How we handle your personal data

Storebrand is dedicated to protect your personal data and personal privacy. Your information shall be safe with us. This includes all information that can be used to identify you personally, such as your national identity number, contact information and information regarding the products you have purchased from Storebrand.

Who is the data controller?

The data controller is the person who decides on the purpose for collecting and processing the personal data. In Storebrand, the data controller is the Chief Executive Officer of the company with which you have entered into an agreement.

We handle personal data in conjunction with providing pensions, savings, insurance and banking services. When referring to Storebrand throughout this document, we include following companies:

  • Storebrand ASA
  • Storebrand Livsforsikring AS
  • Storebrand Bank ASA
  • Storebrand Asset Management AS
  • Storebrand Forsikring AS
  • Storebrand Helseforsikring AS
  • Storebrand Boligkreditt AS
  • Storebrand Pensjonstjenester AS

Collecting and using personal data

We collect and use personal data for different purposes, and with different objectives. Here is an overview.

Customer administration and delivery of products and services

The purpose for processing personal data is to collect, verify and process personal data before we make an offer and enter into an agreement with you. Once we have entered into an agreement, we use your personal data to document, administer and complete tasks in order to deliver the agreed services.

The purpose for processing your personal data is to be able to meet the requirements of an agreement between Storebrand and you, and to protect our legitimate interests in administering our relationship with you, the customer. Where it is necessary to process special categories of personal data, we will first ask for your consent.

The Storebrand Group Customer Database

The Storebrand Group consists of multiple companies. We have a common customer database for pensions, savings, insurance and banking services. The objective of a Group-level customer database is to manage all your agreements in one place and coordinate the different products and services from the different companies in Storebrand to create synergies for the customer.

The companies in The Storebrand Group are collectively responsible for the Group's customer database, and each company is responsible for protecting your privacy rights as a customer.

Develop new and existing services

We use personal data to forecast demand for new products and services, as well as to identify the need for improvements to existing products and services.

The purpose for processing personal information is Storebrand's legitimate strive to develop and improve our products and services.


We process personal data in order to promote our products and services, build customer profiles and perform product and customer analyses. We do this to be able to offer you relevant and customized services and offers.

We use personal data to give you relevant information, advice and to market our products and services. We use profiling and segmentation to ensure that marketing information is relevant to you.

If you are already a customer, we use your data on the basis of a legitimate interest in order to provide you with information and offers.

If you are not yet a customer, we will ask you for your consent to receive digital marketing or consent for telephone marketing. We will respect any reservations against marketing in the Reservation Register (Brønnøysundregistrene) in Norway.

Statistics, analysis, modelling and risk classification

We process personal data to conduct analyses and compile statistics in order to assess risk, capital ratio and profitability, and set correct tariffs and prices. In addition, we use these analyses when deciding whether or not to develop new and existing products and services. To fulfill this purpose, we in some cases reuse personal information obtained for other purposes.

The purpose for processing personal data is both to comply with our legal requirements under company law, and Storebrand's legitimate interest in using personal data to gain necessary insights to run our business.

Compliance with legal requirements

We must use personal data to comply with legal requirements under local laws, regulations and public policy.

The reason for processing personal data is to ensure compliance with laws and regulations relating to our business operations.

Preventing criminal activity against our business

Storebrand is required to process personal data in order to prevent, detect, solve and manage cases of fraud and other criminal offences against Storebrand. Storebrand is thus required to collect and disclose information to other financial institutions, the public authorities, for example ØKOKRIM (the Norwegian National Authority for Investigation and Prosecution of Economic and Environmental Crime) should we become suspicious of money laundering or terror financing. According to the anti-money laundering act and the personal data act, we are not obliged to disclose this information to you. The information is stored in accordance with the anti-money laundering act.

The basis of the management of this can both be fulfillment of a legal obligation and Storebrand’s entitled interest to prevent, identify, detect, resolve and deal with fraud and other criminal offences against any of our companies.

