PRT privacy notice

Last updated: May 2025                                           

Website: legalandgeneral.com/prt

 

This is Legal & General’s (L&G, we, our, us) privacy notice for our Pension Risk Transfer (PRT) services, which tells you how we collect, use, store and share your personal information. It also provides details on the rights available to you in relation to our use of your information.

You are receiving this privacy notice because you are a member of a pension scheme (scheme) and the trustee (or trustees) of the scheme (trustee) has shared your personal information with us for the purposes of managing and insuring its risk and retirement payment liabilities related to the scheme, or because we are acting as a reinsurance company for another insurance provider through a reinsurance contract.

We process your personal information to provide the following PRT services to the trustee:

  • Pension scheme buy-in agreement (buy-in) – The trustee has bought an insurance policy from us to help cover some or all of the scheme’s liabilities. The policy ensures there are enough funds to pay future pension benefits to scheme members, and is held as an asset of the scheme alongside other investments. The trustee has paid a fixed amount up front to us and we are responsible for paying a monthly amount to the trustee who in turn will pay your pension benefits to you. We sometimes provide pension administration and payroll services but the trustee is always legally responsible for paying your monthly pension benefits. Most schemes will first move to buy-in and we have no direct relationship with you at this stage.
  • Pension scheme buyout agreement (buyout) – A financial arrangement between us and the trustee to fully secure all of the scheme’s liabilities. At a later date, the buy-in policy is normally converted to individual annuity policies between us and all individual scheme members. You will become an L&G policyholder and stop being a member of the scheme. We are then legally responsible for paying your monthly pension benefits directly to you, and we will write to you at this stage to provide information about the new contractual
    relationship we have with you. This allows the trustee to discharge their liabilities and wind-up the scheme. The buyout will ensure that your pension benefits are secured and paid as promised, with no change to the benefits that you are legally entitled to.

Protecting your personal information is extremely important to us. The way we collect, use, store and share your information is equally important. Our customers expect us to manage their information privately and securely. If we fail to do this, they will lose their trust in us.

For the purposes of the UK General Data Protection Regulation (GDPR), we are the controller of the personal information that the trustee or insurance provider has given us. This means we determine the purposes and means of processing your personal information, and we are responsible for managing your information in line with the requirements of the GDPR.

Please take a few minutes to read this document and show it to anyone else connected to your scheme benefits or whose personal information has been, or will be, shared with us, including but not limited to beneficiaries who will receive benefits from your pension when you die (e.g. spouse, civil partner, children or other financial dependants).

This privacy notice may be subject to future change and the latest version will always be available on our website here: legalandgeneral.com/institutional/pension-risk-transfer/privacy-policy.

Your personal information will be administered separately when we pay your pension benefits directly to you under buyout. Please refer to our separate Consumer Privacy Notice which explains how we process your information when we pay your benefits to you under your individual annuity policy: legalandgeneral.com/privacy-notice.

What is personal information?

When we talk about personal information, we mean information about an individual that can identify them, like their name, address, e-mail address, phone number and financial details. It can relate to customers (including prospective customers), their appointed representatives (e.g. individuals with powers of attorney), employees, shareholders, business contacts and suppliers. Any reference to “information” or “data” in this privacy notice is a reference to personal information about a living individual.

What information do we hold about you?

We may collect and process the following personal information about you:

Type of data

Description

Examples of how we use it

Contact

• Who you are (e.g. full name and title)
• Where you live (including previous addresses)
• How to contact you (e.g. phone numbers and email addresses)
• Third party contacts (e.g. family members, friends and beneficiaries)

• Servicing your products
• Marketing
• Analysis and profiling
• Enhancing our products and service offering
• Product underwriting, pricing and reinsurance
• Maintaining accuracy and consistency of your information for all your products across the L&G Group
• Existence checks to know if scheme members are still living as stated, have relocated, or are deceased
• Tracing of inactive and lost scheme members, including next of kin

Personal details

• Date of birth
• Sex and/or gender
• Family circumstances (e.g. details about your current marriage or partnerships, marital history, family and dependants)
• Visual images and personal appearance
• Financial details (e.g. income and salary)
• Health details
• Employment details (e.g. job title, pensionable pay, length of service, employment and career history)

• Marketing
• Analysis and profiling
• Product underwriting, pricing and reinsurance
• Preventing and investigating misrepresentation and potential fraud
• Existence checks to know if scheme members are still living as stated, have relocated, or are deceased
• Tracing of inactive and lost scheme members, including next of kin

