Royal London pensions and services app privacy notice

This notice describes how we collect, store, use and share personal information in relation to our Pensions and Services App (the “App”).

1. Who we are

When we say ‘we’ or ‘us’ in this notice we’re referring to Royal London Mutual Insurance Society Limited, a company registered in England and Wales (registration number: 99064).

2. What personal information will we hold about you and how do we use this information?

As a customer of Royal London, we use your information in a number of ways:

App Access and Identification

To access your plan details  through the App, you will need to provide the following information when you first download the App so that we can identify you and your plan details:

  • Plan Number
  • Surname
  • Date of Birth
  • Post Code
  • NI Number
  • Email Address
  • Mobile phone number

Ongoing Access

 To access the App on an ongoing basis, we will ask for the following information:

  • Username (your email address)
  • Password
  • Mobile Number

Your mobile number will only be used for password reset purposes. This information is stored with your username and password and we retain these details whilst you continue to be a customer of Royal London.

You can also activate “Touch ID” to access the App. Please note that this biometric data is held on your device and Royal London doesn’t have access to this information.

Plan Changes & Authorisation

For certain features within the App, we’ll use the information you provide via the App to process your request.  For example, where you are using our ‘pay in’ feature and are authorising a transfer of an existing plan to Royal London, or you are adding nominated beneficiaries to your plan, information entered into the App that we would use to process your request may include:

  • Plan number you are thinking of transferring
  • Name of ceding provider that the plan is held with
  • Beneficiary name, relationship and % allocation
  • Your electronic authorisation to proceed with the request

Information we already hold about you which we would use with the ceding provider to process your request would include:

  • Name
  • Address
  • Date of Birth
  • National insurance number
  • Relevant contact details

Push Notifications

Where you opt in to receive push notifications, we’ll send notifications to your device through the App. We’ll use notifications to provide you with:   

  • information about Royal London and its initiatives (for example, ProfitShare and membership information),
  • information produced by Royal London on financial affairs and financial wellbeing
  • information in relation to plan(s) you have with us. 

Analytics and App Development

We’ll collect information on how and when you use our App, including:

  • the screens you access
  • the time and date you access the App
  • the make and model of your mobile device
  • the operating system, like iOS and Android

We collect this information through Google Analytics and use it to enhance our App and improve your experience. We don’t have access to your IP address. Google do, but they don’t keep it. You should also read Google's privacy policy so you’re familiar with how they use your data.  Google Analytics data is held for a maximum of 26 months.

We also use Splunk analytics to collect and analyse how and when you use the app. This is a 3rd party analytical tool which engages with machine data. Your personal data isn’t shared with Splunk. Royal London use this information alongside existing information we hold about you and your plan to enhance our App and improve your experience.  Splunk Analytics data is held for 12 months.

Royal London Pensions Privacy Notice

For further information on how we use your personal information for your pension plan in general, please visit royallondon.com/privacy

3. What are our legal grounds for using your personal information?

Data Protection gives organisations different conditions to allow us to process your information lawfully. We’ll only use your personal information when one of these conditions has been met. Below you can see how we use your information when you use our mobile App, and our legal grounds for processing this information:

Legal Grounds Use of Your Information
Necessary for contract

 

Access to the App
When you engage with our App to view your pension plan information, you do so per the obligations of the End User License Agreement (EULA).

Plan Changes and Authorisation
Where you authorise us to process or complete a transaction (e.g. if you use the “pay in” facility), we will use this authorisation to make changes to your pension plan per your instructions.

Consent
Your personal information may be processed when we receive your consent.

The consent you provide must be freely given, informed, specific, unambiguous and be given with a positive affirmative action.

Your consent can be withdrawn at any time (please refer to Section 11).

Push Notifications
You have the option to sign up for push notifications through the App, which are pushed by us from the App to your mobile device.

At any time, you can manage your notification preferences or deactivate them by turning off the notification settings in your mobile device settings. Turning off push notifications will not impact the use of the App.

