We protect your details
We protect the personal data we have on file for you, not only because we believe this is important, but also because we are obliged to do so under the General Data Protection Regulation (GDPR).
Here, you can read what kind of personal data we process. We also explain what we use your details for, who has access to your details, and who we share your details with.
Watch the video
Watch the video entitled ‘How the SVB uses your personal data’. (This video is only in Dutch.)
Select a subject and read the information
We process data. This means that we collect, store, consult and use data in order to do our work properly. We also establish connections between data and pass data on to other organisations.
We process your personal details if:
- we are legally obliged to do so. For example, we pass on data about your AOW pension or your benefit to the Tax Administration (Belastingdienst)
- it is necessary for the performance of our duties or the duties of another organisation. For example, if that other organisation needs to know whether you are receiving an AOW pension
- you have given us permission to do so
The data we use depends on the scheme or benefit concerned. Outside the European Union (EU ), we only exchange personal data with a few partner organisations and embassies. For example, if we need to obtain information about your pension insurance record outside the Netherlands or ask for assistance in income and assets investigations in another country.
For more detailed information, go to our ‘Register’, which shows what type of personal data is stored, why it is stored, and for how long.
Personal data is information that directly relates to or can be traced back to an individual. For example, a name, identification number or location.
We implement various schemes, including those for old-age pension (AOW), child benefit and personal care budgets (PGB). In order to do our work as best as we can, we use data such as:
- name and address
- email address and telephone number
- personal data, such as burgerservicenummer (BSN ), marital status, date of birth, place and country of birth, nationality and bank account number
- employers’ data, such as payroll tax number and registration number with the Chamber of Commerce
- criminal justice data, such as data on imprisonment, detention or placement in a closed treatment facility
- medical data, for example, to process claims under the Asbestos Victims Compensation Scheme or the schemes and regulations for former members of the resistance and victims of war
The data we use depends on the scheme or benefit concerned. For more detailed information, go to our ‘Personal Data Register’, which shows what type of personal data is stored, why it is stored, and for how long.
We use your personal data for:
- implementing the schemes we are responsible for
- processing complaints or requests for review or appeal relating to the schemes we implement
We also use your personal data for:
- financial and internal checks, accountability and audits
- data analysis aimed at improving our services
The data can be used for:
- management reports and surveys
- historical, statistical and scientific purposes
The data we use depends on the scheme or benefit concerned. For more detailed information, go to our ‘Personal Data Register’, which shows what type of personal data is stored, why it is stored, and for how long.
Automated decisions
Personal data is sometimes used to take automated decisions. For example, if a family has a second child, child benefit will be paid automatically for that child.
All SVB decisions are open to review, whether they have been issued automatically or by a case officer. How to request a review is explained in the notification of the decision. If a decision was taken by a case officer, the officer's name and telephone number will be shown on the letter. If no name is shown, the decision will have been issued automatically.
Profiling
Our automated decision-making process does not use profiling. Profiling means that an organisation takes a decision on someone based on their personal profile. This gives them an idea of how that person might behave. Decisions are always based on the personal data of the individual client, not on similarities between groups of clients. Client profiling in the broadest sense of the word does occur. For example, if we impose a fine on a client, we always check to see whether the client has received a fine from us before. We are required to do this by law in order to determine the amount of the fine. Decisions in such cases will not be taken automatically, but by a case officer. This way of profiling is only used if it is required by law.
We take all necessary measures to protect your data while observing the law and complying with the Government Data Protection Baseline (BIO) and ISO 27001. All our staff members have a duty of confidentiality. They may only view your details if this is necessary for the performance of their duties. Our computers and office buildings have also been secured. We do not keep any data for longer than strictly necessary.
There are several ways you can protect your own data.
Keep your DigiD secret
It seems obvious, but never share your login data with anyone else. We will also never ask you for your user name or password. Not by internet, email, telephone or in any other way.
Check websites
Be wary of websites or emails asking for your personal data. Always ask yourself whether the data is really relevant for the services they provide.
A secure ID
In the Dutch government publication ‘Factsheet Een veilig ID’ (only in Dutch), you can read about the dangers of identity fraud and what you can do to prevent this.
In My SVB, you can view part of your personal data. For example, you can check how much AOW pension you have built up, or view itemised details of our payments.
If you receive a personal care budget (PGB), you can view part of your PGB data in Mijn PGB.
If you would like to know what data we have on file for you, you can send us a request for access to your data.
For example, you can ask us to send you:
- a list of the personal data we hold on you
- an explanation of what we do with this data
- an explanation of how we acquired the data
- a list of organisations we exchange your data with
Call us first
Call us first so we can see whether we can help you straight away. Contact your SVB office about this. If you are not satisfied after speaking to us, you can still send us a request for access to your data using the appropriate form. Download the form, fill it in and upload it to My SVB or send it to us by post.
Requesting access to your data by uploading the form in My SVB
- Download the form ‘Request for access to my personal data’ via My SVB
- Fill in the form
- Upload the form in My SVB under ‘Contact’
Download ‘Request for access to my personal data’ via My SVB (pdf / 106.15 KB) (only in Dutch)
Requesting access to your data by sending the form by post
- Download the form ‘Request for access to my personal data by post’
- Fill in the form
- Print the form
- Sign the form
- Make a copy of your valid identity document so that we can check your identity
- Send the form and the copy of your identity document to your SVB office
Download ‘Request for access to my personal data by post’ (pdf / 108.37 KB) (only in Dutch)
If you are the parent or guardian of a child aged 16 or older, you cannot request access to the child’s data. The child must ask for this him or herself.
