Royal London pensions and services app privacy notice
This notice describes how we collect, store, use and share personal information in relation to our Pensions and Services App (the “App”).
1. Who we are
When we say ‘we’ or ‘us’ in this notice we’re referring to Royal London Mutual Insurance Society Limited, a company registered in England and Wales (registration number: 99064).
2. What personal information will we hold about you and how do we use this information?
As a customer of Royal London, we use your information in a number of ways:
App Access and Identification
To access your plan details through the App, you will need to provide the following information when you first download the App so that we can identify you and your plan details:
- Plan Number
- Surname
- Date of Birth
- Post Code
- NI Number
- Email Address
- Mobile phone number
Ongoing Access
To access the App on an ongoing basis, we will ask for the following information:
- Username (your email address)
- Password
- Mobile Number
Your mobile number will only be used for password reset purposes. This information is stored with your username and password and we retain these details whilst you continue to be a customer of Royal London.
You can also activate “Touch ID” to access the App. Please note that this biometric data is held on your device and Royal London doesn’t have access to this information.
Plan Changes & Authorisation
For certain features within the App, we’ll use the information you provide via the App to process your request. For example, where you are using our ‘pay in’ feature and are authorising a transfer of an existing plan to Royal London, or you are adding nominated beneficiaries to your plan, information entered into the App that we would use to process your request may include:
- Plan number you are thinking of transferring
- Name of ceding provider that the plan is held with
- Beneficiary name, relationship and % allocation
- Your electronic authorisation to proceed with the request
Information we already hold about you which we would use with the ceding provider to process your request would include:
- Name
- Address
- Date of Birth
- National insurance number
- Relevant contact details
Push Notifications
Where you opt in to receive push notifications, we’ll send notifications to your device through the App. We’ll use notifications to provide you with:
- information about Royal London and its initiatives (for example, ProfitShare and membership information),
- information produced by Royal London on financial affairs and financial wellbeing
- information in relation to plan(s) you have with us.
Analytics and App Development
We’ll collect information on how and when you use our App, including:
- the screens you access
- the time and date you access the App
- the make and model of your mobile device
- the operating system, like iOS and Android
We collect this information through Google Analytics and use it to enhance our App and improve your experience. We don’t have access to your IP address. Google do, but they don’t keep it. You should also read Google's privacy policy so you’re familiar with how they use your data. Google Analytics data is held for a maximum of 26 months.
We also use Splunk analytics to collect and analyse how and when you use the app. This is a 3rd party analytical tool which engages with machine data. Your personal data isn’t shared with Splunk. Royal London use this information alongside existing information we hold about you and your plan to enhance our App and improve your experience. Splunk Analytics data is held for 12 months.
Royal London Pensions Privacy Notice
For further information on how we use your personal information for your pension plan in general, please visit royallondon.com/privacy
3. What are our legal grounds for using your personal information?
Data Protection gives organisations different conditions to allow us to process your information lawfully. We’ll only use your personal information when one of these conditions has been met. Below you can see how we use your information when you use our mobile App, and our legal grounds for processing this information:
Legal Grounds | Use of Your Information |
---|---|
Necessary for contract
|
Access to the App Plan Changes and Authorisation |
Consent The consent you provide must be freely given, informed, specific, unambiguous and be given with a positive affirmative action. Your consent can be withdrawn at any time (please refer to Section 11). |
Push Notifications |
Necessary for Legitimate Interests If you want further information about processing under legitimate interests, you can contact us using the details in Section 11. You also have the right to object to any processing done under legitimate interests. We’ll re-assess the balance between our interests and yours, considering your particular circumstances. If we have a compelling reason, we may still continue to use your information. In relation to our App, we use legitimate interests for the following: |
|
Use of Your Information | Legitimate Interests |
Analytics and App Development As part of this analysis, we look at App usage information to analyse which of our customers have downloaded the App so that we can understand if there are segments of customers who don’t use this platform. |
We need to be able to offer our customers different digital platforms to engage with us in relation to their plan. Technical data gathered helps us to ensure that our App is secure, functions as expected, and meets our customers’ needs. We need to make customers aware of the platforms that they can use to engage with their plan. We need to grow and sustain our business, develop our brand and communicate with our members effectively. |
4. Who sees and uses my personal information?
Certain employees of Royal London are given access to your personal information. We also share your information with other companies, but we only use trusted third parties, such as:
- IT companies (Google Analytics)
- Auditors
- Legal advisers and legal/regulatory bodies, including the Information Commissioner’s Office (ICO)
For transactions authorised via the App, we’ll share certain information with relevant parties that are required to carry out your wishes. This would include another pension provider where you are looking to transfer another pension plan held by that provider to Royal London.
We make sure the use of your information is protected and we’ll never sell your information.
5. Overseas transfers
Our App is hosted and supported by Royal London staff, so we don’t need to transfer your information outside of the EU (the UK and Ireland).
6. How long do we keep your personal information?
If you delete our App from your mobile device, you will still be able to access our online services with your account log-in details. Deletion of the App will not impact the data that we hold about you to administer your pension. Please refer to our full privacy notice for further details.
We will only keep App usage information for the timeframes noted in section 2.
7. What are my rights?
- Access – You have the right to find out what personal information we hold about you.
- Rectification – If any of your details are incorrect or incomplete, you can ask us to correct them for you.
- Erasure – You can ask us to delete your personal information in some cases.
- Object – If you have concerns about how we’re using your information for analysis, you have the right to object.
- Restriction – You have the right to restrict the use of your information in some circumstances.
- Data portability – you can ask us to send an electronic copy of some of your information, either to you or to another organisation.
If you wish to exercise any of these rights, please contact us using the details in Section 11.
8. Right to complain to the supervisory authority?
If you are unhappy with how we use your information, you have the right to complain to the Information Commissioner’s Office. We would encourage you to contact us first, so we can help with your concerns.
The Information Commissioner’s Office can be contacted at Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF.
9. Changes to the way we use your information
If we want to use your personal information for a new purpose which we haven’t previously told you about, we’ll contact you to explain the new use of your information. We’ll set out why we’re using it and our legal reasons.
10. Changes to our privacy notice
Making sure that we keep you up to date with privacy information is a continuous responsibility and we keep this notice under review. We’ll update our notice as changes are required.
This privacy notice was last updated on 16 July 2021.
11. Contact us
If you have any questions or comments regarding this privacy notice, or if you’re not happy with the way Royal London uses your information, please contact us using the details below. You can also call if you want this information in another format such as Braille, large print or audio.
How to contact our Data Protection Officer (DPO)
By email: GDPR@royallondon.com
By telephone: 0800 085 8352
By writing to us:
Data Protection Officer
Royal London
Royal London House
Alderley Park
Congleton Road
Nether Alderley
Macclesfield SK10 4EL