Data protection at Elo
Elo’s basic responsibility is to manage the pension cover of employees and entrepreneurs in accordance with the Employees Pensions Act (TyEL) and Entrepreneurs' Pension Act (YEL) and to manage the funds collected for these purposes.
Elo collects personal data only to the extent that is necessary in order to perform its duties. Elo processes the personal data of its customers and protects the privacy of its customers in accordance with the valid legislation, such as employment pension laws, the EU’s General Data Protection Regulation, the national legislation on data protection, insurance legislation, legislation on credit institutions and regulations applicable to investment funds.
Elo’s internal instructions and documentation concerning the processing of personal data have been reviewed and updated to ensure that they fulfil the requirements of the EU’s General Data Protection Regulation.
The EU’s General Data Protection Regulation provides private individuals with a wider range of rights concerning control over their personal data. Private individuals now have more extensive rights to obtain information on the purpose for which their data is collected and how their data is processed. Transferring data to another service provider and “the right to be forgotten” are not applicable to data that is collected for purposes related to a pension insurance company’s statutory responsibilities.
Elo’s TyEL and YEL customers do not have to conclude separate agreements on the processing of personal data with Elo, because the personal data provided in connection with a TyEL or YEL insurance is related to an employer’s legal obligation. Elo is the controller of personal data provided for purposes related to TyEL and YEL insurances.