Privacy policy


The purpose of this Privacy Policy is to explain why and how the Royal Mail Statutory Pension Scheme (RMSPS) uses your personal information, your rights regarding this information and how we comply with data protection law.

In this Privacy Policy we explain some things about the personal information RMSPS holds and your rights regarding this information. It’s important that you read it carefully.

We keep this Privacy Policy under regular review and any changes we make to our Privacy Policy in the future will be posted on this page and will become effective when we post the revised Privacy Policy. This version was last updated on 15/07/2019.


  1. Overview of data protection legislation
  2. The RMSPS arrangements 
  3. Why we use your personal information
  4. How we use your personal information
  5. What personal information we use
  6. How long we keep your personal information for
  7. Sharing your personal information with third parties
  8. Security and safe storage of your personal information
  9. Your rights in relation to the personal information we hold about you
  10. Personal data breaches
  11. Further information, contact details and concerns

1. Overview of data protection legislation

Data protection legislation refers to all applicable privacy and data protection laws including the General Data Protection Regulation (GDPR) ((EU) 2016/679), the Data Protection Act 2018 and any additional laws, regulations and secondary legislation in England and Wales relating to the processing of personal data and the privacy of electronic communications, as amended, replaced or updated from time to time. The GDPR builds on the previous data protection legislation in order to respond to advances in technology, make accountabilities for data protection clearer, provide greater rights to ‘data subjects’ (individuals whose personal information is held by organisations) and increase the size of fines that can be levied in the event of a personal information breach.

Legislation sets out the data protection principles. These are that personal information shall be:

  • Processed lawfully, fairly and in a transparent manner;
  • Collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes;
  • Adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed;
  • Accurate and, where necessary, kept up to date;
  • Kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal information is processed; and
  • Processed in a manner that ensures appropriate security of the personal information, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures.

The Information Commissioner’s Office (ICO) is the UK's independent body set up to uphold information rights in the public interest, promoting openness by public bodies and data privacy for individuals.

2. The Royal Mail Statutory Pension Scheme

The Cabinet Office is the scheme manager responsible for the RMSPS. This means they are the ‘data controller’ for the personal information collected to provide the arrangements to you.

From 1 October 2018 Capita Employee Solutions is the pension administrator for the scheme covered by this policy and is known as the ‘data processor’. The data controller (Cabinet Office) sets out what and how the data processor can use your personal information. 

3. Why we use your personal information

a. Use of your personal information to comply with a legal obligation or to perform a public interest task

The Cabinet Office will only use your personal information where it has a ‘lawful basis’ under the GDPR for doing so. Most commonly, it will use your personal data in order to enable it to:

  • Comply with a legal obligation; or
  • Perform a task carried out in the public interest.

As the scheme manager, the Cabinet Office has legal obligations set out in scheme legislation, the Postal Services Act 2011, to provide pensions and other benefits to eligible members, as well as complying with other legal requirements affecting the scheme.

In addition, the Cabinet Office is carrying out a task in the public interest by managing and administering a public service pension scheme.

The Cabinet Office may also use your personal information where it suspects that you have committed a criminal offence such as fraud or to defend its legal rights.

The main purposes for which we may use your personal information are to:

  • Administer your RMSPS Pension;
  • Pay any benefits due to you;
  • Communicate and interact with you. This can be by phone, email, post or online (via our website or portal);
  • Provide services and information you request from us;
  • Inform you about changes to the scheme;
  • Improve our service offering, including through collection and responding to feedback;
  • Protect your interests and those of the scheme;
  • Conduct research and surveys; and
  • Comply with our legal obligations, such as co-operating with the Pensions Regulator or the Pensions Ombudsman.

As pensions are long term, the reason for processing your personal information is likely to change over time as your circumstances change, for example:

  • If you are a deferred member, meaning you were an active employee, have left the scheme but have not retired and taken any benefits from the scheme, then we need to hold your personal details collected during employment, so we can pay your deferred benefits at a later date; and
  • If you are a pensioner member, you are being paid benefits from the scheme, then we need to hold your personal details in order to pay you your benefits. 

b. Use of your ‘special category’ personal information based on consent

We do not generally require your consent to use your personal information, since we are entitled to do so in reliance on the two lawful bases outlined above. However, if you apply for payment of your benefits on the grounds of ill health under the RMSPS, we will need your explicit consent in order to be able to process your health details. This is because health details are classed as a ‘special category’ of personal information under the GDPR.

You will be asked for your consent to sharing the information with relevant parties, for example the Scheme Medical Advisor.

You may withdraw your consent to our processing of your health details at any time.

4. How we use your personal information

a. Receiving information from you

You may provide us with your personal information, for example you will need to inform us of your Death Benefit Nominee(s), spouse, Civil Partner or any other dependents.

