Getting ready for the GDPR

Assessing pension scheme data – the questions trustees need to ask


With under 12 months to go until the General Data Protection Regulation (GDPR) comes into force on 25 May 2018, the clock is ticking loudly for all organisations holding and processing personal data relating to individuals.

This checklist (PDF), the first in a series, sets out key questions and actions that trustees of occupational pension schemes should be addressing now to assess the personal data they hold.

In this briefing:

  • Data protection principles
  • Lawful basis for processing
  • New consent requirements
  • Children’s personal data
  • Sensitive personal data
  • Key GDPR changes.

Trustees can complete the information themselves or, for assistance, please get in touch with your usual Sackers contact or a member of our data protection team at:

To view this publication, please complete the form below:



For more information

Helen Baker

+ 44 (0)20 7615 9510

Naomi Brown

+ 44 (0)20 7615 9513

7 Days

7 Days

Weekly pensions digest

Sign up

Sign up

For our free publications and updates


Pensions Essentials

Pensions Glossary

Consultation: Procedure More

Case Summaries

Heyday - The Incorporated Trustees of the National Council on Ageing (Age Concern England) v Secretary of State for Business, Enterprise and Regulatory Reform (European Court of Justice) - 5 March 2009 More

Commonly used abbreviations in pensions