The Railways Pension Trustee Company Limited (the 'Trustee') and Railpen Limited ('Railpen'), each with its registered address at 100 Liverpool Street, London EC2M 2AT, are 'joint controllers' in respect of your personal data for the purposes of applicable data protection legislation.
We are the Railways Pension Trustee Company Limited, RAILPEN Limited, RAILPEN Investments Limited (each with its registered address at 100 Liverpool Street, London EC2M 2AT) and each is registered with the Information Commissioner's Office (ICO) as a separate 'data controller' in respect of personal information handled for the Railways Pension Scheme. We are also a data processor for personal data handled on behalf of our clients in pension schemes such as Zurich, United Utilities and Schneider amongst others.
This privacy notice is intended to give you a clear picture of how we handle and protect your personal information. It describes what we collect about you, why, how it is handled, with whom we share it, and where and how long we handle it before it is
securely destroyed.
Whose personal information we handle
We handle and protect personal information relating to members of the Schemes we administrate and:
their employers
their next of kin
their representatives
their nominees
their beneficiaries
Why we use personal information
For data protection purposes we justify the handling of any personal information we receive based on:
our legitimate interests - handling your personal information to calculate and provide benefits to our members or others entitled to receive them as part of our pension Schemes
our legal obligations - handling personal information because we are legally required to do so
your consent - members using our portal or visiting our website can give and withdraw their consent to the use of all non-essential
Below are the purposes we have identified to handle and protect your personal information. *LI indicates the reasons premised upon Legitimate Interests.
Reasons for handling your personal information
Examples
Manage security incidents and breaches
Deal with incidents and breaches reported about IT hardware and software holding your information
Review rights requests
Review your data protection rights requests and provide you access to or act on requests to change, delete, suppress, object to or appeal against how we handle and protect your information
Execute client trading on behalf of Members (LI)
Carry out intersection and external Scheme and TUPE transfers
Undertake case committee reviews (LI)
Distribute your information to committee members for example, to decide on benefits to be provided based on ill health retirement
Make payments following a transfer out of the Schemes (LI)
Support requests to transfer you out of our pension Schemes and to another one
Pay benefits at retirement (LI)
Obtain documents such as original birth/marriage certificates or copy of passport/driving licence and bank details so your benefits can be paid to you
Update bank details (LI)
Input new bank details received from a member or a bank
Record changes of name (LI)
Update records to reflect a change of name following marriage or change of personal circumstances
Record benefits nominees (LI)
Input details of your nominees provided on Nomination form onto our systems
Handle reports of a death (LI)
Handle your reports of deceased members, such as setting up and paying out to dependants and other beneficiaries
Handle queries (LI)
Respond to your queries
Enrol individuals onto our portal and websites (LI)
Register you on our portal so you can access your pension information there
Share information with external Scheme advisers (LI)
Share your information with scheme actuaries so they can validate our calculations of the benefits you receive
Record Letters of Authority (LI)
Log your Letters of Authority so your proxies can handle your pension on your behalf
Provide estimates of benefits and transfer quotes (LI)
Calculate your benefits due to member on retirement or transfer
Manage benefits following a Divorce (LI)
Collate and record documentation receiving Scheme details in order to provide benefits to your ex-spouses
Return original Certificates (LI)
Return, following collation and recording, to you the original certificates that you, your relatives or your representatives etc, supplied to us
