Privacy Policy and Investment Statement

The Trustees of the Airbus UK Pension Scheme  is committed to protecting the rights of individuals in line with the General Data Protection Regulation (reference EU 2016/679) of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of Personal Data and on the free movement of such data  (hereinafter referred to as : ‘GDPR’) as well as each applicable national Personal Data protection laws and regulations (collectively referred as “Data Protection Laws and Regulations”).

Airbus UK Pension Scheme Trustees Limited is the trustee (“the Trustee”) of the Airbus UK Pension Scheme (“the Scheme”). For legal purposes, the Trustee is known as the “data controller”, as we decide the purposes for and the means by which the personal data we hold is processed. The Scheme also works with joint data controllers which include Legal & General and Airbus.

The protection of your privacy and Personal Data is an important concern to which we pay special attention throughout our business processes. As the Trustee of the Scheme, we hold certain personal information (known as “personal data”) about scheme members and, where applicable, their dependants and beneficiaries. Most of the personal data held and processed by the Trustee in running the Scheme will be personal data.

Personal Data is information that can be used to identify a person either directly or indirectly (hereinafter referred to as ‘Personal Data’). A ‘personal identifier’ is a piece of information that can identify an individual. This definition covers a wide range of personal identifiers which constitutes Personal Data, including name, address, email address, identification number, location data or online identifier. 

Special category of Personal Data is any Personal Data which relates to racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, data concerning health, sex life or sexual orientation and includes genetic data, and biometric data where processed to uniquely identify an individual (hereinafter referred as : ‘Special Category Personal Data’).

Depending on the circumstances and the stage of your membership, we may hold some or all of the following information about you:

• Identification data: name, first name, date of birth, contact details (job title and function, professional phone number, email, employer name), national insurance number, gender, details of your race/ethnicity, details of sexual orientation, details of religious/philosophical political beliefs, details of membership of trade union
• Economic and Financial data: details of your bank account (to pay benefits), details of your pay and any associated benefits, bonuses etc
• Health data: medical and other details about your health
• Dependants and Beneficiaries: details about your dependants and/or beneficiaries

We collect this Personal Data cumulatively:

• directly from you by completing a form, by entering contact details,  
• indirectly from your organisation you are working for.

The Trustee has a legitimate interest in holding and processing the above information about you as it is needed for us to properly administer the Scheme and to calculate and pay benefits. We also keep the above information in order to allow us to comply with our obligations towards members under the Scheme governing documents, as well as under relevant legislation. We will not collect any personal data from you that we do not need.

Personal data relating to the Scheme is held on paper and on computer systems. As the “data controller”, the Trustee must process this information fairly and lawfully.

As part of running the Scheme, we may also need to hold and process particularly sensitive information about you and/or your dependants and beneficiaries (known as “sensitive personal data”). Under the legislation, details relating to health, racial or ethnic origin, religious or other similar beliefs, sexual orientation and political affiliations are regarded as “sensitive personal data”. Except where the legislation allows it, this information cannot be processed or passed to a third party without your explicit consent.

Personal data may also be used for automated decision making. This may include:

• Eligibility for auto enrolment
• Eligibility for SMART (salary sacrifice)
• Default investment switching. This is based on a combination of factors such as age and target retirement date. This will be used to automatically switch your investments if you are in a lifestyle fun

The Trustee has a legitimate interest in holding and processing the above information about you as it is needed for us to properly administer the Scheme and to calculate and pay benefits.  We also keep the above information in order to allow us to comply with our obligations towards members under the Scheme governing documents, as well as under relevant legislation. We will not collect any personal data from you that we do not need.

Personal data relating to the Scheme is held on paper and on computer systems.  As the “data controller”, the Trustee must process this information fairly and lawfully.

As part of running the Scheme, we may also need to hold and process particularly sensitive information about you and/or your dependants and beneficiaries (known as “sensitive personal data”).  Under the legislation, details relating to health, racial or ethnic origin, religious or other similar beliefs, sexual orientation and political affiliations are regarded as “sensitive personal data”.  Except where the legislation allows it, this information cannot be processed or passed to a third party without your explicit consent.

Personal data may also be used for automated decision making. This may include:

• Eligibility for auto enrolment
• Eligibility for SMART (salary sacrifice)
• Default investment switching. This is based on a combination of factors such as age and target retirement date. This will be used to automatically switch your investments if you are in a lifestyle fund

We process your Personal Data in accordance with the provisions set out in the applicable Data Protection Laws and Regulations. The legal basis for processing your Personal Data are:

• This processing is necessary for the compliance with legal obligations to which the Company is subject.
• This processing is necessary to perform the contract between you and the Company.
• This processing is also necessary for the purpose of the legitimate interests pursued by the Company
         - The Trustees consider that it has a legitimate interest in ensuring that employees are properly enrolled into a pension scheme and that pension scheme is properly administered.

Some of your personal information will be shared with the pension administrator, tracing agents, governmental authorities (such as tax authorities), an Independent Financial Adviser, a new pension scheme (as appropriate), accountants and actuaries.We may disclose your Personal Data to the following recipient(s) on a strict need to know basis and for the Purposes as outlined in this Privacy Notice:

• Other authorised third parties in connection with a reorganisation, merger or sale of Airbus businesses, and/or assets;
• Law enforcement or any relevant authorities where necessary to comply with applicable law.

We process and store your Personal Data as long as it is required to meet our contractual and statutory obligations. The retention period  of your Personal Data is determined by applicable Laws and Regulations and/or by our procedures or processes adopted in accordance with applicable Laws and Regulations.

We use technical and organisational security measures in order to protect the Personal Data we have under our control against accidental or intentional manipulation, loss, destruction and against access by unauthorised persons.
Our security procedures are continually enhanced as new technology becomes available by relevant Airbus departments

Under some circumstances provided by law, you may at any time exercise your Personal Data protection rights as listed below by contacting us at the contact details mentioned in section “How to exercise your rights and/or contact Airbus in respect of your Personal Data?”:

• Right to access/obtain a report detailing the information held about you: You have the right to obtain confirmation as to whether or not your Personal Data is being processed by Airbus and if so, what specific Personal Data is being processed.
• Right to correct Personal Data: You have the right to change any inaccurate Personal Data concerning you.
• Right to be forgotten:  In some cases, for instance, when the Personal Data is no longer necessary in relation to the Purposes for which they were collected, you have the right for your Personal Data to be erased.
• Right to restrict the processing of your Personal Data: You have the right to restrict the processing of your Personal Data by Airbus, for instance when the processing is unlawful and you oppose the erasure of your Personal Data. In such cases, your Personal Data will only be processed with your consent or for the exercise or defense of legal claims.
• Right to data portability: Under some circumstances provided by law, you have the right to receive the Personal Data concerning you in a structured, commonly used and machine-readable format and/or transmit those Personal Data to another data controller.
• Right to object: In some cases defined in law, you may ask us to stop processing your Personal Data.
• Right to withdraw consent: Where your consent is required, you may at any time withdraw such consent.  However, please note that if you withdraw your consent, you may not be able to access and use certain information, features or services.

If you want to exercise your rights or if you are unhappy with the way in which your Personal Data has been processed or should you have questions regarding the processing of your Personal Data, You can email the Airbus Data Protection Officer,: dataprotection@airbus.com or you can write to the address below:

HO Group Schemes & Benefits UK, Gunnels Wood Road, Stevenage SG1 2AS 

We may ask you to validate your identity by enclosing a copy of any identity document.

If you remain unsatisfied, then you have the right to apply directly to the Information Commissioner's Office:   ICO: Supervisory Authority UK