As a deferred or pensioner member you need to inform the scheme administrator, Capita Employee Solutions, of any such changes directly.

Any online, postal, email or phone communications you have with Capita Employee Solutions are also classed as personal information. These communications are retained in order to protect your interests and those of the schemes. Email and any postal communications are stored electronically and phone calls are recorded.

b. Storing your personal information securely

The security of your personal information is very important to us. The information security management systems operated by the scheme administrator and our IT managed services providers are all independently certified to the ISO 27001:2013 standard. This provides the assurance that our systems and processes are suitably robust and secure to protect your information from cyber attack.

5. What personal information we use

Personal information is defined as any information relating to an identified or identifiable living person. An identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, a unique identification number (for example your National Insurance Number), location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, economic, cultural or social identity of that person.

In the context of the RMSPS we can require the following information to administer the scheme:

a. Your personal details:

These are required to make sure we can communicate with you and can satisfy our regulatory obligations, such as informing HMRC of any tax due. With the exception of a member number which is allocated by the administrator and an email address, we received this information from your employer at the time of employment:

  • Name and title;
  • Date of birth;
  • Gender;
  • Marital status;
  • Address;
  • Telephone number;
  • Email address;
  • National Insurance Number (NINo); and
  • Member number;

b. Your direction of death benefit or death benefit nominee details:

These are required in the event of your death so that we can pay any death benefits due. We receive this information from you:

  • Nominee name(s);
  • Nominee address(es); and
  • Relationship to scheme member.

Important Note: the RMSPS does not notify your chosen nominees of the fact that you have nominated them for any benefits that may be due upon your death. This is because it is your right to choose who may benefit, you may not wish the beneficiary to know and you may change your mind in the future. Our first contact with your Death Benefit Nominee(s) will be in the event of your death. We do request though that if you nominate a child and you do not have parental responsibility for that child then you seek consent from a parent or legal guardian before making that nomination. 

c. Your employment details:

These are required to calculate your pension benefits or if you wish to transfer benefits to a different pension scheme. This information is received from your employer during your employment.

  • Salary details including any bonus or allowances;
  • Employment (service) history, including any breaks in service, or where service has been transferred in, in order to calculate your ‘reckonable service’ (this is the amount of time worked that is used to calculate your pension benefits). Note that any days where you have been on strike are recorded as these days do not count towards your reckonable service. This may suggest, but not categorically confirm that you are a member of a Trade Union which the GDPR classes as more sensitive information;
  • Pension contribution history.
  • Career Salary Defined Benefit information
  • Information relating to your entitlement to benefits (on grounds of loss to the employer/scheme, or arising from criminal, negligent or fraudulent activity).

d. Your previous pension benefits:

You may have transferred benefits into the RMSPS from another pension provider in line with the scheme rules. We received this information from your previous pension provider and from you directly.

e. Information required to pay/administer benefits:

The RMSPS may pay benefits to you, your spouse, your dependants and your nominees over the period of your membership of the scheme arrangements. In some instances we may require official documentation to verify your personal circumstances or the identity of others in order to pay those benefits. This information will be provided by either yourself or others and include:

Identification documents;

  • Legal certificates (for example birth certificates, marriage/civil partnership certificates, death certificates);Pension sharing orders;

f. Information relating to your satisfaction with the service provided:

The RMSPS operate a continuous improvement approach and as such may request feedback from you, either by the phone or written/electronic mail. We also progress any complaints you may have in order that we can make improvements to our service. We receive this information from you. 

g. Information relating to using our website:

If you use our website you'll be informed of the presence of cookies which are used to collect information relating to how you use the website. The cookies cannot identify you, as the information collected is anonymous, and therefore cannot be classed as personal.

We intend to continue improving the content and function of our website. For this reason, we may monitor customer traffic patterns and site usage to help us improve the design and layout of our site and provide content of interest to you.

For more information on our cookie policy, please click here.

6. How long we keep your personal information for

The RMSPS will retain information in line with our Data Retention Policy. Data will not be held for any longer than is necessary to perform the processing, and will be destroyed when all processing activity has been completed, that is six years after the last financial transaction has been made that relates to the data subject or any surviving beneficiary of the data subject.

7. Sharing your personal information with third parties

The RMSPS use a number of approved third party providers who we may share your personal information with in order to deliver the service or to comply with legislation placed upon us. These include:

a. For scheme administration purposes

The scheme administrator Capita Employee Solutions is the processor of your personal information. Capita Employee Solutions uses sub-processors to provide operational, system and infrastructure support to administer your benefits (for example IT providers, letter printing, postal services, identity checking services, banks etc.).

We do not share your personal information outside of the European Economic Area (EEA). The only exception is if you were to request in writing for us to pay your benefits into a bank account that is outside of the EEA.