Ill health and serious ill-health retirement grounds (LI)
Collate documentation relating to your health condition and personal circumstances to support providing you with benefits prior to your retirement on ill-health/serious ill-health grounds
Oversee the administration of the pension Schemes (LI)
Investigate, monitor, and prepare control and regulatory reports about how we handle pension benefits, members like you and those related to you and the Schemes more generally
Manage TUPE transfers (LI)
Update your records should you be TUPE'd from one section of the RPS (Railways Pension Scheme) Schemes to another
Enrol new entrants (LI)
Obtain your details to be set up and record that you are a new member of our pension Scheme/other schemes we administrate
Oversee our Master Trust (LI)
Oversee the operation of our Master Trust pension scheme
Undertake Quality Assurance reviews (LI)
Monitor the quality of business processes associated with dealing with you and our members
Provide legal advice (LI)
Provide legal advice or legal support in relation to Railpen's business
Approve and post journals (LI)
Post new journals to the ledger in line with good accounting practices
Perform bank reconciliations
Reconcile bank transactions to our ledger
Carry out banking activities (LI)
Download statements to handle cash as it comes in and out of the business
Pay supplier invoices for work rendered (LI)
Pay supplier invoices
Manage financial transactions (LI)
Manage CHAPS and BACS transactions in order to pay members and collect contributions
Produce treasury forecasts (LI)
Produce forecasts about what cash is in the bank
Perform control monitoring (LI)
Investigate, monitor, and prepare control and regulatory reports into we handle our accounts
Prepare annual accounts (LI)
Produce audited accounts
Produce cashflow forecasting (LI)
Provide forecasted payments in and out to our various internal and external stakeholders
Manage travel and accommodation booking
Manage Railpen's travel and accommodation bookings
Make CHAPS payments (LI)
Make ad hoc payments
Manage security incidents (LI)
Manage information security incidents and alert our regulators and those such as you that may be affected
Undertake internal audits (LI)
Assess whether our business processes are in line with legislation, regulation, industry best practice and internal policy which may mean accessing information about you
Carry out fraud investigations
Investigating suspected attempts of fraud by you to deceive Railpen for your own profit
Investigate issues brought to our attention by whistleblowers
Investigate allegations or concerns made via our confidential whistleblowing hotline. This may require reviewing information about you
Cookies deployed on our websites and portal are as follows:
Name
Category
Duration
Cookie Description
_ga
Analytics - Google
Persistent
Stores and counts pages viewed
_gat
Persistent
Reads and filter requests from bots
_gid
Persistent
Stores and count pages viewed
_hjAbsoluteSessionInProgress
Analytics - Hotjar
Persistent
Detects the first page view session of a user
_hjFirstSeen
Persistent
Identifies a new user’s first session
_hjIncludedInPageviewSample
Persistent
Determines if a user is included in the data sampling defined by our site's "pageview limit"
_hjIncludedInSessionSample
Persistent
Determines if a user is included in the data sampling defined by our site's "daily session limit"
_hjSessionUser_1850450
Persistent
Detects when a user first lands on a page and recalls data whenever user visits site so that behaviour in subsequent visits to the same site will be attributed to the same user ID
_hjSession_1850450
Persistent
Detects data in current session (visit to the site) and attributes requests made by the user during that visit
__cf_bm
Analytics - Vimeo
Persistent
Distinguishes between humans and bots to ensure use of their website is valid and free from abuse
player
Persistent
Saves the user's preferences when playing embedded videos from Vimeo
vuid
Persistent
Collects data on the user's visits to our website, such as which pages have been read
ApplicationGatewayAffinityCORS
Essential
Session
Azure user session cookie is set whenever website is run on Azure Cloud Computing Platform. This enables web browser traffic to be assigned to a single server during certain sections of the website.
