rights

You have a number of rights in relation to the personal information which is held about you, including:

• the right to see a copy of it and to be provided with details regarding the processing of it;
• the right to have it rectified if it is inaccurate or incomplete;
• the right to request that it is erased or, in certain circumstances, to object to it being processed or to request that its processing is restricted. Please note however that any exercise of these rights will not be binding on us insofar as we are entitled to retain and process the information; 
• the right to withdraw consent. For example, where you have provided medical information to us as part of an early retirement application on grounds of ill-health you can withdraw any consent you've given to us about that by notifying us. However, withdrawing consent will not affect the processing up to that point and it's important to note that the consequence of withdrawing consent would be that we'd have to stop processing your application; and
• the right to complain to the data protection regulator, the Information Commissioner’s Office, which may be contacted via its website or telephone 0303 123 1113.