Privacy Notice

This privacy notice explains how Railpen Limited collects and processes your information.


Data controllership 

Who are we

We are the Railways Pension Trustee Company Limited, RAILPEN Limited, RAILPEN Investments Limited (each with its registered address at 100 Liverpool Street, London EC2M 2AT) and each is registered with the Information Commissioner’s Office (ICO) as a separate "data controller" in respect of personal information handled for the Railways Pension Scheme. We are also a data processor for personal information handled on behalf of our clients in pension schemes such as Zurich, United Utilities and Schneider.

This privacy notice is intended to give you a clear picture of how we handle and protect your personal information. It describes what we collect about you, why, how it is handled, with whom we share it, and where and how long we handle it before it is securely destroyed. 

Scope 

Whose personal information we handle

We handle and protect personal information relating to: 

  • Users of our websites 
  • Members of the public  

Justification for data handling 

Why we use personal information

For data protection purposes we justify the handling of any personal information we receive based on: 

  • our legitimate interests - handling your personal information for ours or a third party’s legitimate business interests provided e.g. to improve our products and services and how we present them on our websites and other material. they do not override your rights or freedoms  
  • your consent – users visiting our website can give and withdraw their consent to the use of all non-essential cookies at any time via our website or their Internet Browser. 

substantial public interests – such as but not limited to, to establish, exercise or defend our legal rights or for the purpose of legal proceedings 

our legal obligations - we may have to handle your personal information to comply with legislation or regulatory instruction from time to time.

Reasons for handling your personal information Examples
Communicate our products and services to you 
  • Provide our websites to you 
  • Communicate with you about new products and services, and other information which we believe you may find interesting 
  • Comply with our legal obligations, any relevant industry or professional rules and regulations or any applicable voluntary codes 
To make sure our website is secure 
  • Monitor our IT systems in order to protect against cyber threats or malicious activity including abuse and misuse 
  • Administer or maintain IT and communications systems in order to uphold standards of service 
To improve our services 
  • Assess the ease with which you can find information on our website 
  • Assess the pages you click on when on our websites  
  • Undertake market research 
  • Keep our records up to date 
  • Review and improve the information provided on our websites to ensure they are user friendly and to prevent any potential disruptions or cyber-attacks 

