To administer the pension scheme, StiPP needs your personal data. For example, about your salary, about how many hours you work, about your family situation and what your account number is. We collect and use this personal data. This is called "processing" in privacy legislation.
StiPP considers it very important to handle your personal data carefully and confidentially. When processing your personal data, we comply with privacy legislation, including the General Data Protection Regulation. In this privacy statement, we explain in the form of questions and answers which personal data we process and how we handle your personal data. You can also read how you can exercise certain rights with regard to your personal data. You can also read more about the security and confidentiality of your personal data.
Whose personal data does StiPP process?
We only process personal data of the following persons that are relevant to our work:
- (former) participants
- Retired participants
- partners, ex-partners and orphans (if they are entitled to orphan's pension) of (former) participants or retired participants
- employers who are not legal entities, such as sole proprietorships or general partnerships
- policymakers, members of the accountability body, key function holders and other related persons of StiPP, as determined by the Fund's Code of Conduct
- Other rightholders
What personal data does StiPP process?
StiPP processes various categories of personal data, including sensitive personal data, such as financial data and citizen service numbers (BSNs), and special personal data, such as data about health.
StiPP only processes personal data that is relevant to our work. These are the following data:
- Name, initials
- Dates of birth and death
- Citizen service number (BSN)
- Residential address
- Residence
- Correspondence address
- Gender
- Relationship details: partner, ex-partner and any children (children entitled to orphan's pension)
- Employment details with affiliated employer(s), including type of employment and salary details
- Period(s) of participation in the Basic and/or Plus Scheme
- Fitness for work data
- IBAN (bank account number)
- Email address
- Telephone number
- Marital status
- Conscientious objector indication
- personal data relating to criminal law, for example the list of persons and organisations whose assets have been frozen in accordance with European legislation
- Other: personal data that you provide in correspondence and/or telephone contact and/or that we receive via the contact form
Why does StiPP process personal data?
Most processing operations are necessary to properly fulfil our legal obligations, including on the basis of pension laws and regulations, for the correct administration of the pension scheme.
In certain cases, we process personal data on the legal basis of 'legitimate interest'. StiPP has a legitimate interest if the processing is necessary for the performance of the Fund's tasks and StiPP has weighed up this interest of StiPP against that of the persons whose personal data are processed. An example of this is information about your pension history. In order to be able to invoke a legitimate interest, we have carried out a so-called 'three-step test'. From this, we have concluded that the processing of information about your pension history does not disproportionately infringe on your privacy. If desired, you can request further information about this via privacy@stippensioen.nl.
We process your personal data for the following purposes:
- the implementation of the agreements and (pension) regulations of StiPP
- maintaining contact with you
- inform you about your personal situation, where it relates to the accrual of pension capital, risk insurance or the pension payment to you
- inform you about (changes in) StiPP's pension schemes or situations that occur at StiPP and are important to you
- StiPP's business operations
- complying with legal obligations to which you and/or the pension fund are subject
- safeguarding the integrity and security of StiPP's business operations and the pension sector
- For (internal) participant and employer surveys to improve our services and communication
StiPP processes your personal data through customer contact, among other things. StiPP uses a customer contact system in which contact moments and telephone conversation reports are recorded. In this way, we guarantee the quality, continuity and efficiency of our services.
We record telephone conversations for training and professional development of our employees and for making a report of the conversation. The phone calls are automatically converted to text (and possibly linked to other data). By means of these interview reports, we improve our service processes and increase our insight into the wishes of our (former) participants and pensioners, as well as affiliated employers.
From whom does StiPP receive personal data?
We receive the personal data we need from:
- you or your legal representative
- the employer affiliated with StiPP
- the Personal Records Database (BPR) / the Non-Residents Register (RNI)
- the Employee Insurance Agency (UWV)
- the Tax and Customs Administration
- the Chamber of Commerce (KvK)
- bailiffs and other authorised bodies that manage claims against participants
- the CAK (with regard to premiums for the deduction of the Health Insurance Act (Zvw) for pensioners living outside the Netherlands and in Europe)
- pension funds where you have previously accrued pension
- other natural persons, institutions and organisations that you have authorised to provide data to us
To whom does StiPP provide personal data?
If this is necessary for the administration of the pension schemes and/or to comply with legal obligations, StiPP will share your personal data with other parties.
We enter into a processing agreement with parties that process personal data on our behalf. In this way, we ensure the same level of security and confidentiality of your data. StiPP is and remains responsible for this processing.
