Skip to main content
Home

Menu 

Participating Employer Personal Data Retention Policy

Gower College Swansea (the "Employer" and "we")

This document has been prepared by the Employer, in its capacity as a scheme employer in the City and County of Swansea Pension Fund (the "Fund") and sets out the Employer’s policy on the retention of personal data relating to its employees who are members of the Fund, in accordance with data protection legislation, applicable to the Employer when processing personal data.

Introduction

As controllers, we are required by data protection to comply with the principles of data minimisation and storage limitation. Personal data we process:

  • must be adequate, relevant and limited to what is necessary in relation to the purposes for which it is processed; and
  • must not be kept in a form which permits identification of a data subject for longer than is necessary for the purposes for which the personal data is processed.

We are obliged to retain certain records (whether in hard copy or electronic form) for various periods of time because:

  • we have a statutory obligation[1] to do so; and/or
  • the information contained in those records may be necessary for the future (for example, questions may arise about the calculation of benefits either to be put into payment or that have been paid in the past, and data that may be relevant to a possible legal claim needs to be kept until the period within which that claim could be brought has expired).

This policy document sets out the measures adopted by the Employer to comply with the principles of data minimisation and storage limitation in relation to personal data that we hold and process for the purposes of the Fund. 

Types of personal data we hold[2]

We hold and process the following types of personal data in relation to our current and former employees who are Members of the Fund:

  • Contact details, including name, address, telephone numbers and email address.
  • Identifying details, including date of birth, national insurance number and employee and membership numbers.
  • Information that is used to calculate and assess eligibility for benefits, for example, length of service, history of hours worked or membership and salary information necessary for the calculation of the Member's benefits in the Fund.
  • For current employees, information about the Member’s family, dependants or personal circumstances, for example, marital status and information relevant to the distribution and allocation of benefits payable on death in service.
  • Information about the Member’s health, for example, to assess eligibility for benefits payable on ill health, or where the Member’s health is relevant to a claim for benefits following their death.
  • Information about a criminal conviction if this has resulted in the Member owing money to the Employer or the Fund and the Employer or Fund may be reimbursed from the Member’s benefits.

Retention periods for personal data[3]

In compiling our policy on the retention of personal data, we have taken into account the guidelines on the retention of personal data as set out by / in: 

  • Information and Records Management Society;
  • The National Archives;
  • HMRC compliance handbook manual CH15400;
  • Information Commissioner’s Office’s guidance on storage retention; and
  • The Pensions Regulator’s code of practice 14 for public service pension schemes.

Data protection legislation requires that we retain personal data for no longer than is necessary in order to fulfil the purpose(s) for which it is processed.  Given the long term nature of pensions, we need to ensure that personal data is retained to:

  • comply with our legal and regulatory obligations as a participating employer regarding the payment of benefits from the Fund; and
  • deal with any questions or complaints that we or the Fund may receive about a Member’s or other beneficiary’s entitlement to benefits from the Fund.

We will retain personal data for a maximum period of twenty years[4] after termination of employment.[5]

During any period when we retain personal data, we will keep that personal data up to date and take all reasonable steps to ensure that inaccurate data is either erased or rectified without delay. We will periodically review the personal data that we retain and consider whether it is still required; any personal data that we no longer require will be destroyed.[6] 

Member’s and beneficiary’s rights

Beneficiaries form a wider category of people who receive benefits from the Fund, for example the active/deferred/pensioner member’s spouse / child(ren) / dependants).[7]  Members of the Fund and beneficiaries have a right to access and obtain a copy of the personal data that we hold about them and to ask us to correct personal data if there are any errors or it is out of date or incomplete. 

In certain circumstances a Member / beneficiary has the right to:

  • object to the processing of their personal data
  • restrict[8] the processing of their personal data until any errors are corrected;
  • transfer their personal data; or
  • erase[9] their personal data. 

If the exercise of the Member’s / beneficiary’s rights would prevent us from providing the personal data to the City and County of Swansea Council in order for the payment or continued payment of benefits from the Fund, we will consider retaining a minimised version of that Member’s / beneficiary’s personal data in order to fulfil our legal obligations.[10]

Review

This policy will be reviewed by the Vice Principal People & Wellbeing at least annually.

8 Please consider whether any personal data other than that listed is held or processed by the Employer. Any personal data that the Fund generates and holds independently of the Employer can be deleted (e.g. bank account details if only provided directly by Members to the Fund). This list should be conformed to the Employer’s and the Fund’s privacy notices.

9 The Article 29 Working Party guidelines on retention periods state that meaningful information about the likely period of retention should be provided to data subjects and a generic statement in the privacy notice is not appropriate. This retention policy should, therefore, set out defined periods beyond which different categories of personal data will no longer be held (and, should include separate periods for different categories of data where this is appropriate). For example, it is unlikely to be justifiable to retain bank details for beneficiaries once they cease to be entitled to receive benefit payments) The EU GDPR does not prescribe a specific time period beyond which particular categories of personal data are required to be deleted but does make it clear that data must not be kept for longer than necessary.  Scheme Employers should be aware that if they do not specify defined periods for which personal data will be held, and then put measures in place to delete data after the end of the relevant period this is unlikely to comply with the GDPR. See Articles 5(1) and 5(2), and in particular Article 5(1)(c) - (e) of the GDPR and Recital 39 of the GDPR. 

