Data protection

Protection of personal data

Varma provides pension cover in accordance with the Employees Pensions Act (TyEL) and the Self-employed Persons Pensions Act (YEL). In order to carry out this task, Varma maintains and handles the personal data of the insured and pension recipients. Regulations concerning the handling of personal data within the earnings-related pension system are laid out in the Employees Pensions Act (TyEL) and other insurance and insurance company legislation.

What data does Varma collect?

We collect the personal data of policyholders, i.e. employers and self-employed persons, the insured and pension applicants and recipients, and from official registers that Varma is legally entitled to use.

As part of its investment operations, Varma is a developer of rental flats and grants customer credit. Personal data is gathered from persons applying for flats and from lessees in connection with rental activities. In addition to the information provided by the applicants for flats and credit themselves, Varma verifies their credit information. Personal data on private customers and guarantors is compiled in the loan register.

We gather personal data expressly for the above-mentioned purposes and only to the extent that is necessary. We try to ensure that the data is accurate, complete and up-to-date.

The personal identity code is used as an identifier in Varma’s pension insurance operations, the renting of flats and granting of credit. When making pension decisions and selecting lessees on social grounds, we may also deal with sensitive data such as data concerning a person’s state of health.

Recording of customer phone calls and information related to the Chat service to improve quality

The customer calls made to our customer service numbers are recorded in order to improve the quality of our customer service. The person’s identification information is removed from telephone calls intended for training purposes. Discussions that take place in our Chat service are saved for statistical purposes in order to improve quality.

Phone call and Chat information is saved securely and in accordance with the Personal Data Act. The information is processed in accordance with regulations that are binding on Varma and is not used for any other purpose. The file description (in Finnish) contains more detailed information.

You can check your personal data

The file descriptions of the personal data files are available on this website and also at the company’s service point at the address Salmisaarenranta 11, Helsinki. Everyone who has personal data in the registers maintained by the company has the right to check the data pertaining to themselves and to request that any erroneous data be corrected.

Disclosure of information to third parties

The personal data in our registers can be disclosed to, for example, the Finnish Centre for Pensions and other parties implementing statutory pension cover and social security. Data is disclosed to authorities in accordance with the law. Unless expressly prohibited by the data subject, this information can be used for direct marketing purposes, in accordance with the regulations concerning the protection and processing of personal data valid at any given time. Varma can, in its services geared towards its policyholders, insured and/or pension recipients, use subcontractors, to whom, for example, address information can be disclosed for mailing purposes. Subcontractors are required to sign a non-disclosure agreement. Varma can disclose personal data to the authorities of other social security agreement countries also outside the European Union when carrying out tasks related to earnings-related pension cover.

Data is safe with Varma

Our personnel are bound by confidentiality as dictated by law. In addition Varma’s personnel must enter into a non-disclosure agreement as part of their employment contracts.

Varma maintains high-quality data security in its internal data network. The transfer of personal data in the public data network is secured using sufficiently secure and appropriate encryption technology.

The company’s eServices may contain links to websites maintained by other instances. Varma is not responsible for the activities of the providers of these websites.