The Pensions Regulator is a data controller under the Data Protection Act 1998 (DPA). We will hold and process your personal information and any personal information of third parties supplied in accordance with this Act.
We may use your personal information and any personal information of third parties supplied in connection with any of our statutory functions, including but not limited to, the purpose of internal record keeping, to provide any of our services for which you have registered and to contact you.
We will also pass your personal information to an independent research agency who may ask you to take part in a survey to help us develop our customer service.
Where personal data of third parties is provided by you, we assume that you have obtained the required authority to supply this information to us unless you tell us otherwise.
We will not transfer or otherwise disclose to third parties your personal data or personal data of others you have provided to us except where permitted to do so for the purpose of excercising our regulatory functions or where permitted or required by law to assist other bodies to excercise their statutory functions, or where you have agreed to the disclosure.
Further information on how your information is used, kept secure and your access rights please see our privacy notice.