Skip to main content

Privacy policy

Privacy policy

1.0 Introduction

1.1 The data controller

Velliv, Pension & Livsforsikring A/S ("Velliv", "we", "our", "us") is a financial undertaking licensed by the Danish Financial Supervisory Authority to conduct business under the categories of life insurance and pension. We are registered as a public limited company in Denmark under company registration (CVR) number 24260577.

 

Our contact details are:

Adress: Lautrupvang 10, 2750 Ballerup

Telephone: +45 70 33 99 99

Email: kontakt@velliv.dk 

Contact form: Contact Velliv

Read here about secure communication

 

As a life insurance and pension company, we process personal data as a natural part of our business. This means that we are a data controller in our processing of personal data regarding:

 

  • Velliv's customers
  • Connected persons, including next of kin, heirs, beneficiaries and beneficial owners
  • Website visitors
  • Followers on Velliv's company pages on social media
  • Participants and registrants for Velliv events
  • Visitors to Velliv's premises
  • Contact persons from business customers, business partners, suppliers, etc.

 

Data subjects are strongly encouraged to read the privacy policy carefully to understand how Velliv processes personal data. Velliv may change the privacy policy from time to time by publishing an updated version on the website. Velliv therefore recommends that data subjects regularly check the website. In case of significant changes, all data subjects will be contacted and informed of the change.

1.2 The Data Protection Officer

We have appointed a Data Protection Officer ("DPO") because our core business is inextricably linked to the extensive processing of personal data about our customers, including special categories of personal data (e.g. data concerning health).

Velliv has appointed Bech-Bruun as its DPO. Bech-Bruun's contact details – for questions about Velliv's data protection – are:

 

Bech-Bruun Advokatpartnerselskab
CVR nr.: 3853 8071
Gdanskgade 18
2150 Nordhavn
Telephone number: +45 72 27 30 02

 

1.3 Structure of the privacy policy

We have divided our privacy policy into a number of sections which together fulfil our disclosure obligations under Articles 13 and 14 of the General Data Protection Regulation (hereafter “GDPR”).

In the specific provisions section, you can read about our specific processing activities.

In the general provisions section, you can read about the recipients of personal data, your rights and the complaints guidance.

1.4 Categories of personal data

In order to give an overview of the personal data that is processed, we have prepared a table that presents the categories of personal data which we typically process during our day-to-day operations. The table is therefore not exhaustive but gives an overview. It is also not certain that all the personal data listed will be processed, or that it will be processed at the same time as the customer's engagement with Velliv.

Examples of personal data

Identifying information

Name
Date of birth
Agreement number
Customer number
Case ID
Job title
Marital status
Passport number
Driving licence number

Civil registration number

Civil registration (CPR) number
Foreign civil registration number

KYC (Know Your Customer) data

PEP (politically exposed person) status
Investigations under the Danish Anti-Money Laundering Act (hvidvaskloven)
Investigations under international sanctions rules

Behavioural data

IP address
Log information
Photos and video recordings (e.g. in connection with investigation of possible insurance fraud)
Leasure time activities

Contact details

Address
Email address
Telephone

Financial information

Tax information
Account number
Credit card information
Pay/Salary information
Savings
Debt

Insurance and pension information

Amount at risk and choice of cover
Contributions
Reserves and balance
Expected disbursement
Bonus amount
Employee group
Pension contributions
Pension contribution rates
The cover under your insurance policies
Return
Investment

Potential criminal offences

Material showing undue insurance disbursements (e.g. due to insurance fraud) or supporting a reasonable suspicion thereof
Material on criminal offences that may emerge from a review of international sanctions lists

Health information

Health declaration
Health record
Information on sickness absence
Medical opinion
Status on disease/illness
Claims information
Information on occupational injury

Trade union membership

Collective agreement

3.0 General provisions

3.1 Recipients of personal data

For many of our processing activities, we use data processors who assist us with IT or other services. When we use data processors, we always conclude a data processing agreement, setting out the nature of the processing, the purposes, the type of personal data, the categories of data subjects and the period.

  
We disclose personal data to Velliv Foreningen as described in section 2.09

  
After the customer's death or disability, we may disclose personal data to persons connected to the customer's Velliv scheme – for example, the beneficiary and heirs, etc. See section 2.02

 
We disclose personal data to authorities and other third parties, including the Danish Financial Supervisory Authority, the Danish Tax Agency, lawyers, Velliv's auditor (Deloitte), the police or the National Special Crime Unit, when we are required to do so under the law or in order to safeguard our interests in a legal dispute.

 
Pursuant to the Danish Insurance Business Act (lov om forsikringsvirksomhed), we obtain the customer's consent to the disclosure/use of customers' personal data where we are required to do so.

 

3.1.1 Transfer to third countries

In connection with IT operations, including hosting, development and support, we may in certain cases disclose personal data to companies established in a country outside the EU/EEA. 
When Velliv discloses personal data to third parties outside the EU and EEA, we ensure that the personal data is adequately protected by ensuring either:

 

  • that the European Commission has decided on the adequacy of the level of protection
  • that standard contracts approved by the European Commission or the Danish Data Protection Agency are being used
  • that complementary measures are being implemented for those third countries where the legislation of the country concerned so requires.
     

For further information about Velliv's transfer of personal data to third countries, please contact us by e-mail contact@velliv.dk.

3.2 Your rights

Under the GDPR, all data subjects in Velliv have various rights in relation to our processing of personal data, including:

 

  • Right of access to personal data: You have the right to access the personal data we process about you, including receiving a copy.
  • Right to rectification: You have the right to have inaccurate personal data about you rectified.
  • Right to erasure: In particular situations, you have the right to have your personal data erased before our storage period expires.
  • Right to restriction of processing: In certain cases, you have the right to obtain restriction of processing of your personal data. If you have the right to obtain restriction of processing, we may in future only process data – except for storage – with your consent or for the purpose of establishing, exercising or defending legal claims or for the purpose of protecting the rights of another person or for reasons of important public interest.
  • Right to object: In certain circumstances, you have the right to object to our processing of your personal data. You may also object to our processing of your personal data for direct marketing purposes.
  • Right to data portability: You have the right to receive the personal data concerning you in a structured, commonly used and machine-readable format and the right to have personal data transmitted from Velliv to another controller without hindrance. We will respond within 30 days.
     

If you want to exercise your rights, you can contact us via indsigt@velliv.dk.

3.3 Complaints procedure

All our data subjects have the right to lodge a complaint with the Danish Data Protection Agency if they are unhappy with the way we process personal data. We always recommend contacting us beforehand. Find information about the Danish Data Protection Agency’s complaints procedure here.