Invesco respects your right to privacy. We will not collect any information about you when you visit this website unless you elect to provide it to us.
Personal Data – what is it?
Personal data means data which relates to a living person who may be identified directly or indirectly from that data. The processing of Personal data is governed by the General Data Protection Regulation 2016/679 (“GDPR”). Invesco is a data processor when acting as a Registered Administrator of an occupational pension scheme and when acting as a Broker for its Group Insured business. Invesco is a data controller when acting as an Intermediary within its Personal Financial Services business.
What categories of Personal Data are processed?
- Peronal data received from you from time to time as a personal client of Invesco or as a member of an occupational pension scheme. This personal data includes but is not limited to:
o name, date of birth, gender, nationality, address, contact details, telephone number, email address, employer name, employee number, date of joining service, dates of absence, employment category, job title, employee benefit details, underwriting status, date of leaving service, PPSN, salary and remuneration, details of current and historic pension arrangements, pension contributions, insurance cover/underwriting details, health information, marital status, beneficiary details, bank details, passport number, driving licence, utility bills, details of power of attorney.
- Information you provide us by filling in forms on our website. The personal data disclosed to us by Insurance Companies or your Employer or other relevant parties as part of the provision of certain services to you
- From time to time sensitive or “special categories” of personal data may be processed, for example, data relating to your physical or mental health e.g. in circumstances where you retire early on grounds ill health or for the purpose of obtaining insurance cover or processing a disability claim. Special categories of Personal Data include information revealing a person’s racial or ethnic origin, political opinions, religious or philosophical beliefs or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation
We may process your data for the following purposes:
- to provide Registered Administration services in relation to your membership of the pension scheme to provide personal financial services to you including but not limited to assessing your financial needs and providing you with professional financial advice and recommendations
- to provide administration services when joining a Group PRSA Scheme
- to communicate with a product provider such as an Insurance Company;
- to communicate with you by post, telephone, email or SMS, for the above purposes, (unless you instruct us not to do so
- in writing);
- to initiate a product application if requested by you.
Legal basis for processing Personal Data (acting as a data processor)
The purposes as stated, are necessary for the trustees of a pension scheme to comply with their obligations as Trustee under the Pensions Act 1990 (as amended) which requires trustees to appoint a registered administrator and to maintain records and to comply with other legal obligations such as reporting to and liaising with the Revenue Commissioners for tax purposes or in response to a request or when dealing with the Pensions Authority or the Financial Services and Pensions Ombudsman in the event of an enquiry or complaint. The above purposes are also necessary and lawful for the performance of Employers’ contractual obligations (as Data Controllers) with regard to their employees.
Legal basis for processing your Personal Data (acting as a data controller)
The above purposes are necessary and lawful for the performance of Invesco’s contract with you for the provision of its services and also for Invesco to comply with the requirements of the Central Bank of Ireland Code(s) of Conduct which include the Consumer Protection Code, the Fitness and Probity Standards and Minimum Competency Code and to comply with legal obligations such as reporting to and liaising with the Revenue Commissioners for tax purposes or when dealing with the Pensions Authority or the Financial Services and Pensions Ombudsman in the event of an enquiry or complaint.
We may also process your personal data for the purpose of our legitimate interests such as:
- keeping you up to date with information about other products and services we offer, except where your consent is required by law in order to communicate with you;
- any analytics or data sharing with other service providers which are not for the purpose of managing the pension scheme of which you may be a member or performing the service, for example, EuroStat returns must be made to the Pensions Authority on an annual basis and member statistics are used for this purpose. The output of such analytics will not identify particular clients or individuals;
- Sensitive or “special categories” of personal data when you retire early on grounds of ill health or for the purpose of obtaining insurance cover or processing a disability claim shall be processed on one or more of the following grounds:
- With your explicit consent;
- Where necessary to protect your vital interests where you are physically or legally incapable of giving consent;
- where necessary for the establishment, exercise or defense of a legal claim by us;
- where necessary for the purpose of carrying out our obligations and exercising our rights in the field of employment and social security and social protection law.
Your personal data shall be processed and retained for the duration of your membership of the pension scheme for such time as the pension scheme is administered by Invesco plus an additional 7 years or a date agreed with the trustees and/or the principal employer of the pension scheme.
As a Wealth Management personal client, your data will be processed for seven years after the date you leave Invesco’s agency.
The data is retained in accordance with Invesco’s destruction and data protection policy.
Sharing of your Personal Data
Your personal data will be treated as strictly confidential but may be disclosed to the Pensions Authority, Revenue Commissioners, the Financial Services & Pensions Ombudsman, auditors, professional advisors, insurance companies and other service providers in connection with the administration of the pension scheme of which you are a member.
Your PPS number is your Personal Public Service Number. It is a unique identifier for use in transactions with public bodies such as the Revenue Commissioners and the Pensions Authority and is used by Invesco for this purpose.
The vast majority of your personal data is stored securely and backed up within the EEA, however in some instances your data may be transferred to, processed and stored at, a destination outside the European Economic Area (“EEA”) subject to the provisions of GDPR being complied with by that processor. Details of the provisions applicable to such processors are available from the Head of Risk and Compliance.
Invesco has appointed the following sub-processors:
|Name of sub-processor||Country location and full address of sub-processor||Services/processing provided by the sub processor|
|Canada Life Group Services||Irish Life Centre, Abbey Street Lower, Dublin 1||IT Services|
|Kefron Limited||53 Park West Road, Dublin 12||Document and information management and storage|
|Shred-it Ireland||6A, Westgate Business Park, Ballymount Road Upper, Ballymount, Dublin 24||Secure paper shredding and destruction services|
|Snap Sandyford||Burtonhall Road Sandyford Dublin 18||Printing and graphic design services|
You have the right to raise objections in relation to the processing of your personal data, which may include a right to restrict such processing in certain instances. You also have a right to request a copy of your personal data and, in limited circumstances, to request its rectification or erasure. Any such queries, objections or requests should be directed to the Head of Risk and Compliance and will be processed in accordance with applicable data protection legislation. If you are not satisfied with how your query or complaint has been resolved, you have the right to raise the matter with the Office of the Data Protection Commissioner.