ApplicationGatewayAffinityCORS
Session
Azure user session cookie
sf-prs-lu
Session
Saves the landing URL
sf-prs-ss
Session
Logs the time of first page visit
sf-tracking-consen
Session
Logs the tracking consent choice made by users for…
va_tkn
Functional - Virtual Assistant
Session
Virtual Assistant user session cookie help chat bot
What personal information we handle
In order to handle your personal information for the above reasons, we may collect and use the following types of personal information about you and, in some circumstances, your spouse, civil partner, partner or dependants:
Personal details
Financial details
Details about others
Name
Postal address
Email address
Pension Reference Number
Correspondence
NI number
Employee number
Payroll ID
Photo ID (Passport/driving licence)
Birth, death, marriage certificates
Gender
Your employer's ID
Your pension scheme ID
Date you joined our scheme
Date your contributions began
Salary
Bank account details
Pension forecasts i.e. death benefit salary, total pensionable salary, contributions made
Marital status
Dependants
Nominees
What special category and sensitive personal information we handle
We also handle the following 'special categories' or more sensitive personal information:
Health data - information about your health conditions could be collected from you should you apply for ill health or serious ill-health retirement
Reasons for handling your sensitive and special category personal information
Examples
Substantial public interests
for a substantial public interests which are contained in the UK Data Protection Act
Vital interests
protect yours or someone else's vital interests - usually by making a disclosure to a third-party to support you or a third party with whom you have some involvement
Explicit consent
with your explicit consent from time to time we will need your valid explicit consent to handle your personal information if no other appropriate data protection legal basis exists
Where we get your personal information from
Personal information received by Railpen usually comes from yourself, a current or former employer, government agency, any financial or other advisers or representatives acting on your behalf. We also use several suppliers that allow us to verify the accuracy of personal information handled by us (for example, to trace current addresses or verify its continuing existence).
In certain circumstances, we may ask you for information relating to your health. For example, if you are applying for ill-health benefits. In some circumstances, additional medical information may be required from your doctor or appropriate medical adviser. We will explain to you at the time why we need that information and how we intend to use it. You do not have to provide the information requested from you, but there may be a delay in the payment of benefits if that information is not provided.
You may also need to provide us with personal information relating to other people (for example, your spouse, civil partner or dependants) for example when completing a nomination form. When you do so, you will need to check with them that they are happy for you to share their personal information with us and for us to use it in accordance with this privacy notice.
If you are acting on behalf of a child, we may also hold and use your personal information, which will be dealt with on the same basis as set out earlier.
With whom we share your personal information
From time to time, we may need to share your information with other parties. Where this is necessary, we are required to comply with all relevant data protection legislation. The types of third parties we may need to share of your information with include:
Employers and other pension schemes
Professional advisory services
Regulators and government agencies
Suppliers to Railpen
your current or former employer - for the purposes of operating the Schemes;
other pension schemes connected with you or your relatives, nominees, or other beneficiaries
an actuary that is appointed to provide advice on whether the Schemes are fully funded and operating properly. For example, whether we have calculated your benefits properly.
an auditor so that they can prepare the annual accounts and audit them for us;
a legal adviser so that they advise us on all legal issues affecting the Schemes or Fund;
government agencies (for example, HM Revenue and Customs)
regulators
police
judicial authorities
companies that provide services to us such as help us store and share information or to verify your identity as well as to prevent and detect fraud
Certain third parties (most notably, the Schemes' actuary and other professional advisers) are themselves subject to certain legal or regulatory obligations (including professional codes of practice). They will be responsible for their own handling
of the information we share with them.
Sharing your personal information overseas
Our core systems, data, and administration services are all carried out and stored within the UK.
Where it is necessary to transfer personal information i.e. send, store or allow access to your personal information outside the UK we will ensure that the correct safeguard is used so that the data is protected to an equivalent extent as it would be
if it remained in the UK. This is usually by transferring to a country that is approved as having essentially equivalent data protections under the UK Adequacy Regulation.
Alternatively, we carry out a Transfer Risk Assessment, and where appropriate, the receiving party putting in place an International Data Transfer Agreement designed by the ICO or the EU’s Standard Contractual Clauses with an addendum agreed by
the ICO and UK Government to recognise it as a valid control under UK. If necessary and based on our Transfer Risk Assessment, we may ask them to put in place additional measures to protect your personal information.
How we keep your personal information secure
We are committed to protecting your personal information from loss, misuse, disclosure, alteration, unauthorised access, and destruction. We take all reasonable precautions to safeguard the confidentiality of personal information.
We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal information
is not disclosed to any person who has no right to receive it.
Although we make every effort to protect your personal information the transmission of information over the internet is not completely secure. As such, you acknowledge that we cannot guarantee the security of personal information transmitted to us over the internet, and that any such transmission is at your own risk.
