Privacy statement
Your personal data in trusted hands
As a pension administration organisation, Achmea Pensioenservices (APS) carries out the administration for pension funds and occupational pension associations that are customers of APS. It is very important to us that you know what we do with your personal data. And what your rights are. So you can be assured that your personal data is in good hands.
What data does APS use?
Pension funds are responsible for administering your pension scheme. Our clients have outsourced part of those tasks to us. To organise your pension properly, we need your personal data, and also your partner’s data in many cases. For example your names, addresses and dates of birth. We also process other information, including your citizen's identification number (BSN) and information about your income, employment and pension. We make sure that all pensions are paid. To do this correctly, we use and store (process) your personal data. We process your data in compliance with the General Data Protection Regulation (GDPR) and the GDPR Code of Conduct of the Dutch Pension Funds (Gedragslijn Verwerking Persoonsgegevens Pensioenfondsen). The pension fund is responsible for processing and protecting your personal data properly. The pension fund will continue to have this responsibility even if it outsources some of its processing activities to third parties. The pension fund retains this responsibility even if it outsources some of its processing activities to third parties.
We also use cookies
Cookies allow us to show or send you information that we believe is important for our service. A cookie is a file on your computer that remembers what you do on our website. One of the things we do is keep track of how you use our digital communications. Our website places cookies. We use these cookies for a number of reasons. For example, to improve the website and (depending on which cookies you accept) see what you do and look at on our website. You can find more information about cookies in the cookie statement of APS.
We save the click behaviour in newsletter e-mails. This enables us to see how often an e mail has been opened, which articles have been clicked on and which operating system was used. We use this information solely for analysis purposes to improve the information we provide to our participants.
What do we use your data for?
We use your personal data to administer your pension because your pension fund has outsourced this task to us. We process your pension from the first accrual through to the pension payment, either to you or your surviving dependants. We will also regularly send you information about your pension (if your pension scheme changes, for example). We only process the personal data we need for this purpose. We also process personal data if necessary to meet our legal obligations – to find out whether you are on a sanctions list, for example. If there are any other purposes for which we need to process your personal data, we will always ask for your consent before processing it for these purposes.
For the administration of your pension scheme on behalf of your pension fund, we record when you and the pension fund have been in contact with each other. For example, we record telephone calls and chats, as well as letters and e-mails we send you and receive from you.
When you visit the APS website, we record:
- digital messages we send to you and receive from you.
- what you do and view on our websites.
- our contact on social media channels, such as LinkedIn.
Who is responsible for processing the data?
Whenever we process your data to administer your pension scheme, the pension fund has final responsibility for processing your data. You can find further information on how this processing works in your pension fund's privacy statement.
If you visit the APS website, Achmea B.V. is responsible for processing your data correctly and accurately. Achmea Pensioenservices is a brand of Achmea. Achmea B.V.
Which parties share your data with us and with which parties do we share your data?
We exchange personal data with a number of partners in the context of your participation in the pension scheme that we administer on behalf of your pension fund. For example, your employer will provide us with data when it registers you in the pension scheme. We also consistently update specific data via the Key Register of Persons (Basisregistratie Personen). This means that there are many important changes in your personal situation you don’t have to notify us of yourself. If you move house or get divorced, for example. But some information you do need to share with us. If you move in with your partner, for instance, or get married abroad. And if you become incapacitated for work while participating in our pension scheme, we also process data that shows the extent of your occupational disability The data we process depends on the information we receive from you or from the employee insurance agency UWV. We do not process any other medical information.
We do not share your personal data with third parties unless you give us written consent or we are legally obligated to do so.
How do we ensure your data stays safe with us?
We have strict technical and organisational security measures in place, which we implement according to the applicable legal requirements and guidelines. On the whole, our website, and IT systems are properly secured. And we continuously take measures to prevent misuse of your data.
One example of a technical measure is that we only send your digital data in encrypted form, so that you alone have access to the information.
An example of an organisational measure is that only authorised employees are allowed to view your data. These employees only have access to your personal data to the extent necessary to perform their duties.
How long do we keep your data?
We store your data for as long as we need it. Or for as long as is required by law. We retain your personal data throughout your life and even afterwards. This is necessary because (former) partners and children may sometimes receive money from your pension for many years after you pass away. We keep some of your data for a period of 100 years as standard. This is done on behalf of pension funds that are our clients. In the event that a pension fund stops being our client, we will delete your personal data as soon as we no longer need it.
Your rights
Your rights are statutory rights. You can contact us to:
- request access to your personal data. You can also find a lot of information on your personal portal of the pension fund where you have accrued pension rights.
- change your personal data if it is incorrect. If the data we receive from the Key Register of Persons is incorrect, you can contact the municipality yourself to have your data changed;
- ask us not to process all your personal data or to withdraw your consent;
- forward your personal data to another organisation (if you want to arrange a value transfer for your pension, for example).
Please note: if we process your data on behalf of your pension fund, we are not always able do what you ask. For instance when your personal data is essential for us to administer your pension.
Please let us know if you wish to exercise your rights
Does your request concern how we process your personal data on behalf of your pension fund? If so, please send an e-mail or letter to the pension fund. You can find the contact details on the pension fund's website. Does your request concern personal data that APS processes?
Then you can send an e-mail or letter, please see the contact details.
Before proceeding to process your request, we will need to establish your identity. To do this, we may ask you for a copy of your passport, driving licence or identity card. If we do, please obscure your citizen's identification number (BSN) and passport photo. We keep a copy of your proof of identity for two years.
We will respond to your e-mail or letter within four weeks, unless we are not able to action your request on time. In this situation, we will let you know when you can expect to receive a reply from us. We will check your identify first and then respond to your request.
Do you have a question, suggestion or complaint?
Don't hesitate to pass them on by e-mail to the Data Protection Officer of Achmea at privacymanager@achmea.nl. You can also send a letter to:
Achmea B.V.
The Privacy Manager
Compliance
Postbus 866
3700 AW Zeist
If we aren't able to resolve a complaint together, you can forward your complaint to the Dutch Data Protection Authority (Autoriteit Persoonsgegevens).
We may make changes to this privacy statement
This may be necessary if legislation or regulations change or if we develop new products or services, for example. The latest version of this privacy statement is always available on our website. The current latest version is dated 20 February 2024.