Cookie statement and privacy policy

Cookie statement
This website uses cookies to ensure you get the best user experience. The following explains how and why this happens.

What are cookies?
Cookies are used when you visit this website. Cookies are small, simple text files. Cookies are used to recognise you when you visit the website again. Cookies ensure that when you visit our website you will not receive or have to enter the same information each time. Your settings and preferences are saved and this makes your next visit to the site easier.

Why do we use cookies?
Some cookies are essential for the full and proper operation of the website. We always place these cookies. We also use what are known as analytical cookies of Google Analytics to obtain more information on our visitors.

Refusing cookies
If you do not wish cookies to be placed, you can delete cookies via your internet browser or have them automatically deleted when you end an internet session. You can set your internet browser to inform you if a cookie is placed. You can also set your browser so that cookies cannot be placed. However, this means that you will not be able to use all the features of this website.

Video's of YouTube
Our website contains links to YouTube video's. These video's work by means of a piece of code which is created by them. This code places cookies which can be used by these companies. We have no influence on the use of that information by these companies. Regularly read the privacy statement of YouTube to find out how they use your (personal) data which they retrieve through these cookies.

Cookies being used on the BeFrank portals
Google Analytics
Google Analytics is the analysis tool of Google, used by website- and app-owners to determine how visitors use their websites. The tool can use a number of cookies to collect information and user statistics for websites, without identifying visitors of Google on a personal level.

We treat your personal data with care

Privacy statement BeFrank PPI N.V. and BeFrank N.V.
Protecting your data is extremely important to BeFrank PPI N.V.. The privacy policy stated below explains clearly what we do with your data and how we protect your data.

BeFrank PPI N.V. (hereinafter: BeFrank) enters into administration agreements with employers in order that pension can be accrued for their employees. Pension capital is accumulated for employees by means of investments. These schemes are known as defined contribution schemes. Your employer usually pays the pension contribution, or a part of it. BeFrank PPI N.V. will sell your investments when you retire, and the proceeds are used to fund your pension. For example, this could be for a retirement pension and a partner’s pension.

BeFrank PPI N.V. is part of the NN Group. BeFrank PPI N.V. has delegated the administrative processing of the administration agreement to BeFrank N.V.. BeFrank PPI N.V. uses the services of AZL for the performance of the contracts concluded under the name of Essentie Pensioen. BeFrank PPI N.V. monitors that the administrative procedures are performed by BeFrank N.V. and AZL correctly and fully and in a timely manner. This monitoring includes supervision of the security of your personal data and supervision of the processing of your personal data in accordance with the requirements under the General Data Protection Regulation (GDPR) and other legislation and regulation.

This privacy policy is formulated by the person responsible for processing your data. This is BeFrank PPI N.V., for convenience referred to hereinafter as BeFrank.

I What are personal data?
When your employer purchases a product from us so that you can accrue a pension, we ask your employer for personal data such as your name and address.

Personal data are data that say something about you or that we can link to you. The collection, storage and usage of your data is known as the ‘processing’ of your personal data. This is a statutory term. BeFrank complies with legislation and regulation when processing your personal data, including the provisions of the General Data Protection Regulation (GDPR) and the Insurers’ Code of Conduct for the Processing of Personal Data (Gedragscode Verwerking Persoonsgegevens Verzekeraars). The following explains why we process your personal data and which data may be involved.

II Why do we process personal data?
We store and use your personal data only for purposes that are established with care. In most cases, we receive personal data from your employer or from you yourself, because you accrue pension with us or have accrued pension with us in the past. The law covers the processing of data that is necessary for the preparation or performance of an agreement. What this means is that we cannot help you if we have no data on you or are not allowed to store these data.

Your personal data are also used because we maintain a central customer administration, we aim to prevent and combat fraud, or we use the data for risk management. The law speaks of ‘processing due to legitimate interests’. This can also be in your interest, because we can help you more effectively and can combat fraud. We also process your data in order to meet our statutory obligations. Further information on the basis on which we process your personal data is provided below.

