All self-employed persons are obligated to take YEL insurance in accordance with the Self-employed Persons’ Pensions Act, which serves as the foundation for the pension and social security of self-employed persons. The insurance is required by law. In order to manage the insurance matters of self-employed persons, Elo must process information related to its self-employed customers and their companies. Some of this information is personal data concerning the self-employed individuals. 

The pension security of employees is ensured by TyEL insurance, which employers take on behalf of their employees. In order to manage the pension insurance policies, Elo must process information concerning the employer, employees, pension applicants and pension recipients. The management of an employee’s pension matters includes the processing of pension applications and payments as well as, for example, rehabilitation matters.

Elo manages the funds accrued for pension security in a manner that ensures the benefits inherent to the insurances. As part of our investment activities, Elo provides its customer companies with financing solutions and opportunities to lease premises in real properties owned and managed by Elo. Elo outsources its leasing and property management activities to external service providers who maintain a register containing information about the lessees and relevant service providers.

Information about loan recipients and pledgers are stored in a loan register to assist in credit management.

Elo offers its customers online services comprised of Elo’s public website (Elo.fi) and Elo’s Online Service that customers can access by logging in.

Elo’s website utilises cookies for the purposes of collecting information about the use of the website and related transactions.  More information about the cookies is available at elo.fi/Terms of use.

We utilise data derived from the use of Elo's email and website so that we can offer Elo’s customers interesting information about Elo’s services and topical issues as well as to further market our services to insurance and pension customers. The contact information is also used for the issuing of customer feedback surveys.  

The processing of personal data is also necessary for the development of Elo’s own operations, so that we can offer our customers competitive services and ensure the high quality of our customer services. As part of the development of our operations, we use data collected for the management of statutory insurance and compensation matters for the additional purpose of conducting analyses on transaction methods, and of evaluating and reporting on the efficiency of our activities and communications.

We provide automated decisions concerning old-age and partial early old-age pensions and YEL insurance. Upon receiving an automated decision, registered individuals have the right to demand a manual reprocessing of their application. As a means of ensuring quality, Elo may utilise profiling to support the making of pension disability decisions. The profiling is based on the data concerning the matter being processed and statistics on relevant decisions. Profiling is not used as the basis for automated decisions.

Data is collected from our chat and phone services for the purposes of documenting customer service situations and of ensuring the legal protection of the customers. Calls can be recorded and stored.

Information is disclosed if the recipient has a right by virtue of the law to receive information from Elo. These rights concern, for example, institutions managing statutory social insurance, the tax authorities and distraint authorities, who need such information to carry out their own tasks. The employer has the right to receive information about granted pensions, e.g., for the adjustment of the insurance contribution. Elo may also disclose personal data to other countries by virtue of the international law treaties to which Elo is bound and EU legislation, in cases where such actions are necessary for the realisation of pension security. For the management of its support tasks and investment activities in accordance with the valid employment pension legislation, Elo also uses external service providers, which will then process the personal data on behalf of Elo. Payment transactions take place through banks operating in Finland, whereby personal data is transferred to the banks.

Elo primarily uses companies located within the EU/EEA area to implement tasks related to the maintenance and development of its information systems. If Elo uses companies located outside of the EU/EEA area, Elo only discloses personal data that is necessary for the implementation of the aforementioned tasks and the personal data will be adequately protected.

Elo will not, without the consent of the registered individual, disclose information to other external parties. It is possible to withdraw the given consent at any time.

Data security is an integral part of the quality of Elo’s operations and services, overall security and the daily processing of data by Elo employees. Our data security policy comprehensively specifies the roles and responsibilities of each Elo employee with regard to the implementation of data security.

We have invested in our processes in order to assess and avoid data protection risks. Elo’s entire personnel is trained in data protection, and we have appointed a Data Protection Officer. We continuously develop our operations with regard to data protection. We also require our service providers to maintain a high level of data protection, and this is part of our standard contractual requirements.

Data security work is coordinated by the Data Security Manager working in IT administration. We ensure the high level of data security through continuous training and data security audits of different systems. baData security is included in the induction of every new Elo employee, and the online course on data security is mandatory for all Elo employees. In addition, we provide the different functions with training geared to their specific tasks.  

We closely co-operate with our various IT service providers and data security partners. Elo also cooperates with various authorities as a company critical to emergency supply.

Purpose of the information pool
The purpose of the information pool for the Self-employed person’s employment pension insurance is the management and development of the employment pension insurance activities specified in employment pension legislation and the related customer service. The information pool is also used to manage storage, reporting and inquiries in accordance with legal obligations and orders issued by authorities and the Finnish Centre for Pensions. 

Datasets
The information pool stores information about the validity of a pension insurance policy in accordance with the Self-employed Persons’ Pensions Act (Yrittäjän eläkelaki 22.12.2006/1272, YEL) as well as the confirmed income in order to determine pension insurance contributions and calculate pension amounts. The information collected during the management of the pension insurance is also stored. In addition, the management of insurance activities requires information about invoicing and the collection of insurance contributions. 