Cookies deployed on our websites 

Name   Category   Duration   Description  
ARRAffinity https  Necessary   session   ARRAffinity cookie is set by Azure app service, and allows the service to choose the right instance established by a user to deliver subsequent requests made by that user.  
ARRAffinitySameSite https  Necessary   session   This cookie is set by Windows Azure cloud, and is used for load balancing to make sure the visitor page requests are routed to the same server in any browsing session.  
cookieyesID https  Necessary   1 year   Cookie Yes sets this cookie as a unique identifier for visitors according to their consent.  
cky-consent https  Necessary   1 year   Cookie Yes sets the cookie to remember the user's consent settings so that the website recognises them the next time they visit.  
cookieyes-necessary https  Necessary   1 year   CookieYes sets this cookie to remember the consent of users for the use of cookies in the 'Necessary' category.  
cookieyes-functional https  Necessary   1 year   CookieYes sets this cookie to remember the user's consent for using cookies in the 'Functional' category.  
cookieyes-analytics https  Necessary   1 year   CookieYes sets this cookie to remember the user's consent for cookies in the 'Analytics' category.  
cookieyes-performance https  Necessary   1 year   CookieYes sets this cookie to remember the user's consent for cookies in the 'Performance' category.  
cookieyes-advertisement https  Necessary   1 year   CookieYes sets this cookie to remember the consent of users for the use of cookies in the 'Advertisement' category.  
cookieyes-other https  Necessary   1 year   CookieYes sets this cookie to remember the consent of users for the use of cookies in the 'Other' category.  
cky-action https  Necessary   1 year   CookieYes sets this cookie to remember the action taken by the user.  
_hjAbsoluteSessionInProgress https   Functional   29 minutes   Hotjar sets this cookie to detect a user's first pageview session, which is a True/False flag set by the cookie.  
__sharethis_cookie_test__ https  Functional   session   ShareThis sets this cookie to track which pages are being shared and by whom.  
__cf_bm https   Functional   30 minutes   Cloudflare set the cookie to support Cloudflare Bot Management.  
_ga_*https  Analytics   1 year 1 month 4 days   Google Analytics sets this cookie to store and count page views.  
_ga https  Analytics   1 year 1 month 4 days   Google Analytics sets this cookie to calculate visitor, session and campaign data and track site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognise unique visitors.  
_gid https  Analytics   1 day   Google Analytics sets this cookie to store information on how visitors use a website while also creating an analytics report of the website's performance. Some of the collected data includes the number of visitors, their source, and the pages they visit anonymously.  
_gat_UA-*https  Analytics   Less than a minute   Google Analytics sets this cookie for user behaviour tracking.  
_hjFirstSeen https  Analytics   29 minutes   Hotjar sets this cookie to identify a new user’s first session. It stores the true/false value, indicating whether it was the first time Hotjar saw this user.  
vuid https  Analytics   1 year 1 month 4 days   Vimeo installs this cookie to collect tracking information by setting a unique ID to embed videos on the website.  
CONSENT https  Analytics   2 years   YouTube sets this cookie via embedded YouTube videos and registers anonymous statistical data.  
hjSessionUser_*https  Analytics   1 year   Hotjar sets this cookie to ensure data from subsequent visits to the same site is attributed to the same user ID, which persists in the Hotjar User ID, which is unique to that site.  
_hjSession_*https  Analytics   29 minutes   Hotjar sets this cookie to ensure data from subsequent visits to the same site is attributed to the same user ID, which persists in the Hotjar User ID, which is unique to that site.  
_hjTLDTest  Analytics   Session   To determine the most generic cookie path that has to be used instead of the page hostname, Hotjar sets the _hjTLDTest cookie to store different URL substring alternatives until it fails.  
YSC https   Advertisement   session   Youtube sets this cookie to track the views of embedded videos on Youtube pages.  
VISITOR_INFO1_LIVE https   Advertisement   5 months 27 days   YouTube sets this cookie to measure bandwidth, determining whether the user gets the new or old player interface.  
_hjIncludedInSessionSample_2940004 http   Others   1 minute   Description is currently not available.  
TEMPDATA  https   Others   past   Description is currently not available.  
ANTIFORGERY   https   Others   session   Description is currently not available.  
VISITOR_PRIVACY_METADATA   Others   5 months 27 days   Description is currently not available.  

In order to handle your personal information for the above reasons we may collect and use the following types of personal information about you or those visiting our websites or otherwise engaging with us: 

Personal details  Computer/device information 
  • Name  
  • Occupation and Job title 
  • Email address 
  • Phone number 
  • Postal address  
  • Date of birth  
  • Your device’s IP (Internet Protocol) address  
  • Your device types 
  • Country and geographic information  
  • Webpages visited including the date and time those pages were visited  
  • Documents downloaded 
  • Security incidents 

Data sources 

Where we get your personal information from

We obtain information from users of our website from you by you providing it or us or third parties we work with analysing how you arrived at our website or how you behave whilst on our website. 

Data sharing 

With whom we share your personal information 

From time to time, we may need to share your information with other parties. Where this is necessary, we are required to comply with all relevant data protection legislation. The types of third parties we may need to share some of your information with include: 

IT suppliers 
  • companies that provide services to us, such as IT and communication providers, including providers of cloud services and cyber security services  
Professional advisory services
  • third parties in order to verify your identity as well as to prevent and detect fraud 
Other third parties
  • if we sell any part of our business or our assets, in which case we may need to disclose your personal information to the prospective buyer for due diligence purposes or continued use of your personal information. 
Law enforcement, judicial and local authorities 
  • if we are under a duty to disclose or share your personal information in order to comply with any legal obligations, or any lawful request from any legal or regulatory authority; and/or  
  • to respond to any claims, and to establish, exercise or defend our legal rights.  

