Skip to main content Skip to footer

Managing your employer contacts

All employers must complete and keep up to date a main contact registration form and authorised employer and/or payroll user list if applicable. You can read our notes and download forms here.

As part of our terms and conditions, all employers must complete and keep up to date a main contact registration form and authorised employer and/or payroll user list if applicable. You should read read our terms and conditions.

Whilst we are happy for employers to nominate a third party payroll provider, the employer is ultimately responsible for ensuring that all main contacts are kept up to date and that record maintenance, monthly returns, contributions, etc are submitted to us in a timely fashion.

People on the main contact registration form and authorised users lists must also sign a secure administration user agreement before they can be given a username and password for our online secure administration facility.

All forms and user agreements must be signed with a signature. Electronic images of a signature are acceptable; we cannot accept typed names as a signature.

Everyone nominated on the main contract registration form or authorised user lists has the same level of access to our secure system and can view the same data.

Keep your contact list up-to-date!

It’s essential that you keep contacts up-to-date. If someone with a login leaves your organisation or payroll provider, please tell us immediately so that we can protect your data and remove their permissions to see all of your online records.

Main contacts

You need to nominate main contacts who will be responsible for the areas of work outlined below.

You can nominate a different person for each contact or a mix of people. Your payroll or HR provider can act as your administration and/or finance contact. But your strategic contact must be someone from within your organisation.

Strategic contact

The person with overall responsibility at the employer. We will consult with them on changes in regulations, policies and strategies (discretion policies and funding strategy statements etc), deal with the internal disputes resolution procedure (IDRP) and the tri-annual valuation.

Administration contact

Deals with general day-to-day administration and queries relating to members’ records, provides notification of leavers, retirements, contractual hour changes, etc.

Finance contact (contact for monthly returns)

Responsible for submitting monthly returns and member contributions. We contact them with queries relating to information given on the returns and send notification to them of exception reports.

Third party payroll provider

If your payroll provider is not the administration or finance contact, then we need details of a responsible person at that organisation. Your payroll provider contact will have your authority to nominate other members of staff at the provider to be given logins to our secure site to administer pensions on your behalf.

Additional authorised users

You can add additional contacts to the ones on the main contact registration form.

The authorised employer user list allows you to nominate staff members at your organisation.

The authorised payroll user list allows their nominated main contact to authorise additional staff members. The main payroll contact is responsible for maintaining that list and informing us if staff leave and no longer need a login.

People on the lists will be given a secure administration username and password. This will allow them to access and submit data via the Civica employer portal, and to submit monthly returns on the combined monthly return and remittance advice.

Changing your contacts

When you change a main contact, please complete a new main contact registration form. This will then need re-signing by all the main contacts.

Your nominated payroll contact can update and sign the authorised payroll user list.

We only use the latest forms when we update contacts and previous versions are archived.

1 Information security
When accessing the facility the user is responsible for the security of the information they access and distribute. Information is an asset which, like other important business assets, has value to an organisation and consequently needs to be suitably protected. Information can exist in many forms. It can be printed or written on paper, stored electronically, transmitted by post, shared verbally or using electronic means. Whatever form the information takes, or means by which it is shared or stored, it should always be appropriately protected. Information Security can be defined as protecting confidentiality, integrity and availability of data and information.

Confidentiality: Access to information is confined only to those with specified authority to view that data

Integrity: Safeguarding the accuracy and completeness of information by protecting against unauthorised changes or deletions, whether deliberate or accidental.

Availability: Information is delivered in a controlled fashion to the right person, when it is needed.

Where a breach of information security either accidental or deliberate has caused loss or damage to the information held, including the disclosure of information to someone not authorised to see it should be reported to Yunus Gajra (Business Development Manager) via e-mail at: yunus.gajra@wypf.org.uk as soon as practical following the event.

2 Data protection
The Data Protection Act controls how personal information is used by organisations, businesses or the government. Every who is responsible for using data has to follow strict rules called the “data protection principles”.

They must make sure the information is:

Used fairly and lawfully
Used for limited, specifically stated purposes
Used in a way that is adequate, relevant and not excessive
Accurate
Kept for no longer than is absolutely necessary
Handled according to people’s data protection rights
Kept safe and secure
Not transferred outside the UK without adequate protection
The user needs to understand their responsibilities in complying with the Data Protection Act 1998 (the Act) and all users must be aware of the potentially far-reaching effects of this legislation and should ensure that they are aware of the legislation that affects them at work. The Data Protection Act is part of this. The user should know that they are operating in a legal framework i.e that the data they work with is notified; they should generally know who they can and cannot disclose information to.

The user should be aware that members have the right of Subject Access and must only record information which is properly expressed and accurate. Gossip, innuendo and rumour must be avoided.

