Privacy statement

In accordance with the new applicable European regulations governing the processing of personal data (General Data Protection Regulation, GDPR), OFP DuPont European Pension Fund (hereinafter: DEPF) wishes to inform you about the use of your personal data in the administration of your supplementary pension rights.

This information is presented in the form of a list of questions and answers.

We process the data of the following persons:

  • those whose pension scheme we administer;
  • those who visit our website;
  • those who we contact.

We refer to the collection, management and use of your data as ‘processing’. We receive these data from you or from another party.

It is necessary to use specific personal data to calculate, pay out or, where applicable, transfer your entitlements under the pension scheme, as well as to inform you of your existing pension entitlements on a regular basis.

In collecting and processing your personal data, the OFP DuPont European Pension Fund and your (previous) employer are complying with their statutory obligation to manage and administer your pension plan.

The personal data used can be subdivided into a number of different categories.

  • name and address details, telephone number and email address;
  • bank account number;
  • date of birth, sex and civil status;
  • preferred language and nationality;
  • citizen service number or national register number;
  • employment details from your employer, including your pensionable salary;
  • details relating to an incapacity for work;
  • relationship details and personal details of your partner, former partner and children, if applicable.

DEPF will in any event only process, or commission the processing of, the personal data that are actually required to manage your pension plan.

As an affiliated pension plan member, it is your responsibility to inform any future beneficiaries of the possible use of specific personal data of theirs for the management and administration of your pension plan (e.g. for the purposes of payment in the event of your death).

We collect data from you when, for example:

  • you call or send us an email;
  • you sign up for our online newsletter; or
  • you complete an online contact form on our website.

DEPF receives your personal data via your (previous) employer. Furthermore, the government informs the pension fund of specific events, such as a change of address, death or retirement. Should a specific event take place, such as your retirement or death before retirement, you or your beneficiary/beneficiaries will be asked to provide additional information for the purpose of paying out the pension rights to you or your beneficiary/beneficiaries.

We also operate a cookie policy for visitors of our website. A cookie is a text file that is placed on your computer, tablet or mobile telephone when you visit the site. Cookies make using the site easier and faster.

Members of the operational bodies of the pension fund at DEPF (board of administrators, executive board) can process your personal data in their executive and supervisory roles.

We only provide the following data to third parties if necessary for the proper administration of the pension scheme. Such third parties include our service providers, the Administration of Fiscal Affairs/Tax and Customs Administration, social security agency and supervisory bodies (Financial Services and Markets Authority in Belgium, De Nederlandsche Bank in the Netherlands). We will only derogate from this if the law, the pension rules and/or administration agreement oblige us to do so. Or if you authorise us in writing to disclose your data.

Security by our outsourcing relationships

Together with our service providers, including Aon Belgium and RiskCo, which handle the pension administration for our sections, we have taken the necessary technical and organisational measures to protect your data against loss or damage. These measures also serve to replace or restore lost or damaged personal data.
The outsourcing parties with which DEPF collaborates have endorsed our privacy policy which sets out that they are obliged to observe the secrecy with respect to the personal data they process. Furthermore, they are obliged to use these data in accordance with the relevant legislation and regulations, except where the law obligates them to disclose the data.

The employees, supervisors and representatives of the contracted service providers or institutions will also exclusively process your personal data based on the written instructions of the pension fund.

Transmission of data outside the EU

It is possible that your personal data will be transmitted to countries outside the EU. We will do this only if required for the proper administration of your pension scheme. In such cases, we always take measures to ensure an appropriate level of protection with respect to the processing of your personal data (privacy shield).

Your personal data will not be retained any longer than is necessary for the purpose for which they were collected or are being processed. Relatively long retention terms are necessary given the nature of our activities. It is possible that DEPF will retain some data owing to a legal obligation. In such cases, we will retain the data for the statutory retention period.

As an affiliated scheme member, you have a number of rights in respect of the processing of your personal data:

  • the right to inspect the processed data
  • the right to improve, restrict or delete data if warranted, with the aim of continuing the management and administration of the pension plan to the extent that such is possible
  • the right to request data to be transferred to another organisation that processes similar data.

We wish to point out that there are a number of cases in which the deletion of data is not possible, such as when the processing of the data is required to perform a mission of public interest as laid down by law.

You can submit a request to inspect, correct, restrict, delete or transfer your data to the pension administrator for your section (Aon Belgium or RiskCo). You will receive a response to your request as soon as possible, but no later than within one month. If you have any questions about your rights, you can get in touch with DEPF by email: info@depf.eu.

The Belgian Data Protection Authority and the Dutch Data Protection Authority are the statutory bodies tasked with supervising the processing of personal data. They oversee compliance and have a number of measures available to them, including the imposition of fines.

Contact information:

Data Protection Authority
Address: Drukpersstraat 35, 1000 Brussels, Belgium
Telephone number: +32 (0)2 274 48 00
For urgent questions: +32 (0)2 274 48 78
Email address: contact@apd-gba.be
Website: https://www.gegevensbeschermingsautoriteit.be/

Dutch Data Protection Authority
Address: PO 93374, 2509 AJ The Hague, the Netherlands
Telephone number: +31 (0)88 1805 250
Duty to report data leaks: +31 (0)88 1805 255
Website: https://autoriteitpersoonsgegevens.nl

Do you disagree with the decision with regard to your request? In that case, you can lodge a complaint with the president of the Board of Administrators. You complaint will be dealt with in accordance with our complaints procedure.

If you are not satisfied with the way your complaint has been handled, you can submit your complaint or request to the Belgian Data Protection Authority or the Dutch Data Protection Authority. You can find the relevant contact details above.

We reserve the right to amend the privacy statement, for example in connection with amendments to legislation or regulations or case law. You are therefore advised to consult this statement regularly when you visit our site.