We use cookies to make its website more user-friendly, secure and effective. Cookies collect information about the use of websites. Further information: Information on data protection
Not for Helvetia customers
The pension fund operates a comprehensive pension provision scheme and is not required to provide information on data protection. However, privacy and personality rights are of particular importance to both the Helvetia Insurance Pension Fund and the Helvetia Insurance Supplementary Pension Fund (hereinafter referred to as the “pension fund”). They have therefore jointly set out their policy on the handling of personal data in this Privacy Policy. The following section provides detailed information on the collection and subsequent processing of personal data.
The term “processing” of personal data refers to any handling of data, such as the collection, storage, retention, use, modification, disclosure, archiving, erasure or destruction. The terms “processing” and “handling” are used interchangeably in the following Privacy Policy. “Personal data” is data that relates to an identified or identifiable natural person. This means that it is possible to deduce their identity from the data itself or with the help of relevant supplementary data. In the following, the term “personal data” is used interchangeably with “data”. “Sensitive personal data” is a category of personal data for which data protection law imposes stricter requirements. Sensitive personal data includes, for example, health data, data revealing racial and ethnic origin, information on religious or ideological convictions, biometric data for identification purposes and information on trade union membership.
“The pension fund as the data controller” processes personal data in relation to members of the pension fund and the supplementary fund, relatives of members, mortgage holders, agents, employers of insured persons or their contact persons, contact persons of social and private insurance providers, tenants and their contact persons, visitors or other persons (collectively “data subjects”) who apply for or receive services or insured benefits, or are otherwise affected by them. This Privacy Policy forms the basis for the processing of personal data in the course of the various business activities of the pension fund. In addition to this Privacy Policy, the pension fund provides data subjects with information regarding any business-specific processing of data. In doing so, the pension fund makes sure that every data subject is informed about the data processing in an appropriate and timely manner, even if the personal data is not collected by the company itself.
The Privacy Policy may contain information about third parties with whom the pension fund works and who may themselves be data controllers for data processing purposes. Data subjects may contact these third parties directly if they have any questions regarding the exercise of rights.
If data subjects have questions about data protection and the rights of data subjects, they can contact the pension fund citing “data protection” in the subject line. This will put them in touch with the Data Protection Adviser or the company Data Protection Officer, who is also responsible for the pension fund under the management agreement.
Pension Fund of Helvetia Insurance
and Supplementary Pension Fund of Helvetia Insurance Data Protection
Dufourstrasse 40
9001 St.Gallen
In the field of occupational pension, the pension fund processes personal data in accordance with the Federal Law on the Occupational Old Age, Survivors’ and Invalidity Pension Provision (BVG; SR 831.40), the Federal Act on the Vesting of Occupational Old Age, Survivors’ and Invalidity Benefits (VBA; SR 831.42) and the Swiss Data Protection Act (FADP; SR 235.1). Personal data is also processed in accordance with the relevant ordinances and the pension fund’s regulations.
“Processing” means any handling of personal data, regardless of the means and procedures used, in particular the collection, storage, retention, use, modification (including pseudonymisation and anonymisation), disclosure, archiving, erasure or destruction of data. The processing must not unlawfully infringe the personality rights of data subjects, and any processing may be based on the following legal basis under data protection law:
The personal data processed by the pension fund includes data that has been provided by data subjects, collected from them, or is publicly accessible. Categories of data include, among others:
This category includes any data derived from the above.
In order to optimise the discharge of business processes and the conclusion of contracts, or the processing of contracts and the provision of services, the pension fund or any parties engaged by the pension fund may collect relevant personal data from third parties if this is necessary. In addition to obtaining the relevant information, the processing of the conclusion of the contract or the provision of services may require the transmission of personal data to third parties. However, even after having been disclosed the data remains subject to the provisions of the applicable data protection legislation. In addition, the pension fund places these third parties under an obligation to handle the data appropriately depending on the sensitivity of the data and other circumstances.
