This Notice is for members (and beneficiaries) of the Avon Fire Authority Firefighters’ Pension Schemes (the "Schemes"), and has been prepared by Avon Fire Authority (the "AFA") in its capacity as the manager of the Scheme (the "Scheme Manager") and the Data Controller.
This notice applies to all of the following schemes:
- Firefighters’ Pension Scheme 1992,
- Firefighters’ Pension Scheme 2006,
- Firefighters’ Pension Scheme 2015,
- Modified Firefighters’ Pension Scheme.
The categories of the information we collect, process, hold and share include:
- contact details (e.g. name, address, telephone number, email address),
- identifying details, including date of birth, national insurance number, and employee and membership numbers,
- information used to calculate and assess eligibility for benefits (e.g. length of service, or membership and salary information),
- financial information relevant to the calculation or payment of benefits (e.g. bank account and tax details,
- information about your family, dependents or personal circumstances, marital status, and information relevant to the distribution and allocation of benefits payable on death),
- information about your health, to assess eligibility for benefits payable on ill health, or where your health is relevant to a claim for benefits following the death of a member of the Scheme,
- information about a criminal conviction where this may result in pension forfeiture.
Why we hold information, and when we use it
We hold personal data about you in our capacity as Data Controller for the proper handling of all matters relating to the Scheme, including administration and management, and this includes the need to process your data for the following reasons:
- to contact you,
- to calculate, secure, and pay your benefits,
- for statistical and financial modelling (for example, assessing how much money is needed to provide members' benefits),
- for reference purposes (e.g. when we assess how much money is needed to provide members benefits, or inform the Government of any additional funding requirements),
- to manage liabilities and administer the Schemes generally,
- to assess eligibility for, calculate, and provide you with benefits (and, if you are a member of the Scheme, to do the same for your beneficiaries),
- to identify your potential or actual benefit options and, where relevant, implement those options,
- to comply with our legal and regulatory obligations as Scheme Manager,
- to address queries from members and other beneficiaries, and to respond to any actual or potential disputes concerning the Scheme.
Under the General Data Protection Regulation (GDPR) 2016 and the Data Protection Act 2018 (DPA), we can only process personal data if we have a lawful basis for doing so. The two main reasons are:
- if we need to satisfy our legal obligations as Scheme Manager under the Superannuation Act 1972 and the Pensions Act 2014,
- if we need to meet our contractual obligations, or you’ve asked us to take steps before entering into a contract in relation to the Scheme.
The majority of personal data we process will fall under the same lawful basis for that of our current employees, such as either with your consent, compliance with a legal obligation, to fulfil our public duties (public task) as a Fire & Rescue Service, or for legitimate interests.
The same will also apply to special category (sensitive personal) data, although the most common will be with your explicit consent (expected to be written), or for the purposes of performing or exercising our obligations in connection with employment, social security or social protection (Paragraph 1(1) (a) of Part 1 of Schedule 1 of the Data Protection Act (DPA) 2018).
There’s further information about special category data and processing on the Information Commissioner’s website
Most of the information we hold has been provided by you. We may also have received data (for example, salary information) from a current or past employer, from a member of the Fund (if you are or could be a beneficiary due to that person’s membership), and from a variety of other sources including public databases (such as the Register of Births, Deaths and Marriages), our advisers, and government or regulatory bodies like those in the list of organisations listed below that we may share your personal data with.
If you need to provide us with personal data about anyone else (a family member, a dependant, or anyone who is a potential beneficiary under the Scheme), please make sure you tell them what’s in this Privacy Notice.
Your personal information is kept for as long as we need it to fulfil the purpose of providing your pension entitlement under the Scheme, so this is until it ceases (either to you or your beneficiary) unless the law requires us to keep it for a longer period.
Some data will be kept after benefits stop being paid, so the Fund can deal with any questions or complaints arising from your pension, for Scheme administration purposes, to comply with our legal and regulatory requirements, or for broader research on Fire Fighter pensioner longevity.
Your personal data may also need to be kept if you’ve received a transfer or refund from the Scheme, for the above reasons.
Civil Contingency Planning
We may use your data to contact you but only when it is fair and reasonable so that we can perform our public task duties (as per GDPR 6e) as a Fire & Rescue Service, to fulfil our duties under the Civil Contingencies Act 2004, to support our partners, and for public health reasons in times of crisis (such as the COVID-19 national pandemic).
Who we share information with and why
Avon Pension Fund (APF) is managed by Bath & North East Somerset Council (BANES), who have been appointed to administer the Scheme on behalf of Avon Fire Authority (AFA). They act as a Data Processor, with the information passed to them for the specific processing purposes of administering the Schemes.
The AFA has a Firefighters Pension Scheme Board who assists the AFA (as the Scheme Manager) in administering the various Firefighter Pension Schemes by providing governance and scrutiny of policies, pension documentation, decisions and outcomes.
APF and AFA may need to share data with the following third party organisations if we have a legal or contractual obligation or a legitimate interest to do so:
- tracing bureaus for mortality screening and locating members - currently Lexis Nexis, Accurate Data Services, ATMOS (UK mortality screening) and Western Union (for overseas mortality screening),
- overseas payments provider to transmit payments to scheme members with non-UK accounts (currently Western Union),
- printing companies (currently Bath & North East Somerset Council Print Services),
- pensions software provider (currently Aquila Heywoods Ltd and i-Connect),
- suppliers of IT, document production and distribution services,
- Avon Fire Pensioners Association,
- statutory, external and internal auditors,
- The Department for Work and Pensions,
- The Pensions Regulator,
- The Pensions Ombudsman,
- The Government Actuary's Department,
- The Cabinet Office (for the purposes of the National Fraud Initiative),
- Her Majesty's Revenue and Customs (HMRC),
- The Courts of England and Wales (for the purpose of processing pension sharing orders on divorce).
In each case we’ll only do this if we consider it’s reasonably required for these purposes. We won’t use your personal data for marketing purposes and won’t share data with anyone for the purpose of marketing to you or any beneficiary.
We may need to provide your data to the government bodies, dispute resolution and law enforcement organisations listed above when requested or if we consider it’s reasonably required, and they may use the data to carry out their own statutory functions, functions in relation to the Scheme, business administration and regulatory purposes, or statistical and financial modelling and planning (such as calculating expected average benefit costs and mortality rates). They may also pass the data to other third parties if they consider that’s reasonably required for a legitimate purpose.
Further information about the GDPR and Data Protection Act is on the Information Commissioner’s website at www.ico.org.uk.
All our Privacy Notices are on our website at www.avonfire.gov.uk/privacy, with information about how we comply with data protection legislation, your rights, and how to submit a request for personal information at www.avonfire.gov.uk/guide-to-published-information/data-protection.
Last reviewed 30/04/2020