If you consent to receive push notifications, you are consenting to Royal London using your personal information to provide these notifications to you.   

Necessary for Legitimate Interests
We also use your information when we have a ‘legitimate interest’ and that interest is not outweighed by your privacy rights. Each activity is assessed, and your rights and freedoms are considered to make sure we’re not being intrusive or doing anything beyond your reasonable expectation. We’ll assess the information we need, so we only use the minimum.

If you want further information about processing under legitimate interests, you can contact us using the details in Section 11.

You also have the right to object to any processing done under legitimate interests. We’ll re-assess the balance between our interests and yours, considering your particular circumstances. If we have a compelling reason, we may still continue to use your information.

In relation to our App, we use legitimate interests for the following:

Use of Your Information Legitimate Interests

Analytics and App Development
We collect customers’ usage and technical information to help us to understand how the App is being used and to help us to decide on future enhancements that we might want to make to it.

As part of this analysis, we look at App usage information to analyse which of our customers have downloaded the App so that we can understand if there are segments of customers who don’t use this platform.

We need to be able to offer our customers different digital platforms to engage with us in relation to their plan.

Technical data gathered helps us to ensure that our App is secure, functions as expected, and meets our customers’ needs.

We need to make customers aware of the platforms that they can use to engage with their plan.

We need to grow and sustain our business, develop our brand and communicate with our members effectively.

4. Who sees and uses my personal information?

Certain employees of Royal London are given access to your personal information. We also share your information with other companies, but we only use trusted third parties, such as:

  • IT companies (Google Analytics)
  • Auditors
  • Legal advisers and legal/regulatory bodies, including the Information Commissioner’s Office (ICO)

For transactions authorised via the App, we’ll share certain information with relevant parties that are required to carry out your wishes.  This would include another pension provider where you are looking to transfer another pension plan held by that provider to Royal London.

We make sure the use of your information is protected and we’ll never sell your information.

5. Overseas transfers

Our App is hosted and supported by Royal London staff, so we don’t need to transfer your information outside of the EU (the UK and Ireland).

6. How long do we keep your personal information?

If you delete our App from your mobile device, you will still be able to access our online services with your account log-in details.  Deletion of the App will not impact the data that we hold about you to administer your pension. Please refer to our full privacy notice for further details.

We will only keep App usage information  for the timeframes noted in section 2.

7. What are my rights?

  • Access – You have the right to find out what personal information we hold about you.
  • Rectification – If any of your details are incorrect or incomplete, you can ask us to correct them for you.
  • Erasure – You can ask us to delete your personal information in some cases.
  • Object – If you have concerns about how we’re using your information for analysis, you have the right to object.
  • Restriction – You have the right to restrict the use of your information in some circumstances.
  • Data portability – you can ask us to send an electronic copy of some of your information, either to you or to another organisation.

If you wish to exercise any of these rights, please contact us using the details in Section 11.

8. Right to complain to the supervisory authority?

If you are unhappy with how we use your information, you have the right to complain to the Information Commissioner’s Office. We would encourage you to contact us first, so we can help with your concerns.

The Information Commissioner’s Office can be contacted at Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF.

9. Changes to the way we use your information

If we want to use your personal information for a new purpose which we haven’t previously told you about, we’ll contact you to explain the new use of your information. We’ll set out why we’re using it and our legal reasons.

10. Changes to our privacy notice

Making sure that we keep you up to date with privacy information is a continuous responsibility and we keep this notice under review. We’ll update our notice as changes are required.

This privacy notice was last updated on 16 July 2021.

11. Contact us

If you have any questions or comments regarding this privacy notice, or if you’re not happy with the way Royal London uses your information, please contact us using the details below. You can also call if you want this information in another format such as Braille, large print or audio.

How to contact our Data Protection Officer (DPO)

By email: GDPR@royallondon.com

By telephone: 0800 085 8352

By writing to us:

Data Protection Officer
Royal London
Royal London House
Alderley Park
Congleton Road
Nether Alderley
Macclesfield SK10 4EL