StiPP has outsourced the administration of the pension administration to pension administration organization PGGM. PGGM therefore has your personal data. The other parties with whom personal data can be shared can be divided into the following categories:
- Supervisors
- Public authorities
- benefits agencies
- Debt collection/debtor parties
- (former) employer(s) and their authorised representatives
- Mailing processors/printers
- Archive storage companies
- Inspection parties for example for carrying out wage audits
- ICT database/website management and maintenance companies
- IT security companies
- Research parties
- accounting/actuary firms for assurance purposes
- other pension providers and social funds
Is your personal data secured by StiPP?
StiPP attaches great importance to the protection of your personal data. That is why we have taken appropriate technical and organisational measures to protect your personal data against theft, loss or other unlawful use.
My StiPP Pension contains an overview of your pension with StiPP. You can log in with your DigiD.
How long does StiPP keep your personal data?
Your personal data will not be kept longer than is necessary for the purpose for which it was collected or for which it is processed. We keep some data for a longer period of time because we are required to do so by law, for example in the case of pension legislation and tax legislation.
What rights do you have with regard to your personal data?
You have the right to access your personal data. In addition, you have the right to change your data, delete it, limit its use, object to certain processing and transfer your personal data.
You can view and partly adjust your data in 'My StiPP Pension'. You can also submit a request to exercise the rights regarding your personal data using the contact details below. Before we process your request, we may ask you to provide information that we need to verify your identity. If we reject your request, we will justify this.
Right of access
You have the right to request a copy of the personal data we hold about you. If you exercise this right, you will receive an e-mail from us with this data and information about our use of this data.
Right to rectification
We take measures to ensure that the personal data we have about you is accurate and complete. If we have processed personal data that is incorrect, you can request us digitally or in writing to update or adjust your personal data.
Right to erasure
You have the right to request that we erase your personal data, for example when we no longer need your personal data for the above purposes. However, such a request will be weighed against other factors. For example, there may be a legal obligation for us to retain your personal data.
Right to restriction of processing
You have the right to request that we restrict the processing of your personal data, for example if you think the personal data is incorrect. The restriction then applies for the duration that we check the accuracy of your data. You can also request restriction if you think that we no longer need your personal data for the above purposes and you object to the processing or if you want us to keep your data in your interest. We will inform you before any restriction of processing is lifted.
Right to object
You have the right to object to the processing of personal data based on our legitimate interest. If you object, we will no longer process your personal data on the basis of this legal basis, unless we have a compelling, legitimate ground for the processing.
Right to data portability and right to human gaze
The GDPR also grants data subjects the right to data portability (the right 'to have data transferred') and the right to human gaze when using automated individual decision-making.
You have the legal right to receive personal data in a structured, commonly used format and to have it transferred to another controller. This right only applies to automated processing; In addition, it must concern personal data that is processed with permission or on the basis of an agreement with you. StiPP does not process your data on the basis of consent or agreement. Therefore, this right does not apply to StiPP. For transferring your pension to another pension provider, please refer to the StiPP pension regulations and the existing processes between pension funds.
Automated decision-making involves using personal data to reach a decision without human intervention. The personal data is processed automatically. The right to human gaze in automated individual decision-making does not apply, because StiPP does not make decisions about you (or others) based on automated decision-making.
Do you have a complaint about the processing of your personal data?
If you have a complaint about the processing of your personal data by StiPP, we would of course like to hear from you. You can reach us by e-mail at privacy@stippensioen.nl or by post:
StiPP
Board support
P.O. Box 434
3700 AK ZEIST
You can also file a complaint with the supervisory authority, the Dutch Data Protection Authority:
Dutch Data Protection Authority
P.O. Box 93374
2509 AJ THE HAGUE
Cookies
Are you visiting our website www.stippensioen.nl? Then cookies and similar techniques (hereinafter referred to as 'cookies') may be used. In our cookie statement you can read which cookies StiPP uses, what data is processed, for what purpose, which partners we have and how long we keep the information. Some cookies are only placed after permission. You can also withdraw your consent at any time. We comply with the rules of the General Data Protection Regulation (GDPR) and the Telecommunications Act. StiPP is responsible for the processing of your data via cookies.
Alterations
We may change this privacy statement and encourage you to check this page from time to time. This privacy statement was last updated in May 2025.
Contact
If you have any questions about this Privacy Notice or the way we process (your) personal data, or if you would like to exercise your rights in relation to your personal data, you can contact us by email at privacy@stippensioen.nl or by post:
StiPP
Board support
P.O. Box 434
3700 AK ZEIST