Vulnerability details

• Capability and capacity
• Financial circumstances
• Life events
• Health details

• Ensuring accessibility
• Servicing your products
• Making sure our products and services meet our customers’ needs

Transactional

• Bank account details
• How you use your products
• Changes you make to your products or account

• Processing and payment of pension benefits
• Ensuring accessibility
• Servicing your products
• Making sure our products and services are fit for purpose

Technical

• Details on the devices and technology you use

• Making sure our products and services are fit for purpose

Open data and public records

• Electoral register
• Other information about you that is openly available on the internet (including social media platforms)

• Product and service administration including processing claims
• Identification and verification
• Prevention of financial crime

Documentary data and other identifiers

• Details about you that are stored in identity documents (e.g. passport, driving licence and birth certificate)
• National Insurance number

• Identification and verification
• Prevention of financial crime

Where do we get your information from?

We obtain your personal information from the following sources:

  • The scheme, trustee, or other third party acting on behalf of the scheme or trustee (e.g. pension administrator, benefit consultant or professional adviser).
  • Insurance providers who use L&G to reinsure their own PRT services.
  • Directly from you – information you provide when you fill in forms or contact us by phone, email, etc: This could include information you provide to us electronically (through our website or an online portal, for example). We may record phone calls for our mutual protection and to improve our customer service standards.
  • Information we collect about you or receive from other sources:
  • Information from a third party (e.g. data verification and tracing agencies and fraud prevention agencies).
  • Information from publicly available sources such as social media platforms or the electoral register.
  • Information we get from your online browsing activity: We use cookies and similar technologies to support the functioning of our websites and applications. This includes allowing you to browse between pages effectively, recording and storing your preferences and generally improving your online experience. They can also help to ensure that adverts you see online are more relevant to you. You can find more information about setting your cookie preferences by using the “Cookie Policy” link at the bottom of our websites e.g. legalandgeneral.com.

How do we use your information?

When we receive your personal information, we will use, analyse, store and keep it for a number of purposes, including the following:

  • To provide quotes for either removing risk from the scheme under buy-in and buyout agreements or providing reinsurance for another insurance provider.
  • To administer and support buy-in and buyout insurance contracts that the trustee may buy or has bought from us to protect scheme member benefits or provide reinsurance benefits (including resolving and responding to complaints and checking for false or inaccurate information).
  • To make sure that we accurately pay the correct benefits and claims to the appropriate scheme members in connection with buy-in and buyout insurance contracts or reinsurance benefits.
  • To carry out the obligations we have under our contract with you, or the trustee, to provide you with the options available to you.
  • To provide you with the information, products and services that you have asked from us, and to tell you about changes to our products and services.
  • To provide you with a level of care that meets any different or additional needs you have, or may have, because of characteristics relating to your health, resilience, capability, or other life events.
  • To provide you with marketing information about services and products we offer across the L&G Group which may be of interest to you. Please refer to “Legitimate interests” below for further information.
  • To comply with any applicable legal or regulatory requirements (including “know your customer” checks, or to comply with any applicable regulatory and financial reporting or disclosure requirements).
  • To carry out market research, statistical analysis and customer profiling to help us develop and improve our processes, products and services, and generate new business opportunities (e.g. to understand digital behaviours, identify financial attitudes and develop more engaging communications). These activities are also used to define our actuarial, pricing and underwriting risk strategies, which can include creating a database of the social and economic characteristics of scheme members.
  • To maintain the accuracy and consistency of your information for all your products across the L&G Group.
  • To run our business in an efficient and proper way. This includes testing our systems, managing our financial position, business capability, planning, communications, corporate governance, quality assurance and audit.

In some cases, we may use computer software or systems to make automated decisions (including profiling) based on the personal information we hold or collect from others. These may include:

  • The prevention and detection of fraud and financial crime: To perform transaction monitoring, identity verification, and money laundering and sanctions checks to identify if any person is involved in financing crime or terrorism, and to identify politically exposed persons (PEPs) who present a higher risk for potential involvement in bribery and corruption because of their position. We are required by law to perform these activities which may be achieved using solely automated means to make decisions about you or any individual related to your pension benefits. We may use these activities to decline insuring your pension, or to stop providing existing services to you or the beneficiaries of your pension benefits.
  • Production of new buy-in and buyout quotes and management of scheme risks: We will automatically process your information along with information about the other members of the scheme to help us analyse and predict certain aspects concerning the health of scheme members. We use these activities to price the cost of insuring some or all of the scheme liabilities that are paid by the trustee, and to help us manage the ongoing scheme risks or reinsurance contract. For example, to set mortality assumptions (rates of death) for specific schemes, and to report on longevity risks (risks relating to how much longer people live) and related demographic risks (risks relating to the social and economic characteristics of a population, such as age, gender, postcode, income level, marital status, occupation and so on). These automated activities rely on human oversight to interpret the results for commercial and strategic decision making. There are no wholly automated decisions which directly impact you or your pension benefits.
  • Artificial Intelligence: We use artificial intelligence (AI) to summarise long, technical or complex documents to improve administration activities across our business areas (e.g. to help produce new buy-in and buyout quotes or assist our customer service teams). This may include using your personal information to help train the AI but this will not result in any wholly automated decisions being applied against you. The AI output is verified for truthfulness and only used to support human actions which do not directly impact you or your pension benefits.
  • Servicing activities such as (i) personalising the content and design of communications and online services (e.g. My Account) and (ii) determining when to provide tailored communications about your L&G products (e.g. as a result of changes in your personal circumstances or lifestyle) and the appropriate channels to use. These may be achieved using profiling in order to predict certain characteristics about you (e.g. your economic situation, interests, personal preferences or transactional behaviour). The activities will not have a detrimental effect on you.

Using your information in accordance with data protection laws

Data protection laws require us to meet certain conditions before we are allowed to use your personal information in the way we describe in this privacy notice. We take these responsibilities extremely seriously. To use your personal information, we will rely on the following conditions depending on the activities we are carrying out:

  • Providing services needed to honour our contracts with you: We will process your personal information to carry out our responsibilities resulting from any agreements you have entered into with us and to provide you with the information, products and services you have asked for from us, which may include online services. This condition is used to administer and support your L&G policy as part of a buyout agreement, where we have taken over responsibility for your pension benefits from the trustee.
  • Complying with applicable laws: We may process your personal information to comply with any legal obligations that apply to us.
  • Consent: Where you have consented, we will contact third parties to obtain or share information on your behalf. We may also provide you with the opportunity to consent to certain optional processes, such as responding to surveys or participating in focus groups.
  • Legitimate interests: To use your personal information for any other purpose described in this privacy notice, we will rely on a condition known as "legitimate interests". This means it must be in our legitimate interests to process your personal information as it gives us the information we need to allow us to deal with the risks we face and to provide our services to you or the trustee more effectively. To use legitimate interests, we must carry out an assessment of our interests in using your personal information against the interests you have as a citizen and the rights you have under data protection laws. The outcome of this assessment will determine whether we can rely on legitimate interests in order to process your personal information. We will always act reasonably and give full and proper consideration to your interests in carrying out this assessment. We may use this condition to:
  • Administer and support the insurance of your pension benefits as part of a buy-in agreement, where the trustee is still responsible for your pension benefits.
  • Carry out market research and product development, which can include creating customer demographics and/or profiling.
  • Develop and test the effectiveness of marketing activities.
  • Develop, test and manage our brands, products and services.
  • On occasion, send a card or small gift to our customers in recognition of their particular circumstances.
  • Analyse and manage how our customers use products and services from us and our business partners, including through customer surveys.
  • Share your personal information with the scheme and/or trustee after the scheme has move to buyout so they can meet their legal and regulatory responsibilities.
  • Send you marketing information by post to provide you with information about products and services that may interest you. We will only send you marketing information if you have become an L&G policyholder as part of a buyout agreement. We will not send you marketing information if your pension benefits are insured under a buy-in agreement. Your information will never be given to a third party for the purposes of them sending you marketing information.

If you have become an L&G policyholder as part of a buyout agreement, you can opt out of receiving marketing information by phoning our Defined Benefits Retirements Team on 03450 778 778 or email them at dbretirements@landg.com.

  • Special category data: We may process health and sexual orientation information that you, the scheme or trustees have provided. We will only process data that is needed for specific purposes, such as insuring your
    pension benefits and to provide you with a level of care that meets your needs.
  • Health information: This relates to the “ill health early retirement” indicator which reveals that a scheme member has retired early due to  illness but does not contain any information about the physical or mental health conditions of the member. This information is provided to us by the scheme or trustee and we use it to price the cost of insuring new schemes. We will only process information about your physical or mental health conditions if you need to apply for early retirement on grounds of ill health and you provide this information to us when making a claim, or to provide you with a level of care that meets any different or additional needs you have (e.g. physical disability, hearing or visual impairment, etc).
  • Sexual orientation: We do not process any information which directly identifies your sexual orientation but the sex or gender of you and your spouse or civil partner may indirectly reveal your sexual orientation.This information does not influence our processing activities and is not used to make a decision about, or take measures against, you or your spouse or civil partner.