IT security and physical safety

For us, it is necessary to manage personal data to secure yours and Storebrand’s assets. This is done through access control to systems, logs on servers and systems, operations of technical infrastructure, firewall and access control and video surveillance.

The purpose of this can both be contractual obligations, fulfillment of legal obligations and Storebrand’s legitimate interest to protect yours and our assets.

Complaints, recourse and litigation

We process personal data to determine, assert and defend legal claims, for instance in regards of processing complaints, recourse claims and legal proceedings.

The purpose is Storebrand’s entitled interest to determine, assert and defend legal claims. In order to protect this purpose, we can process specific categories of personal data without consent.

Consent to process health data, sharing of personal data within Storebrand and electronic marketing

In certain cases, we must ask for your consent, for instance in order to:

  • process special categories personal data, such as personal health data
  • share information on your customer relationship between Storebrand’s companies
  • send electronic marketing regarding products and services that you do not already have

Categories of information

We process different types of your personal data depending on what relation you have to Storebrand and what types of products and services you have bought.

We have grouped the personal information we process into the following categories:

  • Identity information, such as national identity number, or other identity numbers issued by public authorities and copy of identity documentation.
  • Contact information and other general information, such as name, phone numbers, e-mail addresses, zip code, family status, date of birth, education background.
  • Financial information and information on insurance objects, such as type of agreements, information on income, payment card number, transaction data, credit history, assets, property, insurance history.
  • Information determined by law, such as tax residence, foreign tax registration number, information regarding financial advice, information regarding measures against money laundering.
  • Special categories of information, such as health information and union membership.

Primarily, Storebrand obtain information directly from you. Sometimes, we obtain information from other sources, such as your employer, public institutions and registers, and private institutions.

We inform you when we obtain information about you, unless due to legal requirements, notification is impossible or unreasonable difficult, or if we know that you are already aware that we obtain this information.


All employees in Storebrand have a duty of confidentiality regarding information we receive in connection to your customer relationship.

Disclosure of personal information and the use of data processors

The Storebrand Group has an internal consolidated customer database that is available to all the companies in the Group and includes the following information:

  • Contact information
  • National identity number
  • The services and products you have purchased
  • which entity or entities in the Group you have a customer relationship with

The information is used to manage the customer relationship and to coordinate advice, offers of services and marketing between the companies.

If you would like more relevant offers from Storebrand, you can consent to the companies of Storebrand sharing information about your customer relationship. This can be information on income, employment conditions, amount of loans and savings, or information on transactions and insured assets. We do not share sensitive data such as health information. You can give and withdraw consent in your customer profile on, or through contacting our service center.

When required by law, Storebrand must give your personal information to public authorities such as NAV (the Norwegian Labour and Welfare Administration), the tax authorities, Økokrim (the Norwegian National Authority for Investigation and Prosecution of Economic and Environmental Crime) and others. If legislation permits it and if the duty of confidentiality does not hinder it, personal data can be given to other financial institutions and partners. Disclosing certain personal data can also take place during payment transactions, when it is necessary in order to ensure the transaction is carried out securely. When it is necessary, Storebrand will disclose personal information to partners who contributes in the claim settlement process.

If your employer has your pension scheme in Storebrand, we inform the employer about the insurance premium that is paid for you and information about your pension benefits.

If you use the pension calculator from Norsk Pensjon or affiliates, Storebrand hands over personal data after getting your consent. If you take out insurance on a car, house, boat, etc., we will send a confirmation to the finance company or mortgagee.