If you transfer to another pension scheme we’ll need to share your personal information with the relevant pension provider.For members who have benefits in the Royal Mail Pension Plan (RMPP) as well as the RMSPS, a data sharing agreement has been set up between the Trustee of the RMPP and Cabinet Office as scheme manager of the RMSPS. This is a mechanism to allow personal information to be shared. The purpose of this is to ensure that both parties are able to pay benefits in line with the scheme rules. 

b. For compliance purposes

Statutory Bodies such as; The Pensions Regulator, the Pensions Ombudsman, the Department for Work and Pensions and Her Majesty’s Revenue and Customs, in accordance with our legal obligations.

In order to comply with our legal, regulatory and statutory obligations, sometimes we also need to pass your personal information to third parties, such as Her Majesty’s Courts, law enforcement agencies, auditors, and our professional advisers such as legal advisors and actuaries.

c. For research purposes

In order to continually meet the needs of members, and intermediaries, the RMSPS may need to conduct research and surveys. Some of those activities may require us to use your personal information.

When conducting such activities, we may need to share your personal information with other government bodies or departments, as well as with third party research partners. Wherever possible, we’ll use aggregated datasets, anonymisation or pseudonymisation techniques to limit personal information use to what is strictly necessary for the purpose of each activity.

d. General notes relating to sharing of your information

Your personal information is not processed or stored outside of the EEA, unless you specifically request to be paid your pension into a non EEA bank account;

Where third parties are in receipt of your personal information, RMSPS require sufficient guarantees that appropriate technical and organisational measures are in place to maintain the required standard of security. Prior to a new supplier being appointed a Data Protection Impact Assessment is conducted to ensure that appropriate measures and controls are in place.

8. Security and safe storage of your personal information

The security of your personal information is very important to us and we take this matter very seriously. We use appropriate procedures and security features and have in place a robust framework to ensure the security of your personal information.

The information security management systems operated by our administrators and our IT managed services providers are all independently certified to the ISO 27001:2013 standard. This gives us assurance that our systems and processes are robust, and helps protect members’ personal information.

In addition, the scheme administrators operate a Privacy by Design Policy, which means that a structured assessment of personal information risks is conducted at the point that any new or amended data processing systems or infrastructure are considered. This ensures that data protection is built in and compliant with the data protection law for any changes or new initiatives.

9. Your rights in relation to the personal information we hold about you

Data protection legislation provides you with a number of rights with respect to your personal information. Some of these rights only apply where the personal data is being processed in reliance on certain lawful bases. The table below shows which rights are applicable to you and which are not, and there is more information regarding each right following the table:

Personal information Rights

Applicable to RMSPS

The right to be informed


The right of access


The right to rectification


The right to erasure


The right to restrict processing


The right to data portability


The right to object


Rights in relation to automated decision
making and profiling


* In relation to some data.

a. The right to be informed

You have a right to understand how we process your personal information and your rights relating to it. This Privacy Policy provides this information.

b. The right of access

You have a right to access your personal information. We routinely provide access to a summary of your information, as explained below:

  • If you are a deferred member (i.e. you have a RMSPS pension that you have not yet taken you will receive a Current Value statement of benefits. You can request additional statement of your deferred benefits but there may be a charge; and
  • If you are a pensioner member (i.e. you are receiving your RMSPS Pension), then you will be sent a P60 after the end of each tax year. This will contain some of your personal information (e.g. name, address, NI.NO, pension).

The provision of Current Value Statements or P60s (as applicable) does not prevent you from requesting access to specific items or all of your personal information that the RMSPS hold.

A request for your information will be free of charge, with the exception that a reasonable fee can be charged when a request is manifestly unfounded or excessive, particularly if it is repetitive. Any fees charged will be based on the administrative cost of providing the information. Where we have identified that a charge is applicable, we will notify you in advance so that you can decide whether to continue or not.

Information will be provided within one month of receipt, however we are able to extend this by a further two months where requests are complex or numerous. If this is the case, we will inform you within one month of the receipt of the request and explain why the extension is necessary.

Where requests are manifestly unfounded or excessive, in particular because they are repetitive, we can either charge a reasonable fee or refuse to respond. Where we refuse to respond to a request, we will explain the reason why and inform you of your right to complain to the supervisory authority and to a judicial remedy within one month.

Please contact us by emailing the helpline at if you would like access to your personal information. Please be as specific as you can in relation to the personal information you would like to have access to.

c. The right to rectification (correction of data)

You have a right to have personal information rectified (corrected) if it is inaccurate or incomplete.

The common changes of personal details (e.g. name, address, bank details (pensioners only)) can be done by contacting Capita Employee Solutions either by phone or email.

