The Taskforce on Social Factors (the “TSF”, “we” or “our”) is committed to ensuring the confidentiality and security of your personal information and acting in accordance with your rights under applicable data protection law, including the EU General Data Protection Regulation and the UK General Data Protection Regulation.
Information we collect
We may collect personal information from you which may include:
- name, organisation, job title, address (work or home), date of birth, gender, email address (work or personal);
- contact numbers (which may include your work number, work mobile number, or personal mobile number and home number); and
- other information in the event we have legal obligations to collect the same, for instance to comply with regulatory requirements.
We may obtain information about in the following ways:
- Information you give us directly: For example, we may obtain information about you when you provide inputs on the TSF guide for consultation with the UK pensions industry as available on this website;
We may also collect general information such as the pages you access, the date and time of your visit, your IP address, cookie identifiers, and the domain name and country from which you access this website.
How we use your information
We may use your information for the following purposes:
- providing you with the services or information you asked for;
- processing requests you have submitted;
- keeping a record of your relationship with us;
- conducting analysis and market research so we can understand how we can improve this website or materials published on the website;
- seeking your views or comments on the website or materials published on this website;
- notifying you of changes to this website or materials published on this website;
- sending you communications which you have requested and/or to inform you about products or services you may be interested in, to manage our relationship with you, and to provide you with thought leadership, economic updates and similar publications; and
- complying with applicable legal requirements under business, financial and employment legislation, e.g. (i) client or counterparty identification for the purposes of meeting anti-money laundering obligations, or (ii) authorised signatory verification to meet our obligations on preventing financial crime.
Grounds for processing
We consider that our use of your information as described above is permitted by applicable data protection law because it is:
- necessary for our or others’ legitimate interests in pursuing the purposes set out in (a) to (h) above, such interests in each case not being overridden by your privacy interests; or
- necessary to comply with a legal obligation to which we are subject.
Disclosure of your information
We may disclose personal information to the following third parties:
- Members of the TSF – we may share personal information in certain circumstances with members of the TSF so that the TSF can collaborate in collecting, reviewing and benefiting from any inputs provided;
- Our service providers – we may share personal information with our service providers who assist us in performing our functions and services. These service providers may include organisations that provide insurance and insurance broking, personnel, archival, mail and delivery, auditing, professional advisory (financial, legal, tax and management consulting), banking, security or technology services; and
- Other organisations - If we are required to by law, under any code of practice by which we are bound or where we are asked to do so by a public or regulatory authority or governmental entity or where we think this is necessary, for example to meet our legitimate interests in protecting our business, including from fraud and legal claims.
We also use ‘cookies’, which are small amounts of information stored on your computer’s hard drive that allow us to recognise your computer when you visit the site. Most browsers can be configured so as not to accept cookies, however in some cases this may affect the functionality of the website. We set out more information on cookies in the annex to this privacy notice.
International transfers of personal information
Where applicable your personal information may be transferred outside of the United Kingdom or European Economic Area to countries that the UK Secretary of State or the EU Commission has not declared to have an adequate level of data protection. We will not send your information to a party in another country, unless we have taken steps to ensure that the information will be protected to the standard required under the applicable privacy laws.
Retention of your information
We will keep your personal information for no longer than is necessary for the purposes for which we collected it and as required in order to meet our legal or regulatory responsibilities, including complying with any required retention periods and taking into account limitation periods relevant to legal action.
We use appropriate security procedures and technology to keep your information secure and protect it from accidental loss or unauthorised disclosure.
However, users should be aware that the transmission of information to or from the website may not be totally secure. We utilise the United States NIST Cybersecurity Framework to help frame our policy and to manage and assess our controls to prevent, detect and respond to security risks.
You may have a number of rights under EU and UK data protection legislation which, in certain circumstances, you may be able to exercise in relation to the personal information we process about you.
- the right to access a copy of the personal information we hold about you;
- the right to correction of inaccurate personal information we hold about you;
- the right to restrict our use of your personal information;
- the right to be forgotten;
- the right of data portability;
- the right to object to direct marketing; and
- the right to object to our use of your personal information.
