• Send us a message

    Fill in our form and we'll get back to you as soon as possible

    Please enter name
    Please enter your telephone number
    Please enter your email address
    Please let us know which of offices would most convenient for you?
    Please enter the details of your enquiry
    Please enter the verification code
    Send us a message
  • Services for you
  • Services for business

The GDPR and Your Firm's Pension Scheme


The press is awash with comment about the General Data Protection Regulation (GDPR), which came into full effect 25 May 2018. It would be difficult for any organisation not to be aware by now of the issues and, hopefully, your business is well on the way to making sure it complies.

However, many businesses do not seem to be aware that a firm's pension scheme must also comply with the GDPR, and the trustees of the pension scheme will be responsible for this.

Pension schemes hold a great deal of information about individual members and former members, which is protected data under the GDPR.

In order to comply, the scheme trustees will need to understand what personal data they hold and ensure the data is:

  • processed fairly and lawfully;
  • kept secure and up to date and is accurate;
  • only collected for legitimate purposes which are clearly specified; and
  • retained no longer than it is needed.

They must also demonstrate that the pension scheme has the systems and procedures in place to be able to prove compliance with the scheme's data protection policies and the GDPR.

For advice on any data protection issue or on your legal obligations regarding your firm's pension scheme or as a pension scheme trustee, contact us.

The contents of this article are intended for general information purposes only and shall not be deemed to be, or constitute legal advice. We cannot accept responsibility for any loss as a result of acts or omissions taken in respect of this article.