a.For the performance of our agreements

  • To be able to assist you as our customer. So for the initiation, management and/or performance of our products. And/or for the provision of advice on our products
  • To provide information to and receive information from other parties if this is necessary for the performance of your product. For instance, your employer

b.On the basis of a legitimate interest

  • For our customer administration: BeFrank has a customer administration. Our customer service uses this to see which products you have with us, so that we can answer any questions you have quickly and effectively. The data held in our customer administration include your name, date of birth, address, other contact information, details of the product or products you have with us
  • To combat fraud: we process your personal information for risk management and to prevent and combat fraud, to protect both your security and the security of financial institutions. This means we can exchange data within NN Group, with other financial institutions or with external research agencies
  • To better assess risk: we process personal data for statistical analysis, in order to better assess risk. We store data so that we have the correct information available in case of complaints or disputes
  • Processing data of third parties: in some cases we record data on persons other than our customers, such as injured parties, administrators, beneficiaries and people providing collateral for a customer. We do this solely to the extent necessary for the performance of the agreement with the customer
  • To comply with statutory requirements: for your safety as well, we are obliged to ask for your personal data in order to establish your identity. We also also obliged to share your data with the Tax & Customs Administration for the performance of certain products. The Tax & Customs Administration will then share data on persons who due to having a connection with the United States may qualify as Specified US Persons with the US tax authorities. In exceptional cases, we are obliged to share your personal data with other parties such as supervisory authorities, the police, the courts or the intelligence services.

III What personal data do we process?

Personal data we obtain from you for the performance of the agreement. This involves:

  • General information such as your name, address, telephone number, e-mail address and date of birth
  • Data to be able to identify you
  • Your account number, to be able to receive payments from you or make payments to you
  • Financial data. In this context in some cases we ask questions for instance to establish your investment objectives
  • Information we need for a specific product, for example if you choose your own investments with your pension product
  • We also need your citizen service number (BSN) for life insurance and pension products.

Additional data
Additional data means data that we have not obtained from you or your employer but data we have obtained from public sources. For example, consulting information in order to combat terrorism and money laundering. Or to consult information from the Bureau Krediet Registratie (BKR). We do this in some cases to assess a risk or to meet our statutory obligations. Further information on this is provided on this page under ‘From whom do we obtain your data?’.

Contact history
We keep a record of when you contact us. To improve the quality of our service, and for training, coaching and evaluation of our employees, we record some of our telephone conversations.

Your visits to our website
We record information on your visits to our website. For example, which pages you visited, when you last logged in to www.essentiepensioen.nl or what you searched for on the website. Among other things, we do this by placing cookies. More information on the use of cookies is provided in our Cookie Statement.

Use of the Pension Planner
The pension planner is offered to you by NN Investment Partners (NN IP) to provide insight into your future financial situation. Depending on your choices, NN IP processes the data for the Pension Planner in the following ways:

  • AZL provides your details from the pension records, such as salary and other pension details
  • You yourself provide information about your expected situation in the future and/or upload data from Mijnpensioenoverzicht.nl
  • On the basis of this data, the Pension Planner retrieves anonymous data from Nibud (National Institute for Family Finance Information), which forms the basis for the calculation. The data provided by NN IP to Nibud is not retained by Nibud
  • You can indicate yourself whether you want the Pension Planner to keep or remove the data

IV From whom do we obtain your personal data?

If you purchase a pension and an insurance with BeFrank via your employer, we receive your data from your employer, or in some cases from the Municipal Personal Records Database (the BRP). If necessary for the execution of the pension agreement we can also obtain information from other banks and insurers. Health related information we will receive through your employer, your doctor (after your approval) or from the UWV.

V To whom can we provide your personal data?
We can provide your personal data to the persons, companies and institutions stated below. We will do this only if:

  • it is necessary for the performance of the agreement, or
  • we have a ‘legitimate interest’ in doing so and the provision of your personal data is necessary for this. An explanation of this is provided on this page under ‘why do we process your personal data’
  • there is a statutory obligation to provide your personal data, or
  • you have given your permission.

We will provide your data to one or more of the parties listed below only if one of the above statements applies:

  • Our employees, to the extent that they need these data for their work
  • Companies to which we delegate tasks (‘processors’). These companies in this case work according to our instructions
  • Your adviser or interest protector, your employer and its adviser if you are insured via your employer
  • Companies we engage for evaluating an application for a product
  • Public agencies such as supervisory authorities, the police and the courts and the Tax & Customs Administration, if we have a statutory obligation to do so
  • Other banks and insurers. This also includes reinsurers and legal aid insurers
  • Enforcement agents, collection agencies and/or civil-law notaries. oExternal registers such as CIS, BKR, NHG, External Reference Register (EVR)
  • The Employee Insurance Agency (UWV).

VI How we protect your personal data

We keep your data secure
We devote much time and attention to the security of our systems and the personal data that are stored within these systems. BeFrank monitors the security of personal data and the use thereof. Data traffic is continually monitored. If something goes wrong, action is taken immediately. We resolve data leaks and register such incidents. We are required to do this by law. We also notify incidents to the supervisor and to you, if necessary.

