General Data Protection Regulation (GDPR) is replacing the current data privacy law, granting you more rights as an individual and reforming the obligations of organisations holding your personal data.
Growth Partners PLC is committed to being transparent about how it collects and uses the personal data of its workforce, and to meeting its data protection obligations (GDPR). This policy sets out the organisation’s commitment to data protection and outlines individual’s rights and obligations in relation to personal data.
What type of personal data do we collect?
The Pensions Department at Growth Partners is required to hold certain information about its members to show the regulators how we have complied with our legal auto-enrolment duties. These duties are controlled by The Pensions Regulator who has outlined the specific data which the Growth Partners’ Pensions Department must adhere to:
· Fulfil its obligations under auto-enrolment
· Provide records to the regulator upon request
· Help check or reconcile contributions made to the pension scheme
|Information held||Purpose for processing the information|
|Personal information including Name, Title, Sex, Address, Postcode, email and NI Number||This information is used to send you correspondence related to auto-enrolment.|
|Employment start date||To determine the date the employer needs to start
auto-enrolment for you (duties start date).
|Salary/Earning details and Date of birth||Used for preliminary assessment to work out which staff
needs to be enrolled into a pension scheme.
|Joining in Notice and Opt-in notice||We will only hold the joining in/opt-in dates for
contribution reconciliation purposes.
Information retention period
We are required by law to hold the information for a minimum period of 6 years. For active members (members who are still paying into the pension) we will continue to hold the information for the duration of the status remaining active. For non-active members (deferred status) we will hold the information for a period of 6 years after the start of the deferred status, after which all the details will be deleted securely.
Legal basis for processing your information
We process your information to comply with our legal obligation with the Pensions Regulator. See http://www.thepensionsregulator.gov.uk/guidance/guidance-record-keeping.aspx for further information.
How do we collect this information?
Most of the personal data we collect, and process is provided by either your employer and/or your payroll department and is normally mandatory to fulfil the legal requirement. Where any data collected is more than what is mandatory, and is provided to us on a voluntary basis, we will inform you that you have a choice whether to provide this.
Who do we share this information with?
|Type of service||Name of provider||Reason for sharing|
|Pension provider||CORPAD||To enable CORPAD to assess eligibility for auto-enrolment|
|Regulators and law enforcement authorities||The Pensions Regulator||To comply with the regulators request of information for the purposes of auditing, detection and prevention of fraud.|
What rights do you have?
|The right of access||You are entitled to see the information we hold about you and can request a copy by emailing firstname.lastname@example.org|
|The right of rectification||if you believe any information we hold about you to be incorrect, please email email@example.com and we will amend the information accordingly.|
|The right to object||You have the right to object the use of your personal data for certain circumstances. In such cases we will take appropriate steps to ensure your request is complied with. Our course of action includes consideration of any legal obligations we must fulfil in regards to providing information to relevant supply services or regulating bodies.|
How to make a complaint
If you are unhappy with the way in which your personal data has been processed, you may in the first instance contact Amrik Birdi using the following contact details:
|Address||2 Colton Square, Colton Street, Leicester, LE1 1QH|