Information pool contains the following datasets:
- Basic information of the policy holder and responsible person
- Basic information of the policy holder’s stakeholders
- Customer identification information
- Turnover and ownership information 
- Bank account number 
- Insurance applications
- Insurance and confirmed income decisions
- Bonus information
- Information about decision appeals
- Confirmed income reductions
- Policy holder’s line of business
- Contribution discount
- Negligence fee 
- Customer contact logs and documents, for example, electronic messages
- Internal memos
- Tax information 
- Online service agreement and electronic service choice as well as marketing authorisation
- Customer feedback
- E-mails and telephone call records and information

Invoicing and collection datasets contain the following data groups:
- Basic information of the policy holder and payer
- Information on insurance contribution calculations
- Invoicing information, for example, amount, due date, invoice method, invoice number, e-invoice information
- Payment plans
- Debt enforcement information and other information on external debt collection
- Customer contact logs and documents
- Internal memos
- Collection status
- Method of remittance
- Information on bankruptcy and restructuring
- Customer feedback
- E-mails and telephone call recordings and logs

Information systems
The datasets for Self-employed person’s employment pension insurance and invoicing and collection are registered in different systems. These include the customer system, customer relationship management system, document management, invoicing system and collection system as well as network services. Other information systems used are the customer feedback storage systems and the telephone system.

Making a request for information
Keywords that information can be searched with are
- Business ID
- Name of self-employed person or company
- Personal identity code
- Customer number
- Insurance number
- Invoice number
- Telephone number

The policy holder or their authorised person has access to the online service where they can view the insurance and invoice information. If the online service does not have the desired document or if the online service is not in use, a request for information can be sent by e-mail to yel@elo.fi.

Purpose of the information pool
Data is processed in order to manage the tasks and services related to payment activities in accordance with pension legislation as well as the related customer service. The information pool is also used to manage storage, reporting and inquiries in accordance with legal obligations and orders issued by authorities and the Finnish Centre for Pensions. The information in the information pool is also used to process the insurance matters of employers who have taken out an insurance policy in accordance with the Employees Pensions Act 19.5.2006/395 (TyEL) and to provide services to such employers.

Datasets
The information pool stores data required for advance counselling, pension decisions and pension payment activities. 
The information pool contains the following data groups:
- Basic information of the insured and the beneficiary
- Basic information of the authorised person
- Pension and benefit applications and reimbursements and the related appendices
- Decisions and calculations
- Earnings that the pension is based on and other information affecting pension calculations
- Medical records
- Insurance doctor’s medical assessments
- Information about decision appeals
- Bank account number
- Information about the technical provisions of pensions 
- Paid and recovered pensions
- Withholding tax information
- Withheld payments and debt enforcement information
- Customer contact logs and documents, for example, electronic messages
- Internal memos
- Estimate calculations and other documents related to customer counselling
- Service provider invoices
- Customer feedback
- Telephone call recordings and logs

Information systems
The payment activities information systems include the customer system, pension processing system, pension payment system and document management. Other information systems are the customer feedback storage systems and the telephone system.

Making a request for information
Keywords that information can be searched with are
- Name
- Personal identity code
- Telephone number

The insured person has access to the online service where they can, for example, view their pension record, manage their pension matters and receive pension decisions. If the online service does not have the desired document or if the online service is not in use, a request for information can be made by sending a contact request by e-mail to elakeasiakirjat@elo.fi.

Purpose of the information pool

The purpose of the information pool for the Employer’s employment pension insurance is the management and development of the employment pension insurance activities specified in employment pension legislation and the related customer service. The information pool is also used to manage storage, reporting and inquiries in accordance with legal obligations and orders issued by authorities and the Finnish Centre for Pensions. 

The information pool stores information about the validity of a pension insurance policy in accordance with the Employees Pensions Act 19.5.2006/395 (TyEL) as well as salary/wage information in order to determine pension insurance contributions and calculate pension amounts. The information collected during the management of the pension insurance is also stored. 

In addition, the information pool contains information about invoicing and the collection of insurance contributions required to manage insurance activities. 

The insurance information pool contains the following datasets:
- Basic information of the policy holder and responsible person
- Basic information of the policy holder’s stakeholders
- Customer identification information
- Turnover and ownership information 
- Bank account number
- Insurance applications
- Employee wage/salary information
- Bonus information
- Information about decision appeals
- Policy holder’s line of business
- Negligence fee 
- Customer contact logs and documents, for example, electronic messages
- Internal memos
- Tax information 
- Online service agreement and electronic service choice
- Customer feedback
- E-mails and telephone call recordings and logs

Invoicing and collection datasets contain the following data groups:
- Basic information of the policy holder and payer
- Invoicing information, for example, amount, due date, invoice method, invoice number, e-invoice information
- Payment plans
- Debt enforcement information and other information on external debt collection
- Customer contact logs and documents
- Internal memos
- Collection status
- Method of remittance
- Information on bankruptcy and restructuring
- Customer feedback
- E-mails and telephone call recordings and logs

Information systems
The datasets for insurance, invoicing and collection are registered in different systems. These include the customer system, earnings system, customer relationship management system, document management, invoicing system and collection system as well as network services. Other information systems used are the customer feedback storage systems and the telephone system.

Making a request for information
Keywords that information can be searched with are
- Business ID
- Name of company
- Personal identity code
- Customer number
- Insurance number
- Invoice number
- Telephone number

The policy holder or their authorised person has access to the online service where they can view the insurance and invoice information. If the online service does not have the desired document or if the online service is not in use, a request for information can be sent by e-mail to tyel@elo.fi.