These are generally the following categories of recipients:
The pension fund is integrated into Helvetia Insurance’s IT environment, with the exception of the pension fund software. The IT systems used for data processing are governed by internal regulations. Care is taken to ensure that IT systems comply with current technical standards and that adequate security measures are in place to safeguard personal data. Helvetia uses data centres and IT services outside Switzerland, including maintenance and support services. For further information on countries where Helvetia’s data centres are located, refer to the “List of recipients and countries” of Helvetia.
The PK/S.live app can be used, amongst other things, to view the pension certificate. To ensure the registration and login process, as well as the operation of the PK/S.live application, the pension fund processes, for example, the personnel number, login password and IP address.
Die Pensionskasse bearbeitet Personendaten, solange dies für die Erfüllung der Bearbeitungszwecke, die gesetzlichen Aufbewahrungsfristen, berechtigte Interessen, wie zu Dokumentations- und Beweiszwecken, oder so lange Ansprüche gegen die Pensionskasse geltend gemacht werden können, notwendig oder eine Speicherung technisch bedingt ist, wie dies z. B. bei Sicherheitskopien der Fall ist.
When processing personal data, the pension fund takes adequate technical and organisational measures to prevent unauthorised access and other unauthorised processing. These measures are based on the international standards in this area and are checked regularly and adjusted if necessary.
The applicable data protection law as amended from time to time grants certain rights to data subjects provided certain conditions are met:
The right to request information as to whether and which data the pension fund processes and to receive a copy of this personal data.
The right to correct, complete and rectify inaccurate data.
The right to request the erasure of personal data if the personal fund is no longer obliged or entitled to retain such personal data under the applicable laws and regulations.
The right to object to the processing of your personal data, in particular insofar as processing is based on legitimate interests or where data is processed for purposes of direct marketing, as well as the right to withdraw consent insofar as data processing is based on consent.
The right to request that the pension fund hand over certain personal data in a standard electronic format or transfer it to another controller.
The right of the data subjects to express their point of view in the case of exclusively automated decisions and to request that the decision be reviewed by a natural person.
If you wish to exercise the above rights, you may do so by contacting the relevant data controller.
The applicable law grants you the right to obtain, upon request, further information necessary to exercise these rights.
These rights are subject to conditions, exceptions or restrictions (e.g. for the protection of third parties or trade secrets) under the applicable data protection law.
If your rights have been infringed, you can submit a report to the Federal Data Protection and Information Commissioner FDPIC (www.edoeb.admin.ch) using the Data Protection Contact Form.
The pension fund would like to remind data subjects that the Internet is an open, global network that is accessible to everyone. Communication via email is not usually encrypted and takes place only during regular office hours. It is possible that data may be lost or intercepted and/or manipulated by third parties, for example, to make it appear authentic. The pension fund takes appropriate technical and organisational security measures to prevent this from happening. Nevertheless, the confidentiality of data transmitted by email cannot be guaranteed. This applies, in particular, to the transmission of sensitive personal data (such as health data). Emails may be delayed, deleted, misrouted or shortened during transmission due to transmission errors, technical defects or other malfunctions. External access devices (PC, smartphone, etc. of end users) and parts of the infrastructure involved in the transmission between the sender and the pension fund are located outside the security area under the control of the pension fund. It is the responsibility of each Internet user to find out about the necessary security precautions and to take appropriate measures (e.g. up-to-date anti-virus software, etc.). The pension fund is not liable for any damage or consequences arising from the electronic exchange of information, particularly from the misuse of the email system, which it did not cause itself. The pension fund reserves the right to seek redress from the data subject for any intentional damage it suffers as a result of business transactions with the data subject via the electronic exchange of information. The pension fund reserves the right in individual cases not to reply by email or to additionally require a different form (e.g. a form with a signature) for the order or information received by email.
The pension fund is a tenant of Helvetia, and the latter is solely responsible for implementing security measures and processing data in relation to building security.
The categories of personal data processed by Helvetia in connection with ensuring security are:
The following are monitored by CCTV cameras:
Data may be passed on to recipients in Switzerland and abroad. Details can be found in Helvetia’s “List of recipients and countries” at www.helvetia.ch/privacy. Helvetia processes personal data for as long as needed for the described purposes and usually deletes such data after 30 days.