Please note that the website might not function correctly using an outdated browser. We recommend updating your browser or using another one.
Sampo Group companies operate in the financial and insurance sector, which is a highly regulated industry.
The sector is characterized by the high amount of personal data processing. Most of the measures adopted in the field of insurance services concern data relating, directly or indirectly, to natural persons, meaning individual human beings. Therefore, the protection of personal data is of great importance for the Group companies.
The data is business critical for Group companies and collected only for the explicit and legitimate purposes necessary to carry out business. Personal data is not further processed in a manner that conflicts with those purposes. Sampo Group is committed to processing personal data in a lawful, fair, and transparent manner.
The types of personal data that Sampo Group companies process may differ due to different business activities and services. Regarding data privacy, all Sampo Group companies comply with the relevant national legislation, together with the provisions and principles imposed by the European General Data Protection Regulation (GDPR), which came into force in May 2018.
At Sampo Group, the guidance document regarding data privacy is the Sampo Group Data Privacy Statement. The aim of the Data Privacy Statement is to ensure an adequate level of protection of personal data and compliance with the applicable laws by Sampo Group companies. The group-level Statement demonstrates the general requirements to be met by all Sampo Group companies. Each Group company has adopted more detailed policies and guidelines on data privacy for their own commercial purposes.
The aspect of data privacy has been a high priority for Sampo and the Group companies during the last few years. There have been several projects ongoing at group-level, as well as at If, Topdanmark, Mandatum Life, and Sampo plc, to ensure compliance with the GDPR. The responsibility for correct behavior when it comes to data privacy belongs to every employee inside Sampo Group. Therefore, proper training of employees is an essential part of data privacy management.
Further information can be found in the CR Report (page 21).