Falcon Trustees LLP privacy notice

This privacy notice tells you what to expect us to do with your personal information.

Contact details

Email: enquiries@falcontrustees.co.uk

Important information

As a professional pension trustee firm, we recognise the importance of safeguarding confidential client and scheme member information.  We are committed to protecting the privacy and security of your Personal Data in compliance with Data Protection Legislation.

“Data Protection Legislation” means all applicable data protection and privacy legislation in force from time to time in the UK including, to the extent the EU GDPR applies, the General Data Protection Regulation ((EU) 2016/679); to the extent the UK GDPR applies, the law of the United Kingdom or of a part of the United Kingdom, which relates to the protection of personal data, including the Data Protection Act 2018; any other legislation relating to personal data and all other legislation and regulatory requirements in force from time to time which applies to us relating to the use of Personal Data.

For the purposes of this statement, the term “Personal Data” means personal data and sensitive personal data.

Falcon Trustees, we,” “our,” or “us” means Falcon Trustees LLP.

Why we collect your Personal Data

If you are an individual or part of an organisation that we deal with in our capacity as a supplier of professional trustee services (or in relation to any ancillary or additional services), we may act as Data Controller and/or Data Processor in relation to the handling of your Personal Data.

As Data Controller, we determine how your Personal Data is processed and for what purpose. We are legally responsible for ensuring our systems, processes, suppliers and people comply with data protection laws in relation to the personal information we handle. This will include where we collect your Personal Data for processing enquiries or engaging you as a client.

As Data Processer, we may process Personal Data on behalf of a Data Controller, in which case we will process Personal Data on the instruction of the Data Controller.

What Data We Collect

We may collect and process the following data:

A. When you use our website and make an enquiry or send us an email

  • Name, email address, phone number, and other details provided in contact forms or email
  • Technical data, IP addresses, browser type and version, time zone setting and location and other technology on the device(s) you use to access our website
  • Any additional information voluntarily submitted in an enquiry or by email

B. When acting as a trustee or director of a trustee company for pension schemes

  • Pension scheme data, including member names, address, date of birth, national insurance details, marital status, scheme details, and beneficiary information and, potentially, salary information, memberships dates, contributions to your pension scheme and medical history
  • Communications related to scheme governance, compliance, and regulatory matters
  • Financial or legal documentation relevant to pension scheme management

How we use your data

We process Personal Data for the following purposes:

  • To respond to enquiries submitted through our website or by email
  • To provide professional trustee services in accordance with pension scheme governance
  • To comply with regulatory and legal obligations, including reporting to regulators and law enforcement if required
  • To communicate with pension scheme members, sponsors and advisers
  • To send updates and insights (only if you opt-in)
  • To improve our services based on analytics and feedback

Legal basis for processing

We rely on the following legal grounds for processing Personal Data:

  • Performance of a Contract – to fulfil our contractual obligations with you
  • Legitimate Interest – Responding to enquiries, managing pension schemes, and ensuring compliance with trustee duties
  • Legal Obligation – Compliance with The Pensions Regulator (TPR), HMRC, and other regulatory requirements
  • Consent – Where required for direct marketing communications (only when explicitly opted-in)

Who we share your data with

We do not sell Personal Data. However, we may share it with:

  • Regulatory Authorities – Such as The Pensions Regulator (TPR) or HMRC where legally required
  • Professional Advisers – Including legal, actuarial, and financial consultants assisting in pension scheme governance
  • Service Providers – Website hosting, email platforms, and IT security providers ensuring secure data handling
  • Insurers – so that we can ensure that your pension scheme benefits are provided in the most secure and effective way

We do not transfer your Personal Data outside of the UK.

We ensure all third parties follow strict confidentiality and data protection obligations.

How long we keep your data

  • Data provided as part of an enquiry or by email: Will be retained unless you request deletion.
  • Pension scheme data: Retained as per regulatory and fiduciary requirements, typically for seven years after the client relationship ends. Where we no longer require your information, we will retain it for a period of time which reasonably allows us to comply with our legal and regulatory obligations or if retention is advisable in light of our legal position.
  • Marketing data: Retained until you opt out.

Your rights under UK GDPR

You have the right to:

  • Make a subject access request for free
  • Make a subject access request to verify the lawfulness of the processing we are carrying out
  • Request corrections to inaccurate data
  • Request deletion of Personal Data (subject to legal obligations)
  • In certain circumstances, object to processing of your Personal Data where we do so for the purposes of our legitimate interests
  • Withdraw consent for marketing at any time
  • In certain circumstances, to request that we delete your personal information
  • Complain to the supervisory authority whose contact details are set out below

To exercise your rights, email us at enquiries@falcontrustees.co.uk

We try to respond to all legitimate requests within one month. Occasionally it could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

Data security & protection

We apply industry-standard security measures to protect Personal Data, including:

  • Encryption for sensitive information
  • Access controls to restrict data handling to authorised personnel only

We have put in place appropriate security measures to prevent your Personal Data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your Personal Data to those agents, contractors and other third parties who have a business need to know. They will only process your Personal Data on our instructions and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected Personal Data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

Changes to this policy

We keep our privacy policy under regular review.

It is important that the Personal Data we hold about you is accurate and current. Please keep us informed if your Personal Data changes during your relationship with us, for example a new address or email address.

How to complain

If you have any concerns about our use of your Personal Data, you can raise a query or make a complaint to us using the contact details at the top of this privacy notice.
If you remain unhappy with how we’ve used your data after raising a complaint with us, you can also complain to the ICO.
The ICO’s address:

Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Helpline number: 0303 123 1113
Website: https://www.ico.org.uk/make-a-complaint