GDPR and your pension

Data Protection Law controls how your personal information is used by organisations, businesses or the government. References in this section of our website to the 'GDPR' are to the UK’s implementation of the General Data Protection Regulation (GDPR) under the UK European Union (Withdrawal) Act 2018. The ‘UK GDPR’ sits alongside an amended version of the Data Protection Act 2018 to regulate how data is used.

Everyone responsible for using personal data has to follow strict rules called ‘data protection principles’. They must make sure the information is:

• Used fairly, lawfully and transparently
• Used for specified, explicit purposes
• Used in a way that is adequate, relevant and limited to only what is necessary
• Accurate and, where necessary, kept up to date
• Kept for no longer than is necessary
• Handled in a way that ensures appropriate security, including protection against unlawful or unauthorised processing, access, loss, destruction or damage

Privacy notices

• Privacy notice - Camden Council Pension Fund
• Privacy notice - Merton Council Pension Fund
• Privacy notice - Waltham Forest Pension Fund
• Privacy notice - Wandsworth Council Pension Fund

Memorandums of Understanding

• GDPR Memorandum of Understanding - Camden
• GDPR Memorandum of Understanding - Merton 
• GDPR Memorandum of Understanding - Waltham Forest
• GDPR Memorandum of Understanding - Wandsworth

Data retention policy – Pension Funds

• Pension Fund Personal Data Retention Policy - Camden 
• Pension Fund Personal Data Retention Policy – Merton
• Pension Fund Personal Data Retention Policy – Waltham Forest
• Pension Fund Personal Data Retention Policy - Wandsworth

Data retention policy – for LGPS employers

• Employer Personal Data Retention Policy - Camden 
• Employer Personal Data Retention Policy - Merton 
• Employer Personal Data Retention Policy – Waltham Forest
• Employer Personal Data Retention Policy - Wandsworth