How we process personal data is supervised

  • The Dutch Data Protection Authority (Autoriteit Persoonsgegevens, or AP) checks that we comply with the AVG
  • The Netherlands Authority for Consumers & Markets (Autoriteit Consument & Markt, or ACM) supervises how we use cookies, direct marketing via e-mail and the Do Not Call register
  • De Nederlandsche Bank (DNB), the European Central Bank (ECB) and the Authority for the Financial Markets (AFM) are responsible for general supervision of the financial sector, and therefore of BeFrank and NN Group
  • Internally, our Data Protection Officer supervises how we deal with your personal data. The Data Protection Officer is available at dpo-leven@nn.nl.

We have signed a confidentiality statement
All our employees have signed a confidentiality statement and taken an oath or solemn affirmation. We treat the data you entrust to us with care. Only authorised personnel can access and process your data.

VII What are your rights?
As a customer, you have certain rights with respect to your personal data. These rights are explained below.

You have a right of inspection
This means you can inspect the personal data we have registered for you and what we use these data for. You can also find these data on your personal pension page at Essentie Pensioen

You have a right to amend, remove or restrict the use of data
You have the right to have your personal data amended if these are not correct. You also have the right to have your personal data removed if your personal data have been wrongfully processed, are no longer necessary for the purpose for which they have been processed, or because you have withdrawn your permission and BeFrank has no other valid reason for the processing of your data. You also have the right to restrict the use of your personal data. This means that you can state that your data may not be used for a temporary period. You may use this right if your personal data are not correct, have been wrongfully processed, are no longer necessary for the purpose for which they were obtained or processed, or if you object to the processing of your data and your objection is still pending with us.

You have a right to have your data transferred
This means that in certain cases you have the right to ask us to transfer the personal data you have provided to us to yourself and to another service provider.

You have a right to object
You may object to the processing of your personal data if we use your personal data for purposes other than those necessary for the performance of an agreement or for complying with a statutory obligation. We will review your objection with care and will cease to process your personal data if necessary.

VIII How long do we keep your data?
We keep your data for as long as you are our customer. We also do this for some time if you no longer have a particular product from us. We apply the statutory retention period. After this, we use the data only for statistical purposes and for dealing with complaints and legal proceedings. In this case we keep the data in a closed archive.

IX Where do we process your data?
Your data are usually processed within the European Union (EU). In some cases personal data are processed outside the EU. Some of our suppliers and partners are also located outside the EU or provide these services outside the EU. The regulation in these countries does not provide the same protection of personal data as the European regulation in all cases. To ensure that your personal data are secure, we take measures by concluding agreements that stipulate similar agreements with respect to the security of personal data. In other words, as we do within the EU. We refer to these agreements as EU model contracts.

X Do you have questions?
Do you have general questions about your personal data? Please contact our customer service. They can be reached at klantenservice@befrank.nl.

XI Would you like to view or change your data?
You can review and change your personal data on your personal pension page (www.essentiepensioen.nl). You have the right to ask us for an overview of the personal data we process of you. You also have the right to know who shared your personal data with BeFrank and who BeFrank shares your personal data with.

You can also request an overview of the personal data in writing. We may request you to identify yourself, for instance by asking for a copy of a valid identity card. In the case that we ask for a copy of your identity card, BeFrank advises you to black out your BSN and to mention that it concerns a copy for BeFrank, date included.

Should the overview we provide you contain inaccuracies of do you feel that the processing of your data is unjust, you may ask for an adjustment or removal in writing. You can also revoke your permission of the processing of your personal data. Within four weeks after your request we will inform you if we can meet your request. You can send your request to:

BeFrank
Attn. Customer service
Postbus 2096
1000 CB Amsterdam
or klantenservice@befrank.nl

Complaints
If you have a complaint regarding how BeFrank deals with your personal data, you can submit your complaint to the management of BeFrank:

BeFrank
Attn. Customer services
P.O. Box 2096
1000 CB Amsterdam

You will receive a response from BeFrank within four weeks. If you are not satisfied with this response, you may refer the matter to the Financial Services Complaints Tribunal (Klachteninstituut Financiële Dienstverlening), P.O. Box 93257, 2509 AG The Hague, telephone 070-3338999, www.kifid.nl.

BeFrank is entitled to amend this privacy statement. We advise you to consult this privacy statement regularly. In any case, at such time as you provide your personal data to BeFrank.

Effective date
These regulations take effect on 1 May 2018