Client feedback


When requesting information by email, I have noticed that there is 'out of hours activity' to answer me. I regard this as a stand out 'above and beyond' - impressed.
​We are extremely pleased with the appointment we made. The way Ian reacts to us and works with us is brilliant. We are very happy.
Katherine Cross,
Tyser
The work that has been done has been delivered beyond expectations.
Head of Trustee Services
It’s a pleasure working with key members of the PSGS team: their experience and leadership means that they know how to get the job done, working in partnership with fellow trustees, employers and advisers to achieve the best result for members.
Mark Smith,
Partner at Taylor Wessing
In any major corporate transaction, time is of the essence. PSGS's pragmatic commercial approach helped us manage the pensions aspects of our group re-structure to ensure a positive outcome for all parties.
David Wilman,
CFO at Survitec Group
I learnt more than I expected to at the trustee training course. A good introduction to the trustee role.
Rob Hartley,
RSPCA

GDPR: the nightmare revisited!

I’m sorry to bring back the agonies of this time last year, but as pension trustee secretary I’ve started the first review of my clients’ GDPR policies. These are due to be completed within the next few weeks and, so far, I’ve found a couple of changes that I have recommended to my clients.

Over the top actions aren’t needed

The first change is to tweak the wording around breaches so we could avoid a full-blown crisis meeting when in fact the breach was very minor and it was a no-brainer that no report to the Information Commissioner’s Office (ICO) was needed.

Fortunately, I haven’t experienced any major breaches during the year (touch wood that continues) but I have found administrators are rightly reporting every minor breach. When a breach is obviously minor and only involves one or two individuals, it is clearly disproportionate to lodge a report or indeed to involve the full pension trustee board in reaching this decision. One of my clients agreed to amend their policy so, in such cases:

  • only the Trustee Chair and a member nominated trustee (MNT) needs be notified to reach a decision
  • the breach is also reported to the governance committee and recorded on the data breach log

Talking of no-brainers…

The second change relates to the ICO’s recommendation for data controllers to complete a three part test when they rely on legitimate interests as their grounds for data processing (see: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/lawful-basis-for-processing/legitimate-interests/). This isn’t a GDPR requirement and so isn’t essential, but it is seen as best practice. Frankly, when dealing with pension schemes, the responses to the ICO’s list of questions show it is a no-brainer that processing data is in the members’ best interests.

I drew up a note to record the trustee’s responses to the test and its conclusion. A simple way to deal with something you could find pension administrators or lawyers over-complicate.

Although GDPR may still feel like a fresh wound, this is a good time to check everything remains fit for purpose.

 

 

Back to opinions

 

Hot Topic
Pension superfund consolidators get the green light

12 Aug 2020

I last wrote about pension superfunds two years ago . Amid the heightened sponsor risks associated with defined benefit (DB) pension schemes, on...

Trusteeship is all about relationships

2 Jul 2020

Making relationships work well should be considered an art form . From experience, it’s one I know a professional trustee needs to be a master...

Investment with the benefit of hindsight

11 Jun 2020

With all the turmoil we’ve seen in investment markets recently, I thought it would be interesting to look at what pension schemes should have...

More opinions »

Call: 0845 313 0024

online enquiry