Spring 2018
On 25 May 2018, the new General Data Protection Regulation (GDPR) will take effect. This regulation sets stricter requirements than the current Dutch Personal Data Protection Act (Wet Bescherming Persoonsgegevens, or WBP). In this article, we will explain what your pension fund is doing to comply with the GDPR and what this means for you.
ING CDC Pensioenfonds receives your personal details from ING. We need those details for the administration of the pension plan. They include your Dutch social security number (BSN), your date of birth, your gender and your salary. Why does the pension fund need these details? How does the pension fund protect your privacy? What is the difference between the old and new legislation? Let us explain.
Why the pension fund needs your personal details
We need your personal details for various reasons including the following:
How does the fund protect your privacy?
The systems ING CDC Pensioenfonds uses for storing and processing your personal details are well protected. We have procedures in place to ensure that the pension fund cannot pass your details on to parties who have no involvement with your pension.
The pension fund has outsourced several activities, including the pension accounts, to outside companies. The fund has signed agreements with these companies to ensure the protection of your personal details.
What is the difference with current legislation?
The Dutch WBP already provided for strict protection of your privacy, and that will not change under the GDPR. What will change is that the pension fund will have to comply with stricter rules regarding compliance with procedures.
What does this mean for you?
The pension fund ensures your personal details are protected. You don’t need to take any action for that. Moreover, the pension fund processes only those personal details it needs for the administration of the pension plan.