At Avon Pension Fund, protecting your personal information has always been a priority. Our members trust us to handle their data with care, consideration, and confidentiality, and we remain fully committed to honouring that trust.

To support this commitment, we want you to feel confident about when, why, and how your personal information is collected, used, and stored. Our privacy notice explains the types of data we hold, how we use it, the safeguards we have in place, and the rights available to you. We review and update this notice regularly to ensure it reflects current legislation and best practice.

You can find details about how long we keep different types of information in our retention policy. This policy outlines the steps we take to comply with the principles of the UK General Data Protection Regulation (GDPR) and to ensure that personal data is stored only for as long as necessary.

Alongside the UK GDPR and the Data Protection Act 2018, we follow the Data Use and Access Act 2025. This legislation strengthens your rights and increases transparency around how organisations process personal data. We know that understanding data protection legislation can be difficult, so we’ve put together a list of frequently asked questions (FAQs) and answers to help.

GDPR frequently asked questions (FAQs)

What is the UK GDPR?

The UK Data Protection Bill, which has become the Data Protection Act 2018, introduced GDPR into UK law and the 2018 Bill provides clarification for some of the terms that appear in the GDPR. Therefore, the UK GDPR should be read alongside the Data Protection Act 2018.

What is personal data?

Personal data means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Why does Avon Pension Fund hold my personal data?

LGPS funds require various pieces of personal data provided by both the individual, member and their employer in order to administer the pension scheme. This data includes, but is not limited to, names, addresses, National Insurance numbers and salary details which are required to maintain scheme records and calculate member benefits.

How will you use my personal data?

We set out how we will use your data in our privacy notice. This notice describes how we collect and use personal data in accordance with data protection legislation.

What are the UK GDPR's key principles?

The UK GDPR states that personal data must be:

  • processed lawfully, fairly and in a transparent manner
  • collected only for specified, explicit and legitimate purposes
  • adequate, relevant and limited to what is necessary
  • accurate and kept up to date
  • held only for the absolute time necessary and no longer
  • processed in a manner that ensures security of the personal data.

What is the Freedom of Information Act (FOIA)

You have the right to ask to see recorded information held by public authorities. The Freedom of Information Act (FOIA) gives you the right to see information.

There is a different way to make a request if you want information that an organisation holds about you. This includes things like your health records or credit reference files. This is classed as a Subject Access Request (SAR).

A SAR is a request made by or on behalf of an individual for the information which they are entitled to ask for under Article 15 of the UK GDPR.

How do I make a Freedom of Information or a Subject Access Request?

You can submit your request using the Bath and North East Somerset Council website

What is the Data Use and Access Act (DUAA)

The Data Use and Access Act (DUAA) 2025 sets out requirements for public bodies who collect, use, share, and safeguard personal data. For public sector pension schemes, the DUAA strengthens existing UK GDPR and Data Protection Act 2018 obligations by placing a greater emphasis on transparency, lawful data access, and the secure handling of member information. It also clarifies the circumstances in which data may be shared with third parties, including administrators, employers, and government bodies, and requires schemes to demonstrate clear accountability for how member data is managed throughout the lifecycle of pension administration.

What if I have concerns about the way you are processing personal data?

If you’re worried that your personal data has been used in a way that doesn’t feel right, you can tell us through our data protection complaint form. We take every concern seriously and use this process to put things right and improve how we look after your information.

National Fraud Initiative

The Cabinet Office runs the National Fraud Initiative (NFI), an exercise that matches electronic data within and between public and private sector bodies to prevent and detect fraud.

The Avon Pension Fund is required by law to protect the public funds it administers. We may share information provided to us with other bodies responsible for auditing or administering public funds, in order to prevent and detect fraud.

The Cabinet Office currently requires us to participate in a data matching exercise to assist in the prevention and detection of fraud.

Data matching involves comparing computer records held by one body against other computer records held by the same or another body to see how far they match. This is usually personal information. Computerised data matching allows potentially fraudulent claims and payments to be identified. Where a match is found it indicates that there is an inconsistency which requires further investigation. No assumption can be made as to whether there is fraud, error or other explanation until an investigation is carried out.

More information can be found on the Cabinet Office website 

National Insurance Database and Tell Us Once Service

The Avon Pension Fund participates in two national initiatives that involve sharing data about members – the Local Government Pension Scheme (LGPS) National Insurance database and the Tell Us Once service.

NI database

The Avon Pension Fund is participating in NI database sharing project with the other 89 LGPS pension funds in England, Wales and Scotland, in order to comply with legal requirements. These state that, if a member of the LGPS dies, it is necessary for the scheme’s administrators to know if the individual also had other periods of LGPS membership elsewhere in the country so that the right death benefits can be calculated and paid to the deceased member’s dependants.

As the LGPS is locally administered, each pension fund has its own membership records and it can be difficult to tell if an individual has other LGPS records and where these are held. To comply with the requirements set out above, a national database has been developed that will enable funds to check if their members have LGPS pensions records in other pension funds.

The database is hosted at the South Yorkshire Pensions Authority, an LGPS pension fund. The data held on the database will be processed in accordance with the Data Protection Act 2018 and other relevant legislation.

An extract of the membership information contained in the NI database will periodically be shared with the Department for Work and Pensions (DWP) so that the LGPS can join the Tell Us Once service.

Tell Us Once

Tell Us Once is a service offered in most parts of the country when an individual registers a death. When the death of an LGPS member is registered, the DWP systems will ensure that the LGPS pension fund is informed of the death, meaning that the member’s records can be processed more quickly and simply than would otherwise be the case.

For the Tell Us Once service, an extract of the database containing individuals’ NI Numbers will be securely shared with DWP every month so that they may maintain an up-to-date record of the LGPS’s membership.

As mentioned above this information sharing arrangements comply with the Data Protection Act 2018 and other relevant legislation and as this data sharing is partly being undertaken to comply with a legal requirement, it is not possible for scheme members to opt out of the data sharing.

Data Protection complaint form

This form is intended exclusively for raising concerns regarding the handling, processing, or protection of personal data within the scheme. It should only be used where you believe that your personal information may have been collected, accessed, shared, retained, or secured in a manner that could constitute a breach of data protection requirements under the UK GDPR, the Data Protection Act 2018, or the Data Use and Access Act (DUAA) 2025.

If you have any general concerns about how your pension is being managed, please submit them through the Fund’s standard complaints process.

Your details

Your complaint

Please include the following details where applicable:

  • what your complaint is about
  • when it happened
  • who you dealt with
  • how you would like us to resolve the matter

 

Collection of personal data

This form will collect your personal data, such as your name and contact details. This will be used to process your request. It will not be shared with any third parties, unless we have a legal or regulatory reason to do so. You can find out more about how we process personal data and data rights in our Privacy Notice at https://www.avonpensionfund.org.uk/privacy-notice

Also interested in

Privacy notice
Personal Data Retention Policy
Memorandum of Understanding and Data Protection