Most third parties with whom we share your personal information are limited (by law and by contract) in their ability to use your personal information for the specific purposes identified by us.

Sharing your personal information overseas

Our core systems, data, and administration services are all carried out and stored within the UK. 

Where it is necessary to transfer your personal information outside the UK, we will ensure that the correct safeguard is used so that your personal information is protected to an equivalent extent, as it would be if it remained in the UK. This is usually by transferring to a country that is approved as having essentially equivalent data protections under the UK Adequacy Regulations or by carrying out a Transfer Risk Assessment, and where appropriate, the receiving party putting in place an International Data Transfer Agreement designed by the ICO.  

Data security and access 

How do we keep your personal information secure  

We are committed to protecting your personal information from loss, misuse, disclosure, alteration, unauthorised access, and destruction. We take all reasonable precautions to safeguard the confidentiality, integrity, and availability of personal information. 

Although we make every effort to protect your personal information, the transmission of information over the Internet is not completely secure. As such, you acknowledge that we cannot guarantee the security of personal information transmitted to us over the internet and that any such transmission is at your own risk. 

Once we have received your personal information, we will use strict procedures and security features to prevent unauthorised access (and take steps to ensure that any third parties with whom we share your personal information do the same). 

We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it. 

Data Retention 

How long we keep your personal information

We will only retain your personal information for as long as necessary. Necessity will be based on our legal obligations, regulatory guidance, and industry good practice. We have documented how long we keep records containing personal information and why in polices and standards on retention and destruction.  

In some circumstances, we may anonymise your personal information instead of destroying it so that it can no longer be associated with you but where the anonymised data can be used to add value to our products and services. 

Our standard policy is for information to be kept for only as long as necessary for the purposes set out above. It is then disposed of in a managed and secure way.  

Rights and obligations 

Your rights

You have several rights under data protection law. These include the right to: 

  • receive a copy of the personal information we hold about you 
  • request personal information to be amended if it is inaccurate or incomplete 
  • request the deletion or removal of personal information where there is no compelling reason for its continued use  
  • block or restrict the processing of your personal information 
  • object to the handling of your personal information 

There is also a right under GDPR (General Data Protection Regulation) to receive your personal information (in a structured, commonly used, and machine-readable format) and to transfer it  to another service provider or data controller. This right applies where your personal information is being handled on the basis of your consent or in line with a contract to which you are party. Please note that, for the majority of pension scheme members, this is not applicable as we rely on our legitimate business interest to protect and handle your personal information rather than individual consent or contracts. 

You also have the right to appeal against any profiling or automated decision-making. Please note that, as defined by data protection law, Railpen does not create profiles nor make any automated decision making, i.e.have processes where you interact only with a computer that then makes a decision about you AND you can’t even ask a human to review to review the computer’s decision.   

In order to exercise any of the above rights please contact our DPO (Data Protection Officer) as per the email or postal address below. 

If you fail to provide personal information

If you fail to provide certain information when requested, we may not be able to provide our services to you or we may be prevented from complying with our legal obligations (such as to prevent fraud). 

Your rights to lodge a complaint with the Regulator

At all times, you have the right to report a concern or lodge a complaint with the Information Commissioner’s Office. Please refer to the ICO at https://ico.org.uk/concerns/ or by calling them on 0303 123 1113. Of course, we hope that we can resolve your issue quickly and fairly ourselves. 

Data protection officer

We have appointed a data protection officer (DPO) to oversee compliance with this privacy notice. If you have any questions about this privacy notice or how we handle your personal information, please contact the DPO at: dataprotectionoffcier@railpen.co.uk or write to him at: Railpen, 7th Floor, 100 Liverpool St, London, EC2M 2AT. 

Changes to this privacy notice 

We reserve the right to update this privacy notice at any time, and we will provide you with a new privacy notice when we make any substantial updates. We may also notify you in other ways from time to time about the processing of your personal information.