Privacy statement

The content of this page has been translated automatically.

In order to administer your pension scheme, StiPP needs your personal data. For example, about your family situation, your salary, how many hours you work and what your account number is. We collect and use this personal data. This is referred to as "processing" in privacy legislation.

StiPP considers it very important to handle your personal data carefully and confidentially. When processing your personal data, we comply with privacy legislation, including the General Data Protection Regulation. In this privacy statement, we explain in the form of a question and answer which personal data we process and how we handle your personal data. You can also read how you can exercise certain rights with regard to your personal data. In addition, you can read more about the security and confidentiality of your personal data.

Whose personal data does StiPP process?

We only process personal data of the following persons that are relevant to our work:

  • (former) participants
  • Retired members
  • partners, ex-partners and orphans (if they are entitled to orphan's pension) of (former) members or retired members
  • employers other than legal entities, such as sole proprietorships or general partnerships
  • policymakers, members of the accountability body, key function holders and other affiliated persons of StiPP, as stipulated by the fund's Code of Conduct
  • Other rightholders

What personal data does StiPP process?

StiPP processes various categories of personal data, including special categories of personal data, such as data about your health and sensitive personal data, such as financial data and your citizen service number (BSN).

StiPP only processes personal data that is relevant to our work. This includes the following data:

  • Name, initials
  • Date of birth and death
  • Citizen service number (BSN)
  • Residential address
  • Residence
  • Address for correspondence
  • Gender
  • Relationship details: partner, ex-partner and any children (children who are entitled to orphan's pension)
  • Employment data with affiliated employer, including type of employment and salary details
  • Period(s) participation in the Basic or Plus Scheme
  • Employability data
  • IBAN (bank account number)
  • E-mail address
  • Telephone number
  • Marital status
  • Indication of conscientious objector
  • Other: personal data that you provide in correspondence and/or telephone contact and/or that we receive via the contact form.

StiPP may also process data of a criminal nature. Criminal offences that have been, or are expected to be committed on the basis of facts and circumstances, will be committed against StiPP or to ensure the integrity and security of the business operations of StiPP and the sector (such as, among others, the consolidated list of persons and organisations whose assets must be frozen on the basis of European legislation).

Why does StiPP process personal data?

Most processing is necessary to properly fulfil our legal obligations, including on the basis of pension laws and regulations.

In certain cases, we process personal data on the basis of legitimate interest. StiPP has a legitimate interest if the processing is necessary for the performance of the fund's tasks and StiPP has weighed this interest of StiPP against that of the persons whose personal data is processed. An example of this is information about your pension history.  In order to be able to invoke a legitimate interest, we have carried out a so-called 'three-step test'. From this, we have concluded that the processing of information about your pension history does not disproportionately infringe on your privacy. If you wish, you can request further information about this via privacy@stippensioen.nl.

We process your personal data for the following purposes:

  • the execution of the agreements and (pension) regulations of StiPP
  • liaising with you
  • inform you about your personal situation, with regard to the accrual of pension capital, risk insurance or payment to you as a pensioner
  • inform you about (changes in) the pension plans of StiPP or situations that arise at StiPP and are important to you
  • the business operations of StiPP
  • compliance with legal obligations to which you and/or the pension fund are subject
  • safeguarding the integrity and security of the business operations of StiPP and the pension sector

From whom does StiPP receive personal data?

We receive the personal data we need from:

  • you or your legal representative
  • the employer who is a member of StiPP
  • the Personal Records Database (BPR) / the Register of Non-Residents (RNI)
  • the Employee Insurance Agency (UWV)
  • the Tax and Customs Administration
  • the Chamber of Commerce (KvK)
  • bailiffs and other authorised bodies that manage claims against members
  • the CAK (with regard to premiums for the deduction of the Health Insurance Act (ZVW) for pensioners living outside the Netherlands and in Europe)
  • pension funds where you have previously accrued pension
  • other natural persons, institutions and organisations that you have authorised to provide data

To whom does StiPP provide personal data?

StiPP shares your personal data with various other parties if this is necessary for the administration of the pension plans and/or to comply with legal obligations.

We enter into a processing agreement with parties that process your personal data on our behalf. In this way, we ensure the same level of security and confidentiality of your data. StiPP remains responsible for these processing operations.