These rights are not absolute. If we do not comply with your request, we will explain why.
Where we rely on consent as the legal basis on which we process your personal information, you may also withdraw that consent at any time.
If you have any questions or wish to exercise any of the above rights, you may send an email to email@example.com
You can also use this e-mail address if you wish to make a complaint about how we process your information. You can also lodge a complaint about our processing of your personal information with the relevant data protection authority in your country of residence.
Status of this privacy notice
This privacy notice was last updated on 17 October 2023.
It may be subject to amendments, without notice. However, any material changes or additions to the processing of your personal information as described above in this privacy notice will be notified through an appropriate method. You are also advised to review this privacy notice periodically for any changes.
Cookies may be either "persistent" cookies or "session" cookies: a persistent cookie will be stored by the web browser you are using and will remain valid until its set expiry date, unless deleted by you before the expiry date. A session cookie will expire at the end of your session, when the web browser is closed. Most browsers can be configured so as not to accept cookies, however in some cases this may affect the functionality of the website.
We use the following types of cookies:
- Strictly necessary cookies. These cookies are necessary for our website to function and cannot be switched off in our systems. They include, for example, a cookie that is set for security reasons or to remember your cookie consent preferences.
- Performance / Analytics cookies. These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our website. They help us to know which pages are the most and least popular and see how visitors move around our website.
More detail on the types of cookies that we use is set out below.
- a) Google Analytics cookies
Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. These are performance/ analytics cookies.
The cookie is used to identify and distinguish users to websites. The cookie can distinguish and remember individual users upon repeated visits to the website.
The cookie is used to limit amount of website visitor requests in order to maintain website performance.
The cookie is used to distinguish users and store information of how visitors use a website and helps in creating an analytics report of how the website is performing.
- b) Azure Web App & Optimizely DXP cookies
Azure Web Apps is a cloud computing-based platform for hosting websites, created and operated by Microsoft. Optimizely DXP is a managed services provider utilizing Azure Web App technology. These are strictly necessary cookies.
This cookie is set by websites run on the Windows Azure
cloud platform. It is used for load balancing to make sure the
visitor page requests are routed to the same server in any
· Duration: Session
Strictly necessary. Speeds up page loading times and overrides any security restrictions that may be applied to a browser based on the IP address from which it comes. Persistent (1 year from creation).
Used with Microsoft Application Insights for collecting statistical usage and telemetry information. Unique anonymous session identifier cookie.
Used with Microsoft Application Insights for collecting statistical usage and telemetry information. Unique user identifier cookie for counting the number of users accessing an application over time.
Used in Azure during deployments to pin a user session to a deployment slot.
Used in Azure during deployments to route to deployment slots.
- c) Optimizely CMS cookies
Optimizely CMS is a content management system (CMS) used to manage and maintain websites. These are strictly necessary cookies.
Used for telemetry data.
· Duration: Session
Strictly necessary. Used by the Optimizely security components. Protects the user against cross-site request forgery (CSRF).
· Duration: Session
Strictly necessary. To keep users logged in for the duration of their browsing session.
Functionality-related. Stores the number of times you access pages on the site to allow personalization of content based on the frequency the site content is viewed. Used with the Number of Visits personalization criterion. This cookie is not set if you remove it from all of your visitor groups
· Duration: 1 year
Functionality-related. Indicates how session based information on the visit should be stored, using sessions or cookies.
Used by the Image Editor.
_utma, _utmb, _utmc, _utmz
Google Analytics cookies that are commonly used on Optimizely websites. These third-party cookies are used to collect information about how visitors use the website.
Functionality-related. Identifies the form submission to the site when a visitor submits data to via an Optimizely form. Stores a GUID which is the visitor identifier.
Functionality-related. Identifies the form submission made to the site when a visitor submits data via an Optimizely form. Stores a GUID as the browser ID.
Functionality-related. Stores partial form submissions so that a visitor can continue with a form submission upon return. One cookie is created for each form and each logged in visitor. Stores the current submission status of the form (formGuid, submissionID, and if submission is finalized or not).