Privacy Notice DC Pension Scheme Information Sessions

Church of Scotland Office of the Assembly Trustees is providing you with this information to comply with data protection law and to ensure that you are fully informed and we are transparent in how we collect and use your personal data.

Who is collecting the information?

Church of Scotland Office of the Assembly Trustees is the Data Controller. We have an appointed Data Protection Officer (DPO), Alice O'Sullivan who can be contacted by emailing: Privacy@churchofscotland.org.uk

Why are we collecting it and what are we doing with it (Purpose)? 

We are holding Pension Scheme information sessions and require personal data to enable us to register attendance. The Question & Answer (Q&A) function will be enabled during the information session. Q&A entries and attendance is recorded via Microsoft Teams.

What personal data do we collect?

First name, surname and email address.

How are we collecting this information? What is the source?

An email has been issued to all staff, including CSC staff, Presbytery staff, Ministers and MDS which includes Mission Partners and the International Presbytery. This email will provide a link for people to register to join. Following on from that MS Teams then auto-generates emails to issue the meeting link to join along with a reminder message shortly before the event.

The lawful basis for the processing

The lawful basis for processing for this purpose is UK GDPR Article 6(1)(a) "the data subject has given consent to the processing of his or her personal data for one or more specific purposes"

Who we share the information with:

The event organisers will have access to details for those who register to attend, those who attend and any Q&A entries during the information session. This will involve staff in the Office of the Assembly Trustees who set up the session on Microsoft Teams.

Legal and General, the pension providers, will attend as a presenter so will be able to view the attendance list and the questions posted during the information session. They will receive an anonymised Q&A list following the information session.

As we are using Microsoft Teams to host this event, Microsoft are therefore our processors. There is an appropriate contract in place with Microsoft and they will only process personal data on the Church's instructions

Details of data transfers to any third countries or international organisations

All CSC staff, Presbytery staff, Ministers and MDS, which includes Mission Partners and International Presbytery, are invited to this information session. For those who are based outside the UK this will mean there is a data transfers between that country and the UK. There are appropriate safeguards in place to ensure data is protected accordingly.

How long do we hold the personal data?

Q&A entries will be downloaded and anonymised for the purpose of creating a Frequently Asked Questions (FAQ) document. Attendee data will be deleted 4 weeks after the event. This will be done securely following Church procedures.

Do we use automated decision making processes, including profiling? 

The Church does not process data in this way

Individuals' rights in relation to this processing

Individuals have a number of rights in data protection laws. This is detailed here on our website. Not all rights are absolute and some only apply in relation to the lawful basis for processing. For this purpose, all rights apply except for the right to object. If you wish to exercise any of your rights please contact the DPO at Privacy@churchofscotland.org.uk

As the lawful basis is consent, it's important to note that you can withdraw your consent at any time. To do this please contact oatadmin@churchofscotland.org.uk who will process your request accordingly