StiPP has outsourced the implementation of the pension administration to pension administration organisation PGGM. PGGM therefore has access to your personal data. The other parties with whom your personal data may be shared can be divided into the following categories, among others:

  • Supervisors
  • Public authorities
  • Benefit Agencies
  • Debt collection/debtor parties
  • (former) employer(s) and their authorised representatives
  • Mailing processors/printers
  • Archive storage
  • control parties for example to carry out wage checks
  • ICT database/website management and maintenance companies
  • IT security companies
  • Research parties
  • accountant/actuary firms for assurance purposes
  • Other pension administrators and social funds

Is your personal data protected by StiPP?

StiPP attaches great importance to the protection of your personal data. That is why we have taken appropriate technical and organisational measures to protect your personal data against theft, loss or other unlawful use.

On My StiPP Pension you can find an overview of your pension with StiPP. You can log in with your DigiD.

How long does StiPP keep your personal data?

Your personal data will not be kept longer than is necessary for the purpose for which they were collected or for which they are processed. We store some data for a longer period of time because we are required to do so by law, for example pension legislation and tax legislation.

What rights do you have in relation to your personal data?

You have the right to access your personal data. In addition, you have the right to change or delete your data, restrict its use, object to certain processing and to transfer your personal data.

You can view and adjust some of your data in 'My StiPP Pension'. You can also submit a request to exercise your rights in relation to your personal data using the contact details below. Before we process your request, we may ask you to provide information that we need to verify your identity. If we reject your request, we will give reasons.

Right of access
You have the right to request a copy of the personal data we hold about you. If you exercise this right, you will receive an email from us with this data and information about our use of this data.

Right to rectification
We take measures to ensure that the personal data we hold from / about you is accurate and complete. If we have processed personal data that is incorrect, you can request us digitally or in writing to update or amend your personal data.

Right to erasure of data
You have the right to request that we delete your personal data, for example when we no longer need your personal data for the purposes mentioned above. However, such a request will have to be weighed against other factors. For example, we may be under a legal obligation to retain your personal data.

Right to restriction of processing
You have the right to request that we restrict the processing of your personal data, for example if you believe that the personal data is inaccurate. The restriction then applies for the duration that we check the accuracy of your data. You can also request restriction if you believe that we no longer need your personal data for the above purposes and you object to the processing or if you would like us to hold your data in your interest. We will inform you before any restriction of processing is lifted.

Right to object
You have the right to object to the processing of personal data based on our legitimate interest. Unless we have a compelling legitimate ground for the processing, we will no longer process your personal data on the basis of this legal basis if you object.

Right to data portability and right to a human view
The GDPR also grants data subjects the right to data portability (the right 'to have data transferred') and the right to a human view when using automated individual decision-making.

The right to data portability only applies if the data processing is based on consent or on an agreement to which the data subject is a party and the processing of the personal data is automated. These conditions are not met in the processing of personal data by StiPP.

Automated decision-making involves using personal data to reach a decision without human intervention. The personal data is processed automatically. The right to a human gaze in automated individual decision-making does not apply, because StiPP does not make decisions about data subjects based on automated decision-making.

Do you have a complaint about the processing of your personal data?

If you have a complaint about the processing of your personal data by StiPP, we would of course like to hear from you. You can reach us by e-mail at privacy@stippensioen.nl or by post:

StiPP
Board support
P.O. Box 434
3700 AK ZEIST

You can also file a complaint with the supervisory authority, the Dutch Data Protection Authority:

Dutch Data Protection Authority (DPA)
P.O. Box 93374
2509 AJ THE HAGUE

Cookies

Our website uses cookies. The cookie policy states that no personal data is processed when cookies are used. For more information, please refer to the following link: https://www.stippensioen.nl/cookiebeleid/.

Alterations

We may change this privacy statement and encourage you to consult this page from time to time. This privacy statement was last updated in November 2024.

Contact

If you have any questions about this privacy statement or the way in which we process (your) personal data, or if you would like to exercise your rights in relation to your personal data, you can contact us by e-mail on privacy@stippensioen.nl or by post:

StiPP
Board support
P.O. Box 434
3700 AK ZEIST