The conditions we use to process special category data will be either vital interests, substantial public interest in accordance with applicable law, or by obtaining your explicit consent. We may also use the archiving, research and statistics condition to process this type of data for research and statistical analysis.

  • Criminal offence data: Where necessary to meet our legal obligations, we may process this type of information for the prevention and detection of fraud and financial crime as detailed in this privacy notice.

Please be aware that the personal information provided to us, and which we collect about you, is required for us to be able to provide our PRT services and without it we may not be able to do so.

How long do we keep your information for?

We keep your personal information in line with our internal retention policies. We decide on the length of time the information is kept for based on the minimum retention periods required by law or regulation. We will only keep your personal information after this period if there is a legitimate and provable business reason to do so.

For business that is not taken up by the trustee, we will normally delete or anonymise (so that it can no longer be identified as being about you) all personal information provided for the purpose of providing a quote no later than eighteen months after the date on which we are told that the quote was not taken up or acted on by the trustee.

For business that is taken up by the trustee, we may keep your personal information indefinitely using the legitimate interests condition to help us deal with any enquires we receive in the future from you or your financial adviser, your family or beneficiaries, or our regulators.

For certain research and statistical activities, we may also keep limited personal information about you indefinitely, including health information, to define our actuarial, underwriting and pricing risk strategies only. We will not use this information to make a decision about, or take measures against, you.

Occasionally, it may be impossible to delete data, due to technical limitations. In these cases, we will take steps to put the data beyond use. This means that your data will not be accessed or shared and your rights and freedoms will not be affected.

Who do we share your personal information with?

We will only disclose your information to:

  • Other companies within the L&G Group, third-party suppliers, contractors and service providers for the purposes listed under “How do we use your information” above.
  • The scheme and trustee to manage and insure pension scheme risks and retirement payment liabilities.
  • Reinsurers that we use to insure some of the risks relating to the scheme. Reinsurers provide insurance for insurance companies and you can find a list of our reinsurers, and links to their privacy notices, on our website here: legalandgeneral.com/privacy-policy/consent-controllers. Reinsurers may also share your personal information with retrocessionaires who provide reinsurance for reinsurers, as detailed in their privacy notices.
  • Data verification and tracing agencies, to make sure we hold your most up-to-date address before we post anything to you. We additionally use these agencies to check that scheme members are still alive, and to trace inactive and lost members including next of kin who may be entitled to receive death benefits from the scheme. We may also share scheme member information with these agencies to perform screening and data checks for identity verification, money laundering and sanctions checks, and to identify politically exposed persons (PEPs).
  • Our regulators, government agencies (e.g. HMRC), law enforcement agencies, fraud prevention agencies, as well as our professional advisers etc.
  • Third parties instructed by the scheme or trustee, such as external auditors.
  • Selected third parties, so that they can contact you with details of the services that they provide, where you have consented to the disclosure of your personal data for these purposes (e.g. to benefit from the help of a charity or specialist support services).


Additionally, we may disclose your personal information to third parties:

  • In the event that we sell or buy any business or assets, in which case we will disclose your personal data to the prospective seller or buyer of such business or assets.
  • If you have been dealing with a financial adviser, with your permission we will provide information about your products and, where appropriate, other information about your dealings with us, to enable the adviser to give you informed advice.
  • In order to enforce or apply the terms of any contract with you.
  • To protect you and us from financial crime, we may be required to verify the identity of new and sometimes existing customers. This may be achieved by using credit reference agencies to search sources of information relating to you (an identity search). If this fails, we may need to approach you to obtain documentary evidence of identity. The checks will not affect your credit rating but your credit record may show that a search has been made (sometimes referred to as a soft footprint).

Fraud prevention

The personal information we collect from you may be shared with fraud prevention agencies who will use it to prevent fraud and money laundering and to verify your identity.

If we identify that false or inaccurate information has been provided and fraud is identified, we will pass your personal information to fraud prevention agencies. Law enforcement agencies may access and use this information. We may also share information about you with other organisations and public bodies, including the police and we may check and/or file your details with fraud prevention agencies and databases.

