Philips Pensioenfonds feels very strongly about the importance of handling your personal data with care and confidentiality. Naturally, we act in compliance with the General Data Protection Regulation (‘GDPR’) and we follow the principles of the Code of Conduct for Personal Data Processing by pension funds. This code of conduct has been published by the umbrella organization of pension funds in the Netherlands, the Pensioenfederatie. The code of conduct describes how the pension sector handles personal data. We only record and process your personal data for our pension activities and for mortgage lending.
This privacy statement provides an explanation of what personal data we process as part of our pension activities and how we handle them. It also describes how you can exercise various rights in respect of your personal data. You will also find information about the security and confidentiality of your personal data.
Privacy statement pension activities
Here you can read how we deal with your personal data.
We only record and process personal data that are relevant to our pension activities. This includes the following data:
- home address
- postal code and place of residence
- address for correspondence
- date of birth, date of death
- Dutch citizen service number (burgerservicenummer, or ‘BSN’)
- relationship details: marital status, including (where applicable) marriage and divorce dates, start of cohabitation, partner, former partner and any children
- details of employment with the constituent employer, including salary details, part-time percentage and employment commencement date
- disability details
- proof of identity, for example a copy of your passport to identify you
- biometric data if you provide your ‘Life Certificate’ digitally: we use your proof of identity and facial image to establish the authenticity of your life certificate
- bank account number
- e-mail address
- telephone number
- pension entitlements/pension rights
- other personal data that you actively share in correspondence and telephone conversations
Philips Pensioenfonds processes your personal data:
- To ensure that the pension plans of its constituent employers are properly administered, including establishing the value of the pensions and paying them out, and calculating, recording and collecting contributions from employers;
- To comply with legal obligations, for example issuing your (annual) Uniform Pension Overview;
- To provide personalised information such as letters, digital and hardcopy newsletters and communications about your pension;
- To conduct surveys among members and to optimise our pension activities.
Philips Pensioenfonds processes personal data of the following persons, or ‘data subjects’:
- present and former members
- pension recipients (i.e. everyone receiving a retirement, survivor’s, orphan’s or disability pension)
- partner(s) and former partner(s) of current and former members and pension recipients.
Philips Pensioenfonds obtains personal data from:
- you or your legal representative,
- your employer,
- government agencies such as the Dutch Tax and Customs Administration, the Employee Insurance Agency UWV, national insurance scheme administrator Sociale Verzekeringsbank, the Personal Records Database (Basisregistratie Personen, formerly Gemeentelijke BasisAdministratie) and the Non-resident Records Database (Registratie Niet-ingezetenen),
- insurance companies, if we pay out insured rights,
- pension funds where you previously accrued pension rights,
- other natural persons, institutions and organisations that you have authorised to share data,
- bailiffs and other debt collectors/creditor representatives
Philips Pensioenfonds shares your personal data with various other parties if that is necessary for us to administer the pension plans and/or to comply with legal obligations. We have a data processing agreement with each party that processes your data on our instructions. This ensures an appropriate level of security and confidentiality for your data. The responsibility for these processing operations remains with Philips Pensioenfonds.
Philips Pensioenfonds has outsourced the pension accounts and records to Blue Sky Group. This means that Blue Sky Group can access your personal and other data.
The other parties with which your personal and other data might be shared can be divided into the following categories:
- Supervisory authorities
- Government agencies, including the Dutch Tax and Customs Administration and mijnpensioenoverzicht.nl
- Benefits agencies
- Bailiffs and other debt collection/creditor representatives
- Employers and their payroll processors
- Mailing processors/printers
- Archive storage companies
- ICT database/website administration and maintenance firms
- IT security firms • Research agencies handling member surveys
- Accountancy/actuary/consultancy firms for auditing and consultancy work
Philips Pensioenfonds feels strongly about the importance of relevant and personal communication. Accordingly, some years ago we switched to sending you personalised newsletters and pension information in digital format.
To reflect how strongly Philips Pensioenfonds feels about the importance of handling your personal data with care and confidentiality, we have registered our own Data Protection Officer with the Dutch Data Protection Authority (‘Dutch DPA’, or Autoriteit Persoonsgegevens). The Data Protection Officer monitors how the GDPR and the Code of Conduct for Personal Data Processing by pension funds are implemented and whether we are compliant with them. The Data Protection Officer also plays a role in your possibilities to exercise your rights.
Right of access
You have the right to access your personal data that are in the possession of Philips Pensioenfonds. To exercise this right, you should submit a request to our Data Protection Officer.
Right to rectification
If the data that you received from Philips Pensioenfonds in response to an access request contain inaccuracies, you may pass on a rectification to the Data Protection Officer, either in digital format or in writing. We will let you know within one month whether we can comply with your rectification request.
