Privacy policy and cookies

Here you can read how personal data is processed at Protector Vakuutus. Protector Vakuutus protectsyour individual rights and your personal data. In the processing of personal data, we comply with the EU's General Data Protection Regulation 2016/679 (GDPR) and the national legislation that specifie and supplements it.

Contents

• Introduction
• Contact Information
• Processing of Personal Data
• Why and how do we process personal data?
• What data does Protector Vakuutus process?
• What legal bases does Protector Vakuutus use?
• Special categories of personal data
• To whom do we disclose personal data?
• How long do we store your personal data?
• Your rights under the Data Protection Regulation
• How you can complain about processing
• Use of artificial intelligence in processing - faster and more secure for you

1. Introduction

What is personal data?
Personal data is information that can be linked to an identified or identifiable person, such as name, address, personal identity number, email address and/or registration number. It may be necessary for us to process such data to serve you as a customer.

What is the processing of personal data?
According to Article 4(2) of the GDPR, the processing of personal data means:
"an operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction". The processing of personal data requires a legal basis.

2. Contact Information

Data Controller:

Protector Forsikring ASA, Suomen sivuliike (hereinafter Protector Vakuutus)
Postal address: PO Box 230, 00101 Helsinki
Email: info@protectorvakuutus.fi
Phone number: 020 741 4000

Data Protection Officer:

Protector Vakuutus’ Data Protection Officer (DPO)
Postal address: PO Box 230, 00101 Helsinki
Email: dpofi@protectorvakuutus.fi
Name of the register: Protector Vakuutus’ customer register

3. Processing of Personal Data

We process personal data that is necessary to provide insurance services to our customers. For example, when a person covered by an insurance policy suffers a loss, we need the personal data of the injured party to fulfil our obligation under the insurance contract.

When you contact us as an insured, a policyholder or an injured party, we often receive information directly from you. Information may also be provided by your counterparty, the policyholder (e.g. your employer) or a group representative.

Protector Vakuutus may also obtain information from contractual partners, other insurers, public authorities or healthcare providers. This is particularly true when we manage claims and investigate the parties' right to insurance compensation. We may also obtain and update your personal data from official sources and public registers, such as the Digital and Population Data Services Agency (DVV), the Incomes Register, and the Finnish Transport and Communications Agency (Traficom).

Providing personal data is voluntary, but without the necessary personal data, we cannot calculate the correct compensation in the event of a claim. We do not recommend sending sensitive personal data or personal identity numbers in unencrypted emails.

4. Why and how do we process personal data?

We process personal data to conduct our insurance business and provide high-quality services to our customers. The data is used for purposes such as:

• Service provision: Identifying customer needs and risks, making insurance offers, managing insurance contracts and processing claims.
• Service development: Improving the quality of our services and products, tailoring insurance policies and analysing performance. We may use automated analysis tools to improve our service.
•  Statistics: Producing statistical data for risk assessment and product development.
•  Fulfilling legal obligations: For example, reporting to public authorities.

Your privacy is important to us, and we process your personal data carefully and in accordance with the law. The processing is carried out by our trained experts, and we use secure systems. All our employees are bound by a duty of confidentiality. In addition, we regularly train and instruct our employees on the proper processing of personal data.

5. What data does Protector Vakuutus process?

The personal data we process varies depending on the insurance product and the reason for contact. The data can be classified as follows:

• Identification data: Name, address, email address, phone number, personal identity number, vehicle registration details.
•  Insurance and claims data: Information about the insured risk, the scope of the insurance, and previous and current claims.
•  Information about the claim event: Description of the event, witness statements, official records, receipts and photographs.
•  Recordings: We may record phone calls to ensure service quality and for training purposes.
•  Information from other sources: We may obtain information from public authorities, partners and public sources.

6. What legal bases does Protector Vakuutus use?

The processing of personal data is always based on a lawful basis:

•  Performance of a contract: The processing is necessary for the performance of an insurance contract. For example, customer management and claims processing.
• Legal obligation: The processing is necessary to comply with a legal obligation. For example, the Accounting Act and tax legislation.
•  Consent: The data subject has given their consent to the processing. For example, the processing of sensitive health data in certain cases.
•  Legitimate interest: The processing is necessary for the purposes of our legitimate interests. For example, fraud prevention, maintaining data security and service development.

7. Special categories of personal data

In some cases, such as in the claims processing of personal insurance, we process special categories of personal data, such as health data. The processing of this data is based on law or your explicit consent. In statutory types of compensation, we have the right to request information without separate consent. We may also process data related to criminal offences, for example, in connection with the investigation of insurance fraud.

8. To whom do we disclose personal data?

We may only disclose personal data to third parties if permitted by law. Data may be disclosed to:

• Public authorities: On the basis of a legal obligation (e.g. the tax authority, the enforcement authority).
• Partners: In connection with claims processing (e.g. repair shops, medical experts, other insurance companies, the Finnish Workers' Compensation Center, the Finnish Motor Insurers' Centre, the Finnish Patient Insurance Centre).
•  Other parties with your consent.

When we use processors of personal data, we ensure through contracts that they comply with our data protection guidelines and legislation. As a general rule, personal data is not transferred outside the EU/EEA area.

9. How long do we store your personal data?

We only store personal data for as long as is necessary to fulfil the purpose of the processing or to comply with legal obligations. Due to the nature of the insurance business, the retention periods are often long and vary by insurance class:

• In voluntary personal insurance, contract data is stored for at least 10 years from the end of the contract.
• In statutory personal and motor liability insurance claims, the statutory retention period is 100 years from the last processing date of the claim.

