Getting ready for the GDPR – Governance and contractual requirements


This checklist, the second in our series, sets out key questions and actions that trustees of occupational pension schemes should be addressing now in order to help ensure that their governance and contractual requirements (and those of their providers and advisers) are up to GDPR scratch. It may also be of use to employers and in-house teams holding scheme membership data.

In this edition, we cover the following:

  • Key governance obligations
  • DPOs and DPIAs
  • Trustees’ policies and procedures
  • Contractual requirements between data controllers
  • Contractual requirements between data controllers and processors
  • Summary

For more information

Helen Baker

+ 44 (0)20 7615 9510

Pauline Sibbit

+ 44 (0)20 7615 9556

7 Days

7 Days

Weekly pensions digest

Sign up

Sign up

For our free publications and updates


Pensions Essentials

Pensions Glossary

Cross-Border Schemes: Basics More

Case Summaries

South Tyneside Metropolitan Borough Council, R (on the application of) v Lord Chancellor and Secretary of State for Justice & another (High Court) - 14 December 2007 More

Commonly used abbreviations in pensions