Atlas Master Trust Trustees Limited (the Trustee). Under applicable data protection legislation including but not limited to the General Data Protection Regulation (GDPR) the Trustee is the data controller of personal data stored and processed by the Atlas Master Trust (Atlas).

This notice sets out how the Trustee uses and protects any personal information that you, your pensions scheme trustee or employer, provide, or that is otherwise obtained or generated by the data controller and which relates to you or to any individual connected to you.

This privacy notice explains:

  • Who we are;
  • What information we may collect about you;
  • What we may use your information for;
  • Who we may share your information with; and
  • Your rights regarding your personal information held by the data controllers.

Who we are

We are Atlas Master Trust Trustees Limited and can be contacted in the following ways:

By email: neil.taylor@atlasmastertrust.co.uk;
By post: Atlas Master Trust, C/O Neil Taylor, Capita Employee Solutions, 17-19 Rochester Row, Westminster, London, SW1P 1JB

Why do we process your personal data?

We process your personal data because you are a member of a pension scheme which your employer or scheme trustee has decided to run as part of the Atlas Master Trust.

We do this to administer the Scheme including ensuring contribution are invested and you and your dependents receive the correct benefits when they are due to you.

The legal basis for doing this is because the Trustee has a legitimate interest in doing this.

We collect and process your data on the legal basis set out below:

Legal obligation on us (the data controller) to:

  • Process personal data about members in order to carry out legal obligations under the Atlas trust deed and rules, and applicable pension legislation, including the following obligations
    • To calculate and pay the correct benefits, and deal with any queries about these
    • To communicate with you about your benefits and the pension scheme
    • To pay tax charges, monitor whether allowances are exceeded and report to HM Revenue & Customs

Legitimate interest of the data controller

  • It is in the legitimate interests of the data controller to be able to use the data to administer the Scheme, for the benefit of participating employers and all members of the Scheme

Explicit consent

  • Your explicit consent will be sought before collecting and processing any special categories of personal data, such as medical records or health information

What personal data do we process?

We endeavour to minimise the amount of data held. However, we do need to hold certain data in order to be able to provide the correct benefits to members and their dependants. This information may include some or all of the following:

  • Personal details including name, address, date of birth, gender, marital status, details of dependants, nominated beneficiaries  and national insurance number
  • Scheme membership and employment details, including period of service, salary and contributions paid
  • On occasion, certain special categories of personal data may need to be held (for example medical records if a member wishes to retire early on the grounds of ill health) – should this be required your consent would be requested

Where do you get my data from?

Aside from any detail that you provide, the Scheme may potentially receive or has received personal data from:

  • your employer or a former employer
  • HM Revenue & Customs
  • a tracing agency
  • your nominated financial adviser
  • your appointed representative
  • any previous pension provider where you had benefits

Who we may share your data with

In order to administer the Scheme and meet the requirements of our clients and regulators we may sometimes share your personal data with the following:

Clients: Your Employer and Trustees of pension schemes
Scheme administrator: Capita Employee Benefits Limited and Scheme secretary
Scheme Legal Advisers:
Pinsent Masons
Auditors: Crowe Clark Whitehill

Where possible, your personal data will be anonymised before it is shared

All organisations have to ensure that they protect your personal data and only use it in line with principles contained in applicable data protection legislation. The data controller has written agreements in place with its advisers and service providers to ensure their compliance with data protection law and regulation.

Your data may also be shared with the following types of organisations when their services are required in support of administering the Scheme:

  • Tracing providers – to locate you are your beneficiaries if we lose contact with you
  • Archiving, document printing and distribution companies – to store documentation, print material such as letters, pension statements or other scheme information we may send to you
  • IT service providers – to provide and support the systems we use to administer the Scheme

We may also pass personal information to other third parties at your request, for example where you are considering a possible transfer and you have asked the data controller to provide information to your financial adviser and/or to the administrators of the receiving arrangement. In this situation the data controllers will assume that you have satisfied yourself that the third party has suitable security measures in place.

Transfers outside of the EEA

Your personal data is not transferred to third parties in countries outside the European Economic Area (the “EEA”). Where that is the case all reasonable steps will be taken to ensure that the processing of any personal data by the third party, including the transfer to the third party, complies with data protection laws and regulations, including, for example, requiring the third party to agree to certain data protection model clauses.

How long we will keep your data for

Your personal data will be kept, in accordance with the law and regulatory guidance, for as long as is necessary for the purpose(s) for which it was collected, and for so long afterwards as the data controllers consider may be required to deal with any questions or complaints that they may receive about the administration of the Scheme. When no longer needed, your personal data is securely destroyed.

What are my individual rights in relation to the processing of personal data?

Data protection legislation gives you the following rights; however in certain circumstances they may be limited or do not apply:

  • Right to rectification (to have incorrect or incomplete personal data updated)
  • Right of subject access (to determine and receive a copy of your personal data held by or on behalf of the data controllers)
  • Right to erasure (sometimes known as the right to be forgotten (to have your personal data deleted or removed it if is no longer necessary for the purpose of administering the Scheme))
  • Right to data portability (to obtain and reuse your data for your own purposes) – this does not apply to Atlas as your data is processed based on legal obligations and legitimate interests
  • Right to object to the processing of your personal data

Should you wish to exercise any of your rights detailed above please contact: c/o Neil Taylor, Atlas Master Trust, C/O Capita Employee Solutions, 17 – 19 Rochester Row, Westminster, London, SW1P 1JB.

You also have the Right to lodge a complaint with the Information Commissioner’s Office (ICO). If you wish to exercise this right please contact the ICO https://ico.org.uk/concerns

Updates to this notice

We may update or amend this privacy notice from time to time to comply with the law or to meet changing requirements. Any changes made to the privacy notice will be notified to members.

This privacy notice was last updated in May 2020 and supersedes any previously issued notice in respect of the Scheme.

Close