Therefore, whilst we note that:

  • (to the extent applicable to the scheme employer), the Lord Chancellor’s Code of Practice on the management of records issued under section 46 of the Freedom of Information Act 2000 refers to records being kept as long as they are needed by the authority: for reference or accountability purposes, to comply with regulatory requirements or to protect legal and other rights and interests (paragraph 12.2); and
  • the Information and Records Management Society states that certain records will need to be retained indefinitely where they evidence pension or other benefit entitlements; 

a suggested specific default timeframe for the retention of personal data has been included in this policy   Employers will need to consider the extent to which the suggested wording matches their actual (or intended future) practice and requirements. Employers should also consider whether different retention periods should be adopted and set out here for different categories of data, if certain categories will not be required for this full default timeframe.  

Retaining personal data indefinitely, either because scheme employers believe that is appropriate (e.g. because the data might need to be referred to in the future given the long term nature of pension liabilities), or because in practice it is not possible within the constraints of the personnel or administration system to implement a destruction policy for selected data relating to a particular individual, is unlikely to comply with the GDPR. Although we are not aware of the Information Commissioner having issued guidance in this area that is specific to pension schemes and we consider the risk of retrospective sanction by the ICO in this area to be low, we anticipate that this will be an area in which good practice will continue to develop. Consequently we recommend that scheme employers consider proactively putting in place a policy with defined period(s) beyond which personal data will not be held (within the constraints of an acknowledged need to retain at least some personal data for a significant period of time, in order to administer benefits and deal with potential future queries). If there are certain categories of personal data that scheme employers / funds consider are not needed for as long a period (e.g. bank account details; underlying benefit calculation information for a Member who has transferred-out more than a specified number of years ago) then it would be advisable to adopt a shorter retention period for such categories. It is possible that individual scheme employers will have shorter data retention periods for their employment personal data more generally; Funds will need to understand when personal data will be destroyed and check that the Employer’s policy will allow them sufficient opportunity to obtain all personal data that the Fund requires (and enable any subsequent queries or checks for a sufficient period).

11 The suggested period of "fifteen years after termination of employment" is based on the current maximum statutory limitation period, as any complaints about the calculation of either deferred or pensioner benefits would usually be expected to be brought within that timeframe. 

12 This will need to be tailored to fit the circumstances of the individual scheme employer.  The Fund will hold the relevant information for the greater of "100 years from date of birth" and "last payment of benefits to the Member/beneficiary plus 15 years", however the Fund is conscious that individual scheme employers may have their own individual data retention policies in place.

6The GDPR states that while the data is being retained, the controller is also under an obligation to keep personal data up to date and to take every reasonable step to ensure that inaccurate data is either erased or rectified without delay.  Consideration should also be given to "filleting" the data held, so that individual items are not retained for longer than actually required. For example, it may be appropriate to destroy bank account details within a shorter period of a benefit ceasing to be payable. We recommend that Employers adopt shorter retention periods for particular categories of data (see note 9 above) and conduct a periodic audit of personal data held, with a view to destroying any that is no longer required in relation to a particular Member or beneficiary.

7 Funds to consider whether employers provide personal data about beneficiaries in practice and amend the template accordingly if required.

8 See Article 18 of the GDPR. The scheme employer should restrict the processing of the personal data (subject to certain exceptions e.g. storage or to defend a legal claim or for reasons of important public interest) in a number of circumstances specified in Article 18. These include where the individual has contested the accuracy of the personal data. The processing would also have to be restricted where the individual has raised an objection for any reason, and the scheme employer's justification for the processing is based on Article 6(1)(e) or (f) i.e.the necessity to: perform a task in the public interest or pursuant to an official authority; or (if applicable) in its legitimate interests. The restriction will last until the scheme employer is able to verify the accuracy of the personal data or demonstrate an overriding  justification for its processing respectively. For reference, note: Article 21(1) contains the right of the data subject to object to the processing of personal data in circumstances relating to the individual, where the controller is relying on the justifications in Article 6(1)(e) or (f), which includes those mentioned immediately above. Under Article 21(2), the right to object also includes where personal data is used for direct marketing purposes and profiling for that purpose.

9 See Articles 17(1) and 17(2) of the GDPR. This information should be included in the policy notwithstanding that in relation to the LGPS it is not anticipated that Members will in practice have a right of erasure (due to the legal basis for which personal data is collected and processed).

10 See Article 17(3) of the GDPR. Article 18(2) and 18(3) provide exceptions to the right of the Member to restrict the processing of personal data in certain circumstances.

© Gower College Swansea 2025 | All Rights Reserved