3 Registering for an account
WYPF will issue a login name and password upon request from the employer. To obtain a login name someone from your organisation must complete the Main Contacts Registration Form and each nominated user must complete the Secure administration agreement. Each user must log on to the Civica Employer Portal immediately using their unique username and password and change their password. Passwords should comply with the information set out in the"passwords for controlled access" section.

4 Cancelling your account
The user must inform WYPF when they are leaving or no longer require access to the secure administration facility. Where the user is unable to notify WYPF it is the responsibility of the main contacts at the employer to send the notification. Accounts should be deactivated as soon as possible after it is known that the account is no longer required.

5 Passwords for controlled access
The user must change their password immediately if they think that it has been compromised and should routinely change their password every 60 days, even if the system does not force them to change their password.

Passwords must meet the following minimum standard:

Password length of 8 characters or more
Contain characters from at least three of the following four categories:
Upper case characters (A…Z)
Lower case characters (a…z)
Numbers (0…9)
Special characters (eg. !,@,$,*)
Must not contain all or part of your user name
Do not reuse the same password within 20 password changes

5.1 Avoid common password pitfalls
Cyber criminals use sophisticated tools that can rapidly decipher passwords.

Avoid creating passwords that use:

Dictionary words in any language.
Words spelled backwards, common misspellings, and abbreviations.
Sequences or repeated characters. Examples: 12345678, 222222, abcdefg, or adjacent letters on your keyboard (qwerty).
Personal information. The users name, birthday, driver's license, passport number, or similar information.
5.2 Protecting Passwords
It is of utmost importance that the user protects their password at all times:

Never reveal their passwords to anyone.
Never use the 'remember password' function.
Never write their passwords down or store them where they are open to discovery or theft.
Never store their passwords in a computer system without encryption.
Do not use the same password to access different systems.
Do not use the same password for systems inside and outside of work.
5.3 Changing Passwords
All user passwords must be changed at a maximum of every 60 days, or whenever a system prompts the user to change it. If the user is given a new password for a new system or following a password re-set, they must change it immediately so that they know no one else knows it. If they become aware, or suspect, that their password has become known to someone else, they must change it immediately and report it to the helpdesk immediately.

6 Availability
WYPF will use all reasonable endeavours to ensure that this facility is fully operational at all times and that transmissions will be error-free. However, access to this facility may be interrupted or restricted by us at any time in order to allow for emergency or routine repairs or maintenance to be carried out or for the introduction of new facilities or services. We will attempt to limit the frequency and duration of any such suspension or restriction.

We will do our best to correct any errors and omissions as quickly as is practicable after being notified of them.

While we shall use our best endeavours to try and ensure at all times that this facility shall be free from any viruses or contaminating or destructive properties, WYPF does not make any warranty that this facility is free from infection by viruses or anything else that has contaminating or destructive properties, and the user should ensure that they have appropriate and adequate safeguards in place on their own computer to detect such viruses or contamination or destructive properties.

7. Copyright
The site, the layout, design, structure and all its content are the property of WYPF.

Written permission should be requested and obtained beforehand for any commercial use by emailing us at wypf@bradford.gov.uk

Some of the website is the intellectual property of Civica plc.

8. Accessibility
WYPF is committed to ensuring that this facility is accessible to the widest possible range of people. We endeavour to continually assist users to access the facility in accordance with the Disability Discrimination Act 1995. If the users has any questions or suggestions regarding the accessibility of this facility, or if they have difficulty using any part of it, please contact us on telephone number 01274 434999 or email pensions@wypf.org.uk

9. Revision of terms and conditions
WYPF may at any time revise these terms and conditions without notice by posting changes online. It is the responsibility of users to review all information posted online. These changes will be effective and binding from when they appear on this site.

10. Complaints and Comments
If you have any complaints or comments about our website please contact us as at:

WYPF
PO Box 67
Bradford BD1 1UP
E-mail: pensions@wypf.org.uk
Phone: 01274 434999

11. Disclaimer
Whilst every care has been taken to ensure the accuracy of the information on this facility we cannot guarantee that inaccuracies will not occur. No responsibility will be assumed by WYPF for any direct or consequential loss, financial or otherwise, damage or inconvenience, or any other obligation or liability incurred by users of the facility.

The information on this facility is for general use only and does not cover every personal circumstance. If there is any disagreement over pension benefits due under the Local Government Pension Scheme, the appropriate legislation will apply. This facilty does not give the user or their members any contractual or legal rights, and is provided for information purposes only.

WYPF reserves the right to make changes to this facility without notice. In no event shall WYPF be liable for damages arising out of or related to the information contained within pages on this facility.

Main contact registration form
Form for employers to nominate their main users

Authorised employer user list
Form for employers to nominate additional users

Authorised payroll user list
Form for employers to nominate additional users at payroll providers

Secure administration – user agreement
Agreement that must be signed by a user in order to obtain a personal username and password