Where we have shared your information with others and it is subsequently rectified, we will share the corrected information with those parties.

d. The right to erasure

The right to erasure is also known as ‘the right to be forgotten’. The broad principle underpinning this right is to enable you to request the deletion or removal of personal information where there is no compelling reason for its continued processing.

In the case of pension information, there are very few circumstances where the right to erasure can be invoked as the maintenance of your pension information is required in order to pay your benefits either now or in the future.

If you consider that there is no compelling reason for the scheme to continue to hold your personal information then please contact us. Please note that, if you have benefits in the scheme either in payment or deferred, we may refuse your request if complying with it would prevent us from fulfilling our function of administering your pension, including paying the benefits that you are entitled to.

e. The right to restrict processing

You have the right to request that we restrict our processing of your personal information in the following circumstances:

  • You contest the accuracy of the personal information we hold;
  • The personal information has been unlawfully processed and you oppose erasure and request restriction instead;
  • We no longer need the personal information but you require us to keep it in order to establish, exercise or defend a legal claim; or
  • You object to our processing your personal data under Article 21(1) of the GDPR, and we are considering whether our legitimate grounds or yours should take priority override those of the individual.

Please note that, where you have requested the restriction of the processing of your personal information, we may be unable to carry out our function of administering your pension, including paying the benefits that you are entitled to.

Where we need to process the personal data for the establishment, exercise or defence of legal claims, we will continue to process your personal information notwithstanding your request.

f. The right to data portability

Where you have provided your personal information to us in a widely used digital format, you have the right to receive such personal information and to pass it on to another data controller without hindrance from us or to request that we transmit it to another data controller directly.

This right does not apply where the processing is based on a legal obligation or in order to enable us to carry out a task in the public interest, or where the processing is not carried out by automated means.

g. The right to object

Where we process your information solely on the basis that doing so is necessary for the performance of a task in the public interest, you have a right to object to the processing. We will then cease processing unless the processing is necessary for the establishment, exercise or defence of legal claims or there are otherwise compelling legitimate grounds for doing so.

This right does not apply where your information is being processed to comply with our legal obligation to administer your pension or, in the case of your health details, where your explicit consent has been obtained.

Please note that the RMSPS do not perform any direct marketing activities and we do not sell or otherwise provide your personal information to any third parties for the purposes of marketing. Your personal information is used solely for the purposes of administrating your benefits under the RMSPS.

h. Rights in relation to automated decision making and profiling

This right prevents decisions being taken based solely on automated processing, including profiling. The RMSPS do not perform solely automated decision making.

10. Personal Data Breaches

A personal data breach is defined as a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal information transmitted, stored or otherwise processed.

All organisations have a duty to report certain types of personal data breach to the relevant supervisory authority (the ICO) within 72 hours of becoming aware of the breach, where feasible.

If the breach is likely to result in a high risk of adversely affecting your individual rights and freedoms, we must also inform you without undue delay.

We operate robust breach detection, investigation and internal reporting procedures to facilitate decision-making about whether or not we need to notify the relevant supervisory authority and you.

We maintain a record of any personal data breaches, regardless of whether they were notified to the ICO or to you.

If you believe your Personal Data has been compromised, then please contact us using the contact details provided below.

11. Further information, Contact Details and Concerns

a. Further information

The information provided in this Privacy Policy is in addition to any other privacy information we may give you on this website or via other means as outlined throughout this policy.

You may also wish to view your previous employer’s Privacy Policy that will explain how they collected and provided your personal information to the scheme.

If you are a member who has benefits in both the RMSPS and the Royal Mail Pension Plan (RMPP) you may also wish to view the RMPP privacy notice which explains how they collect and use your personal data.

b. Contact us

If you wish, you can contact the scheme administrator, Capita Employee Solutions at:

Telephone: 0333 222 0078
Address: Royal Mail Statutory Pension Scheme
11b Lingfield Point
United Kingdom

You may also contact either the scheme manager’s or scheme administrator’s Data Protection Officer (DPO) using the following details: 

Scheme Manager (Cabinet Office) DPO

Scheme Administrator DPO

Steve Jones
Cabinet Office
70 Whitehall


Jenny Coombs
Data Protection Officer
65 Gresham Street

c. Complaints

If you have concerns about the way we handle your personal information, we would like you to raise it with us so that we have the opportunity to put it right.

If you think that we haven’t dealt with your concerns fully and appropriately, you can contact the ICO to report your concerns. We will work cooperatively with the ICO in order to resolve your concerns. They can be contacted by:

  • Phone on +44 303 123 1113;
  • Post to Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, SK9 5AF;
  • Their website at

Any complaint to the Information Commissioner is without prejudice to your right to seek an effective judicial remedy against a legally binding decision of the Supervisory Authority. You have the right to appoint a representative to act upon your behalf.