Authorisation
If you wish to authorise someone to have access to your data, fill in the authorisation form and send it to us together with the form ‘Request for access to personal data’ and a copy of your representative's identity document. You can send the documents by post or via My SVB.
If you have already appointed a representative, you need to send a separate authorisation if you want to supplement or adjust your data. For this, use the authorisation form.
When will you receive a response?
You will receive a response within one month. If we cannot meet your request within this time limit, for example because of the amount of data involved, the time limit will be extended by one month. We will let you know before the end of the first month and and explain why we need more time.
If the personal data we have on file for you is incorrect or incomplete, you can ask us to correct or update it using the appropriate form below. Download the form, fill it in and upload it to My SVB or send it to us by post.
Changing or updating your data by uploading a form to My SVB
- Below, download the form ‘Request to correct or update personal data in My SVB’.
- Fill in the form
- Upload the form in My SVB under ‘Contact’
By post
- Below, download the form ‘Request to correct or update personal data in My SVB’.
- Fill in the form
- Print the form
- Sign the form
- Make a copy of your valid identity document so that we can check your identity
- Send the form and the copy of your identity document to your SVB office
Authorisation
If you wish to authorise someone to have your data corrected or updated, download the authorisation form below, fill it in and send it to us together with the form ‘Request to correct or update personal data’ and a copy of your representative’s identity document. You can send the documents by post or via My SVB.
If you have already appointed a representative, you need to send a separate authorisation if you want to correct or update your data. For this, use the authorisation form that you can download below.
When will you receive a response?
You will receive a letter from us within one month to confirm whether or not we have adjusted your data. If we have not adjusted your data, we will explain why. We may also ask you for additional information, for example, if you need to show why the change to your data is necessary.
If we suspect that a client has committed a punishable offence, we may start a criminal investigation to collect evidence. The investigation will be carried out by special investigating officers working for the SVB. They can draw up an official report and send it to the Public Prosecutor . The Public Prosecutor may then decide to bring the matter before the court. The personal data collected by the SVB’s special investigating officers as part of their police duties are considered to be police data.
The SVB is responsible for handling this police data, which is subject to the Police Data Act (Wpg). The SVB will only store police data if it is absolutely necessary. Furthermore, this data is only accessible to SVB officers who need this information to carry out their duties. Other SVB officers will not be able to view this data.
If you have been in contact with a special investigating officer of the SVB, the SVB will have stored information about you. You can view your police data and have it corrected if it is wrong. You can also ask us to remove your data. If you wish to view the data the SVB has stored about you, or have this data corrected or removed, you must send us a letter.
Your letter must include the following:
- which police data you wish to view or have corrected or removed
- the period concerned
- your name and initials
- your address and telephone number
- your Burgerservicenummer (BSN)
- the date
- your signature
You can object to your details being processed, for example if, due to exceptional circumstances, your personal interests outweigh the performance of our duties.
You can also ask us to stop using certain data or remove data if it is incorrect or unlawful or no longer necessary for its original purpose.
In such cases, please contact our Data Protection Officer. You can find out how to do this under ‘Questions or comments about privacy and data protection’.
If you have a question or comment about the use of your personal data or about your privacy rights, our privacy statement or the way in which we deal with privacy in general, please contact our Data Protection Officer (‘Functionaris Gegevensbescherming’). This person is a confidential adviser who ensures that we comply with privacy rules and regulations.
You can contact our Data Protection Officer in the following ways:
Letter
Send a letter to:
Sociale Verzekeringsbank
t.a.v. Functionaris Gegevensbescherming
Postbus 1100
1180 BH Amstelveen
The Netherlands
Email form
Use the email form to contact our Data Protection Officer
You will receive a response within one month. If we need more time, for example because of the amount of data involved, the time limit will be extended by one month. We will contact you before the end of the first month and explain why we need more time.
If you are dissatisfied with the way your personal data is used, you can lodge a complaint. We will do everything we can to deal with your complaint as quickly as possible.
Call us first
If you have a complaint, call us. We can then discuss your complaint and see whether we can settle the matter straight away. If we cannot help you immediately, or if you are not satisfied with the results, you can contact us again and we will see if we can solve the problem some other way.
Send us a letter or fill in the complaints form
You can submit your complaint online using the digital complaints form.
If you would rather write us a letter, you are welcome to do so. As soon as we have received your letter, we will contact you personally. Send your letter to:
Sociale Verzekeringsbank
t.a.v. Functionaris Gegevensbescherming
Postbus 1100
1180 BH Amstelveen
The Netherlands
The Dutch Data Protection Authority
If you feel we have not dealt with your complaint properly, you can submit a complaint to the Dutch Data Protection Authority at the following address:
Autoriteit Persoonsgegevens
Postbus 93374
2509 AJ Den Haag
The Netherlands
If personal data has been lost or it appears that it may have been processed unlawfully, this is called a ‘data breach’. For example, if a USB stick or laptop containing personal data is lost or stolen, or hackers have broken into our system and gained access to personal data. Serious data breaches are reported to the Dutch Data Protection Authority within 72 hours after discovery.
If you detect a data breach, please contact us without delay.
Our website is secure. We use cookies to collect data for statistical information on our website. A cookie is a small file that is saved on your computer. We can then recognize your computer the next time it is used to visit our site.
Cookies contain a unique number. They do not contain personal details so they cannot be used to identify you personally. Neither can they be used to identify you when you visit other websites.
If you object to the use of cookies, you can switch them off by using your browser settings. This will not affect your use of our website.
Below, you can find our privacy statement. It is a PDF file containing all the information you may have read above. For example, about the personal data we process about you as a client, or about how we use the data, who has access to your data and who we share your data with.