If fraud is detected, you could be refused certain services, finance or employment. Further details of how your information will be used by us and these fraud prevention agencies can be found by accessing these links:

CIFAS - cifas.org.uk/fpn
National Hunter - nhunter.co.uk/privacypolicy

We and other organisations may also access and use this information to prevent fraud and money laundering, for example, when:

  • Checking details on applications for credit and credit related or other facilities.
  • Managing credit and credit related accounts or facilities.
  • Recovering debt.
  • Checking details on proposals and claims for all types of insurance.
  • Checking sources of income and tax details.

We and other organisations may access and use the information recorded by fraud prevention agencies. Please contact our Group Financial Crime department if you wish to receive the relevant details of the fraud prevention agencies:

Email: financial.crime@landg.com

Address: Legal & General Group Financial Crime, Four Central Square, Cardiff CF10 1FS

We may also check the details of other parties related to your contract, including verification of identity. This includes beneficiaries, trustees, settlors, third party premium payers, executors or administrators of your estate, parties with power of attorney and any other beneficial owner.

Protecting your data outside the UK

The data that we collect from you may be transferred to, and stored at, a destination outside the UK to third-party suppliers, delegates or agents. We will take all reasonably necessary steps to make sure that your data is treated securely and in accordance with this privacy notice, to ensure your personal information is handled with the same protections that we apply ourselves.

We will only transfer your data to a recipient outside the UK where we are permitted to do so by law (for instance, (a) where the transfer is based on standard data protection clauses adopted or approved by the UK’s Information Commissioner’s Office, (b) where the transfer is to a territory that is deemed “adequate” by the UK, or (c) where the recipient is subject to an approved certification mechanism and the personal information is subject to appropriate safeguards, etc).

Your rights

You have rights under data protection laws that relate to the way we process your personal data. More information on these rights can be found on the Information Commissioner’s website. If you want to use any of these rights, please contact our Defined Benefits Retirements Team using the information in “Contacts and complaints” below.

1.

The right to be informed about how we process your personal information.
This right is met by the provision of this document.

2.

The right to access the personal data that we hold about you.
For health data that we have obtained from a health professional, we may need to seek their opinion before releasing the information to you. This is a legal requirement to ensure that the disclosure of the health data will not seriously harm you or anyone else.

3. 

The right to make us correct any inaccurate personal data we hold about you.

4.

The right to make us erase any personal data we hold about you.
This right will only apply if, for example:

  • We no longer need to use the personal data to achieve the purpose we collected it for
  • You withdraw your consent if we are using your personal data based on that consent
  • Where you object to the way we use your data, and there is no overriding legitimate interest

5.

The right to restrict our processing of the personal data we hold about you.
This right will only apply if, for example:

  • You dispute the accuracy of the personal data we hold
  • You would like your data erased, but we need to hold it in order to stop its processing
  • You have the right to require us to erase the personal data but you would prefer that our processing is restricted instead
  • Where we no longer need to use the personal data to achieve the purpose we collected it for, but you need the data for legal claims.

6.

The right to object to our processing of personal data we hold about you (including for the purposes of sending marketing materials to you or using your personal information for profiling purposes).

7.

The right to receive personal data, which you have provided to us, in a structured, commonly used and machine-readable format.
You also have the right to make us transfer this personal data to another organisation

8.

The right to withdraw your consent.
This only applies where we are relying on your consent in order to use your personal data.

9.

For automated decisions (including profiling), you have the right to:

  • Obtain an explanation of the decision and challenge it
  • Request for the decision to be reviewed by a person (not a computer)

Contacts and complaints

If you have any questions about this privacy notice or wish to exercise any of your rights, including opting out of receiving marketing information, please phone our Defined Benefits Retirements Team on 03450 778 778 or email them at dbretirements@landg.com. Or, you can also use the relevant Contact Us section of our website.

If you have any concerns about the way we process your personal information, or are not happy with the way we have handled a request in relation to your rights, you also have the right to make a complaint to the Information Commissioner’s Office:

Phone: 0303 123 1113

Website: ico.org.uk/for-the-public/i-m-worried-about-how-an-organisation-has-handled-my-information

Address: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF

Data Protection Officer

We have appointed a Data Protection Officer to provide independent expert advice and monitor compliance with data protection laws:

Name: Liz Bradley

Email: data.protection@landg.com

Address: Legal & General, 1 Coleman Street, London EC2R 5AA

 

Legal & General Assurance Society Limited. Registered in England and Wales No. 00166055. Registered office: One Coleman Street, London EC2R 5AA. We are authorised by the Prudential Regulation Authority and regulated by the Financial Conduct Authority and the Prudential Regulation Authority.