Bloor Homes Retirement Benefit Scheme
Introduction and General Terms
This Privacy Notice sets out how the Trustees of the Bloor Holdings Limited Retirement Benefits Scheme (the Scheme) obtains, uses and protects any personal information that you provide to us, or that is otherwise obtained or generated by us, and which relates to you as a member of the pension scheme or to any individual connected with you. Wherever you see the words “we”, “us”, “our” in this Notice, these words refer to the Trustees.
This Privacy Notice explains the following:
• What personal information we may collect about you and how we collect it.
• How we keep your personal information safe.
• What we may use your personal information for.
• Whom we may share your personal information with.
• Your rights regarding the personal information you provide to us.
We are the Trustees of the Bloor Holdings Limited Retirement Benefits Scheme. We act as the primary data controller for the Scheme and are responsible for personal data as set out in this policy.
The Scheme’s registered office is at JS BLOOR (SERVICES) LTD, ASHBY ROAD, MEASHAM, SWADLINCOTE, DERBYSHIRE, DE12 7JP.
We are registered with the Information Commissioner’s Office under reference Z5455061.
The data we collect about you
Personal data, or personal information, means any information about an individual from which that person can be identified. We collect only that personal data from you that we need to operate the Scheme in the way that you would anticipate, for example, to calculate and pay benefits and communicate with you.
We may collect, use, store and transfer different kinds of personal data about you which we have grouped as follows:
The personal data we hold may not be limited to the examples in the table above.
How your personal information is collected
We use different methods to collect information from and about you.
You may give us your personal data by corresponding with us, either directly to us or through one of our service providers (such as the Scheme administrator). This could be by phone, post, email or otherwise. This includes personal data you provide when you:
• Become a member of the Scheme.
• Enquire about your benefits in the Scheme.
• Discuss with us your requirements in connection with your benefits in the Scheme.
• Otherwise, contact us.
We may also receive personal data about you from various third parties such as the sponsoring employers, HMRC, either your bank or our bank and sometimes through tracing agencies.
How we use your personal data
Most commonly, we will use your personal data in the following circumstances:
• Where it is necessary for our legitimate interests (or those of a third party acting for us) and your interests and fundamental rights do not override those interests. Our legitimate interest is to enable us to operate the pension scheme in the way that you would anticipate, i.e. to calculate and pay benefits and communicate with you.
• Where we need to comply with a legal or regulatory obligation.
• Where we need to perform the requirements of any contract we are about to enter into or have entered into with you.
We may process your personal data for more than one legal ground depending on the specific purpose for which we are using your data.
In certain circumstances, we may request specific Sensitive Data (called special category data) from our members to allow us to facilitate action on their behalf. This will only be collected when entirely necessary and with the explicit consent of the individual about whom it concerns or otherwise in accordance with the law. You may withdraw your consent at any time by notifying the Trustees. However, we may retain your sensitive personal data where it has been used to make a decision, as evidence in case of claims or queries.
Sharing your personal data
We may have to share your personal data with select third parties to fulfil our obligations as trustees of the Scheme including, for example:
• actuaries
• scheme administrators
• our bank
• sponsoring employers
• annuity providers
• insurance companies
• your bank
• investment managers/AVC providers
• auditors
• pensions ombudsman
• solicitors
• tracing agencies tracing agencies
• other regulatory authorities such as HMRC
We require all third parties to respect the confidentiality and security of your data and to treat it in accordance with the data protection laws. We do not allow our third-party service providers to use your data for their own purposes and only permit them to process your personal data for specified purposes relating to the Scheme and by our instructions or if there is a legal or regulatory obligation.
Other Data Controllers
We appoint a scheme actuary, a legal adviser and an auditor as part of our responsibility to appoint professional advisers to carry out certain functions relating to the proper and effective management of the Scheme.
In some circumstances, we may share responsibility as data controller of your personal data with these parties as well as the sponsoring employer, who may process your data to comply with its legal obligations.
Where we share responsibility with the scheme actuary, this is because the scheme actuary has an obligation to act in accordance with their responsibilities under legislation and professional guidance.
Automated decision making
We do not use the information you provide to make any automated decisions that might affect you.
International transfers
We do not currently transfer the personal data of any Pension Trust beneficiary or member outside the European Economic Area (EEA). If we need to transfer your data outside the EEA in future, we will ensure appropriate safeguards are implemented to protect your data in accordance with applicable laws.
Data security
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. Also, we limit access to your personal data to those individuals and third parties who have a business need to know. They will only process your personal data on our instructions, and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
Data retention
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including to satisfy any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
In normal operation, we expect to keep your data for the time you are a member, including the time benefits are being paid. Beyond this, we will keep sufficient personal data as evidence in case of claims or query after that.
Changes to the privacy notice and your duty to inform us of changes
This version of our privacy policy was last updated in May 2023 and may be updated from time to time. It is vital that the personal information we hold about you is accurate and current. Please keep us informed if your personal data changes.
Your rights over your information
Under certain circumstances, you have rights under data protection laws in relation to your personal data. These include the right to:
• Be informed of how your personal data is collected and processed
• Be informed of a personal data breach involving your data as prescribed under data protection law.
• Request access to, correction of, or erasure of your personal data.
• Object to, or request restrictions on the processing of your personal data.
• Obtain and reuse your personal data to engage different services
• Challenge any automated decision making or profiling.
In the event that you choose to exercise any of your rights in respect of data protection law (as outlined above), you should contact us, the Trustees, in the first instance. We will review your request and engage with any other relevant processor or controller in order to deal with your request in a manner that we consider the most appropriate.
Contacting us
We are not required to have a data protection officer, so any enquiries about our use of your personal data should be addressed to the contact details below.
Address:
Bloor Holdings Limited Retirement Benefits Scheme
JS Bloor (Services) Ltd
Ashby Road
Measham
Swadlincote
Derbyshire
DE12 7JP
Phone: 01530 270100
Email: hq@bloorhomes.com
Your right to complain
If you have a complaint about our use of your personal information, we would prefer you to raise it with us in the first instance to give us the opportunity to put it right, but you can also contact the Information Commissioner’s Office as below:
Address:
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Phone: 0303 123 1113
Website: www.ico.org.uk/concerns