Once we have received your personal data, we will use strict procedures and security features to prevent unauthorised access (and take steps to ensure that any third parties with whom we share your personal data do the same).
How long we keep your personal information
We will only retain your personal information for as long as necessary. Necessity will be based on our legal obligations, regulatory guidance, and industry good practice. We have documented how long we keep records containing personal information and
why in polices and standards on retention and destruction.
In some circumstances, we may anonymise your personal information instead of destroying it so that it can no longer be associated with you but where anonymised data can be used to add value to our products and services.
Our standard policy is for information or data to be kept for only as long as necessary for the purposes set out above. It is then disposed of in a managed and secure way. However, as pensions are a long-term saving vehicle, it may be necessary to retain
your personal data for the remainder of your life and any dependants' lives in order to determine your entitlement to and pay the benefits you may be entitled to, along with any dependant's benefits payable.
Your rights
You have several rights under data protection law.
These include the right to:
receive a copy of the personal data we hold about you
request personal data to be amended if it is inaccurate or incomplete
request the deletion or removal of personal data where there is no compelling reason for its continued use
block or restrict the processing of your personal data
object to the processing of your personal data
There is also a right in GDPR (General Data Protection Regulation) to receive your personal data (in a structured, commonly used, and machine-readable format) and to transfer your data to another service provider or data controller. This right applies
where your data is being processed on the basis of your consent or in line with a contract to which you are party. Please note that, for the majority of members, this is not applicable as we rely on our legitimate business interest to collect and
process your data rather than individual consent or contracts.
In order to exercise any of the above rights please write to the DPO (Data Protection Officer) at the address under the Our Data Protection Officer section.
If you fail to provide personal information
If you fail to provide certain information when requested, we may not be able to provide our services to you (such as paying you your pension), or we may be prevented from complying with our legal obligations (such as to prevent fraud).
We may also not be able to support you if you do not provide us with up-to-date personal information. Therefore, please do keep us updated of any changes in your personal circumstances
We do not envisage that any decisions will be taken about you using automated means, however we will notify you in writing if this position changes.
Your rights to lodge a complaint with the Regulator
At all times, you have the right to report a concern or lodge a complaint with the Information Commissioner’s Office. Please refer to the ICO on their website or by calling them on 0303 123 1113. Of course, we hope that we can resolve your issue quickly and fairly ourselves.
Our Data Protection Officer
We have appointed a data protection officer (DPO) to oversee compliance with this privacy notice. If you have any questions about this privacy notice or how we handle your personal information, please contact the DPO at DataProtectionTeam@railpen.com
or write to:
Railpen 7th Floor 100 Liverpool St London EC2M 2AT
If you are unhappy with how your personal information is being handled, you also have the right to make a complaint to the Information Commissioner's Office, an independent body set up to uphold information rights, which will investigate your complaint.
Changes to this Privacy notice
We reserve the right to update this privacy notice at any time, and we will provide you with a new privacy notice when we make any substantial updates. We may also notify you in other ways from time to time about the processing of your personal information.
We use these cookies to ensure our services work correctly. They cannot be switched off. You can find out more in our privacy policy and cookie policy.
Cookie
Purpose
Sitefinity
These cookies are part of the website log in mechanism. They
allow authenticated users to access secure content across
Railpen websites.
Vimeo
Cookies used to control the Vimeo video player. Railpen websites use Vimeo to deliver video content
unencumbered by commercial messages.
Virtual Assistant
Cookies required by the Virtual Assistant window for it to display and function correctly.
Network
These cookies are part of the website log in mechanism. They allow authenticated users to access secure content across Railpen websites.
Analytical cookies
Allow
These cookies allow us to improve our website.
Cookie
Purpose
Hotjar
Railpen uses Hotjar to analyse how customers are using our website, with a view to improving customer experience.
However, it does not use Hotjar’s Visitor Recordings facility.
Allow
Google Analytics
These cookies are used to collect information about how visitors
use our site.