Please note that the website might not function correctly using an outdated browser. We recommend updating your browser or using another one.
Sampo Group companies operate in the financial and insurance sector, which is a highly regulated industry and characterized by a high amount of personal data processing. Most of the measures adopted in the field of financial and insurance services concern data relating, directly or indirectly, to individuals. Therefore, the protection of personal data is of great importance.
At Sampo Group, the guidance documents regarding data privacy are the Sampo Group Code of Conduct and the Sampo Group Data Privacy Statement, which are both approved by Sampo plc’s Board of Directors, reviewed annually, and updated when deemed necessary. The Code of Conduct states that Sampo Group companies comply with the relevant EU and national data privacy regulation. Further, according to the Code of Conduct, Sampo Group is committed to processing personal data in a lawful, fair, and transparent manner. All Group companies aim to ensure that the privacy of employees, customers, shareholders, and other stakeholders is not breached, and that adequate data privacy training is offered to employees of the Group.
The purpose of the Data Privacy Statement is to guarantee that the processes related to personal data are carried out lawfully; that employees are aware of and comply with the data protection rules; that necessary technical and organizational measures are adopted to protect personal data; and that the individual Group companies’ data protection policies and guidelines are transparent toward data subjects, stakeholders, and other interested parties. The group-level Data Privacy Statement outlines the general requirements to be met by all Sampo Group companies. Each Group company has adopted more detailed policies and guidelines on data privacy for their own commercial purposes.
|Number of Complaints Received Concerning Breaches of Data Privacy, Sampo Group||2019|
|Complaints from Data Subjects||3|
|Complaints from Data Protection Authorities||0|
Further information can be found in the Corporate Responsibility Report (page 32).