The recent correspondence about trustees of pension funds points to the fact
that the trustees are data controllers. This follows from the definition of
data controller – 'a person who determines the purposes for which and the manner
in which any personal data are, or are to be, processed'.
It follows that an HR department which processes data for the trustees is a data
processor.
The logical conclusion of this is that there ought to be a contract between the
trustees of a pension fund and the HR department in these circumstances. Has
anyone taken this step?
John Gaunt
Senior Assistant Secretary
University of Sussex, Sussex House, Falmer, Brighton BN1 9RH
Tel 01273 678427 (internal 8427)
Email [log in to unmask]
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
www.jiscmail.ac.uk/user-manual/summary-user-commands.htm
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|