Search site
  • Your Rights

Your Rights

What are your rights under Data Protection law?

One of the key obligations of organisations who manage, and control individuals' data is to ensure the individual is informed about their rights under Data Protection Laws, which gives them control over how their information is used and by whom.

The right to be informed

The Fund's Privacy Notice outlines what personal information the Fund will hold, who it will share it with and for how long the information will be held.

Should an individual feel that the information supplied in this Privacy Notice is inadequate or that it does not inform them about the how their information is used by the Fund, please contact the Fund's Data Protection Officer for more information at

The right of access

This is an individual's right to obtain 

  • confirmation that data is being processed
  • access to personal data
  • access to policies and information held by the Fund about how it uses data

This right enables individuals to verify that the Fund is using data appropriately as well as providing access to obtain copies of information it holds.

Individuals are entitled to see the information held and can request a copy by emailing Copies of the information requested will be provided within one month of receiving a validated request, where the individual member can be identified, with their identification verified through supporting information. However, should a request be more complex, the Fund's administering authority (City of Wolverhampton Council) may write to an individual or third party, informing them of any potential delay and when the information will be provided.

The right to rectification

Individuals have a right to have information amended or rectified if they believe it is inaccurate or incomplete.

If you believe any personal information we hold about you to be incorrect, please email us and we will amend the information accordingly.

The Fund operates a self-service platform called "Pensions Portal" where members can amend details the Fund holds about them, including name, address, bank details and nominations. Members are encouraged to use this platform to ensure the information the Fund holds about them is accurate and up to date. The Fund's Pensions Portal can be accessed at

The right to erasure / the right to be forgotten

This right allows individuals to request a company or body to delete any or all information they hold about them. However, the right to erasure does not provide an absolute 'right to be forgotten'. Individuals have a right to have personal data erased and to prevent processing in specific circumstances:

  • Where the personal data is no longer necessary in relation to the purpose for which it was originally collected/processed
  • When the individual withdraws consent
  • When the individual objects to the processing and there is no overriding legitimate interest for continuing the processing
  • The personal data was unlawfully processed (i.e. otherwise in breach of the DPA)
  • The personal data must be erased in order to comply with a legal obligation

The Fund, in providing statutory duties under LGPS regulations has determined that it cannot permanently delete a member's record. Should a member transfer out of the scheme, the Fund will retain a basic record confirming the member's name, contact, date of birth and national insurance number and any relevant documents determined by the Fund to support future statutory processing. The basic member details and documents are required to be retained to enable the Fund to comply with statutory and legal obligations such as fraud prevention and GMP reconciliation.

The right to restrict processing

Individuals have a right to limit how the Fund uses data, including who it shares it with.

A request for information to be used for limited purposes will not result in the deletion of the information the Fund holds. Requests to restrict processing will be considered on a case by case basis, with the decision determined by the Fund's Data Protection Officer.

The Fund publishes a Privacy Notice which outlines how it uses data and who it shares it with. Should you wish the Fund to limit how we use your data please email  with the reasons for your request.

The right to data portability

This right enables individuals to obtain copies of the information the Fund holds in a format that is easily transferred to either individuals or another organisation.

This is particularly relevant to members who may choose to transfer out of the Fund to another LGPS Fund or a separate pension provider. The Fund will provide the information it holds to a new pension provider in a format that they can use. The transfer of pension benefits would not take place without the consent of the scheme member. In all cases the Fund would retain basic information about a member who has transferred out to prevent fraud and support the Fund's ability to respond to statutory queries (HMRC/GMP).

The right to object

In addition to the right to limit the use of data, individuals also have a right to object to the use of data for certain actions.

The Fund may share information with third parties, such as consultants or service providers. Under data protection laws you can object to the Fund sharing your data with these third parties.

Should an individual exercise their right to object, it will not limit the information they receive from the Fund, as it may still be required by law to provide certain information, such as annual benefit statements. Where individuals exercise their right to object, the Fund will take all reasonable steps to ensure requests are complied with, but that it also fulfils any legal obligation it has to provide information or supply services.

Children's data

Data protection laws specifically ensure the protection of children's data, as children may be less aware of the risks and consequences associated with the processing of their personal data.

Any information held by the Fund which relates to the personal data of a child under 13 is held with the consent of the parent or the person with legal parental responsibility.

Children aged 13 - 16 are generally regarded as having the appropriate level of understanding to provide their own consent for the use of their data, provided the Privacy Notice has been written in a way they can understand.

Powered by GOSS iCM