We delete personal data when there is no longer a legal basis for its retention.

10. Your rights under the Data Protection Regulation

You have the following rights regarding the processing of your personal data:

• Right of access to data: The right to know what data we process about you.
• Right to rectification of data: The right to demand the correction of incorrect data.
• Right to erasure of data ("right to be forgotten"): The right to request the erasure of your data under certain conditions.
•  Right to withdraw consent: If the processing is based on your consent, you can withdraw it at any time.
• Right to object to processing: The right to object to processing that is based on a legitimate interest.
• Right to restriction of processing: The right to request the restriction of processing in certain situations.
• Right to data portability: The right to receive the data you have provided yourself in a machine-readable format.

You can exercise your rights by contacting our Data Protection Officer in writing (contact details in section 2).

11. How you can complain about processing

If you have any questions or comments about our processing, please contact us. You also have the right to lodge a complaint with a supervisory authority if you consider that the processing of your personal data infringes the law. In Finland, the supervisory authority is the Office of the Data Protection Ombudsman.

Contact details:
Office of the Data Protection Ombudsman
Postal address: PO Box 800, 00531 Helsinki
Email: tietosuoja@om.fi

12. Use of artificial intelligence in processing

We may use artificial intelligence (AI) to make our case processing more efficient and better. This ensures faster processing time and a better customer experience.

• How AI is used: AI automates parts of the processing, but important decisions are always made by a human processor.
• Your data is secure: We prioritise the secure processing of personal data with strong access control, encryption and anonymisation.
• Use of data in AI training: As a general rule, customer data is not used to train our AI models. If there were an exceptional need for this, it would only happen in full compliance with the GDPR, for example, through large-scale anonymisation.

Last updated on December 1, 2025.

We use cookies and other online identifiers on our websites and online services in order to ensure a smooth user experience for you and provide better and more relevant content.

Below you will find more information about what cookies are, the kind of cookies Protector Insurance uses, and how you can manage their use.

What are cookies?

Cookies are small files that the web server stores on a device, such as a computer, tablet or phone, when you visit our website or services. Cookies contain character strings that enable the performance of different functions and register website interaction. Thus, cookies store information about internet users' online behaviour, such as the websites users visit and the language in which they use the internet. The purpose of cookies is not to damage your terminal device, and they do not read any other data from your device's hard drive or spread viruses. Cookies and the information collected with them help our website and services work optimally and serve you as well as possible. Cookies as such do not identify users individually, but identification is always tied to the browser or device you are using.

From the browser menu, you can choose which types of cookies will be saved on your computer.

Essential cookies

Some of the cookies we use are essential for the operation and safe and smooth functioning of our website and services. Essential cookies enable functionalities that are necessary for using our website and services, such as moving from one page to another, logging into protected parts of the site, and operating language settings.

Essential cookies are usually set by the first party and they are session specific. Essential cookies are automatically downloaded to your device and, by law, users’ consent is not required to use them. You can block the use of essential cookies in your browser settings and delete them from your device. If you prevent the use of essential cookies, you may not be able to use our websites and services in the intended manner.

Functional cookies

Functional cookies increase and improve a website's functionality, but they are not essential for using the site. Functional cookies enable the storage of information that changes the appearance or the functions of the website. This information includes, for example, your chosen language or region.

Statistics cookies, i.e., cookies that collect visitor and analytics data

Statistics cookies are used to collect information about how websites are used, for example through the storage of identified traffic sources (IP addresses), counting page loads or measuring website loading times and tracking how users navigate the website.

Cookies used by Protector Insurance

Our website uses first-party cookies from Google Analytics with the identifiers utma, utmb, utmbc umbt and utmbz. Google Analytics is a web analysis tool that collects information about website usage. The stored information includes, among other things: which pages of our website users visit, the duration of each visit and the country from which the website is accessed.

IP addresses are defined as personal information because they can be traced back to a specific piece of hardware and thus (generally) to an individual. The information collected from our site by Google Analytics cookies (including IP addresses) is aggregated and cannot be linked to individual users. Therefore, the IP addresses collected by Google Analytics are not considered personal data.

Our online service uses JWT cookies to store information about service users. JWT cookies collect information about user IDs, user identities and phone numbers, as well as information about what time users log into our services. These cookies enable access to the service for which login is necessary while ensuring data security and user-friendliness. Data collected using JWT cookies is automatically deleted when the user logs out of the service. The cookies are not deleted automatically if you close the browser without logging out first. Please note that we record log data when users are logged into the service. Log data is registered to ensure the safety and integrity of the website. We only store information about user activity when it is absolutely necessary.

Deleting and preventing the use of cookies

You can decide which types of cookies may be installed on your terminal device. By entering your browser settings, you can completely prevent the use of cookies, but in this case, you may not be able to use all websites and services as intended. It is also possible to delete cookies at regular intervals, in which case it is not possible to create a long-term user profile, as in the absence of basic data the profile has to be created again from scratch.

Please note that if you delete cookies, they will be created again the next time you visit our website or service (unless you have changed your settings so that the creation of cookies is prevented). You can edit cookie settings later by clicking on the round icon in the bottom left corner of the website.

Contact information

If you have any questions regarding the use of cookies, please contact us by email or post:

E-mail: dpofi@protectorvakuutus.fi (NOTE please only send questions related to data protection to this email. Information regarding customer and compensation services can be found in the Contact us section.

Postal address: Protector Forsikring ASA, Finland branch, PL 230, 00101 Helsinki