Right to erasure (‘right to be forgotten’)
Depending on the basis on which we process your personal data, you might have the right to have your personal data erased. At Philips Pensioenfonds, this right arises if your personal data are recorded in our pension records without a legitimate purpose.
We will erase your personal data if and when:
- they are no longer necessary for the purposes for which they were gathered or processed; or
- you object on legitimate grounds to the processing; or
- they have been unlawfully processed; or
- they are required by law to be erased.
Right to restriction of processing
You have the right to have us restrict our processing of your personal data. Our processing of your personal data may be restricted if:
- you contest the accuracy of the data and you believe that we should verify this;
- the processing of your personal data is unlawful and you oppose erasure;
- we no longer need your personal data but you do, for example for conducting legal proceedings against Philips Pensioenfonds or third parties;
- you have objected to the processing and we do not immediately decide on that objection.
Right to data portability
You have the right to receive your personal data in form that is easily readable. This right only applies to processing operations that use automated procedures.
If you want to exercise your rights, please send an email stating your request and explaining your reasons to email@example.com. If you prefer, you may send a letter to:
Attn. the Data Protection Officer
PO Box 80031
5600 JZ Eindhoven
Once Philips Pensioenfonds has received your request, we will first verify your identity to establish whether the request is legitimate, by contacting you by telephone or in writing. Philips Pensioenfonds will then handle your request as soon as possible, and within one month at most. If this is impossible, Philips Pensioenfonds will contact you within one month to explain why your request cannot be handled within that time, and will establish a new time frame (no more than two months after you have been contacted by Philips Pensioenfonds).
At your request, Philips Pensioenfonds will provide the data to you in an easily readable format. Once Philips Pensioenfonds has provided you with the personal data in a secure manner, the responsibility for storing and securing those data is your own.
Please be advised that you also have the right, at all times, to contact the Dutch DPA (www.autoriteitpersoonsgegevens.nl), which is the appropriate supervisory authority, if you have any complaints or concerns about any use of your personal data by Philips Pensioenfonds.
Philips Pensioenfonds has implemented appropriate technical and organisational measures to protect your personal data against loss or damage. Further safeguards are in place to ensure that each data subject’s data can be replaced or restored if they are lost or damaged. Some employees already have a duty of confidentiality with regard to personal data by reason of their office, their job or a legal requirement. Other employees are obliged to observe the confidentiality of the personal data that they process, except where they are under a legal obligation to provide the data.
Your Uniform Pension Overview is available in MijnPPF. From there, you can also visit the Pension Planner. You can log in to MijnPPF using your DigiD username and password or your MijnPPF account. Your data in MijnPPF are secured in accordance with the requirements of the GDPR.
Your personal data are kept exclusively for the purpose for which they were gathered or for which they are processed. In principle, the data for establishing your pension entitlements are kept until after your death, or until after the death of your survivors with an entitlement to a survivor’s or orphan’s pension from Philips Pensioenfonds.
We keep some data on file for specific periods because we have a legal obligation to do so (for example under pension laws and tax laws). The basic premise here is that those data are kept for the duration of the statutory retention period.
Functional cookies are needed for technical reasons, to optimise how the website works. For example, they remember your preferences, settings or login sessions and help with the website’s security. Without these cookies, it would be impossible for you to use the website properly. These cookies expire as soon as the browser session ends.
Philips Pensioenfonds has set Google Analytics to privacy-friendly analytics, as required by the Dutch Data Protection Authority. This means that we have instructed Google to remove the final 3-digit octet of your IP address before storing it. This way, the IP address cannot be traced back to a specific user. We have also disabled data sharing, so that your data are not shared with Google for Google’s own purpose such as for advertising. Philips Pensioenfonds also has a data processing agreement with Google, containing arrangements about how your personal data are protected. We do not use any other Google services in combination with the Google Analytics cookies. Google Analytics cookies expire after 14 months.
The small amount of information that is shared with Google as a result of our use of Google Analytics is transferred by Google to the United States and kept on servers there. Google bases this transfer on the standard clauses approved by the European Commission. Google may share the information that it acquires with third parties if this is required by law, or in so far as those third parties are processing the information for Google. You can find out more about these cookies at https://privacy.google.com/businesses/compliance/.
If you do not want Google Analytics to use your data for analytical purposes, you can download and install a program to block Google Analytics (Downloadpage Google Analytics Opt-out Browser Add-on).
You can manually delete cookies in your Internet browser (e.g. Microsoft Edge, Mozilla Firefox, Google Chrome), or set your browser to remove them automatically as soon as you leave the website. You can also set your browser to warn you whenever a cookie is placed, or to prevent cookies from being placed. Remember: if you disable cookies, the website might not function properly.
Philips Pensioenfonds may change this cookies statement at any time, and without informing you. To find out whether this cookies statement has changed, we recommend checking this page regularly.
Eindhoven, December 2022