As with other industry actors, we share personal data with different registers that are managed by Finance Norway, the industry organization for the finance sector in Norway. We hand out personal information to the following registers, where justified:

  • FOSS (Forsikringsselskapenes sentrale skaderegister): The insurance companies central damage register. Its purpose is to prevent and limit insurance fraud.
  • ROFF (Register over forsikringssøkere og forsikrede): Register of insurance applicants and those who are insured. Its purpose is to improve and ensure a uniform risk assessment and to reduce the risk of insurance fraud.
  • TFF Auto: Register of insured vehicles. Its purpose is to keep track of insurance status on vehicles in order to issue a fee in the absence of insurance, know which company insures which vehicles, and to form the basis for calculating the traffic insurance fee.
  • DBS (Dataassistert skadebesiktigelsessystem): System for calculating damages to vehicles. Its purpose is to ensure satisfactory completion and correct valuation and settlement of damage.
  • NHV (Nemnda for helsevurdering): NHV is established by the insurance companies in order to assess how health conditions can affect mortality rates, and the risk of future disability and illness.
    Norwegian Natural Perils Pool: Distributes claims and costs between insurance company members, in proportion to their share of the market.
  • Coordination of valuation surveyors for major events

Storebrand has entered into data processing agreements with subcontractors, for example in order to perform IT services. Our proprietary data processing agreements regulate all the personal information that is shared with our subcontractors. Our subcontractors cannot use the information for purposes other than those they are obtained for. Certain subcontractors are placed outside of the EEC. Transfer of personal information to actors located outside the EEC can only be done if there is a valid reason for the transfer and a guarantee that handling your information is sufficiently secure. In such cases we use EU standard agreements, including Standard Contractual Clauses (SCC) or Binding Corporates Rules (BCR) with the subcontractor, in order to ensure that the privacy and rights of the individuals concerned are protected.

Your rights

Right to access information

You have the right to receive information about what personal data we process and how we process it. Under “Overview”, once you are logged into, you can view information on all the products you have purchased. Under “My customer profile” you can see which information we have stored about you, and which consents you have given us relating to this information. This gives you a good overview of the types of personal data Storebrand manages for you.

If you have questions about how we treat your personal information, you can always contact our Data Protection Officer at

When doing so, we will require the following information from you:

  • Which companies in the Storebrand Group the inquiry relates to
  • If you would like information from a certain customer relationship such as bank, insurance or savings
  • If you would like information from a certain time period

You will get a reply from us as quickly as possible, and no later than within 30 days.


It is important that the information we have about you is accurate and necessary. You can request that we correct and delete information about you if it is inaccurate or unnecessary.


Storebrand stores your information as long as you are our customer. The information is deleted when we no longer have obligations under the agreement you have made with us or when we are no longer legally bound to store this information. If you have questions regarding deletion of your personal information, you can send a secure e-mail to Storebrand’s Data Protection Officer:
We anonymize data used for statistics and analysis whenever possible. If the statistics or analysis cannot be performed on anonymized data, we mask the information we use to protect your privacy.


Under certain circumstances, Storebrand reserves the right to process personal information based on an evaluation of maintaining a balance between our interests and your interests as our customer. This includes, amongst other things, data processing connected to marketing, testing IT systems and the development of new products and services.

If there are special circumstances that mean that Storebrand should not process your personal data for such purposes, you can notify us about this. In such cases, we will evaluate the weight of each party’s interests. Storebrand will continue the proceedings if it is necessary in order to determine, assert and defend legal claims. You can at any moment claim that Storebrand must terminate the use of your personal information for marketing that targets you directly. This can be done from your customer profile on

Restricted processing

In certain cases, you can claim that Storebrand must limit the processing of your personal information. We will still have the information stored, but all processing of this data shall be stopped temporarily.

For example:

  • If your personal information in incorrect
  • If Storebrand wish to delete information, but we need the information due to a legal claim
  • If you register a claim against processing the data, and it is based on an evaluation of each party’s interests, Storebrand can continue processing data
  • If it is necessary in order to determine, assert and defend legal claims
  • To protect the rights of others
  • For the sake of important public interests

Data portability – take your personal information with you

You can request us to transfer information that you have provided yourself when entering into an agreement with us or given your consent to. If the information security level is acceptable and technically feasible, we can transfer your information to a company that you specify.

You can read more on requirements for processing your personal information and your rights on The Norwegian Data Protection Authority’s website.

Automated individual decisions

Certain decisions Storebrand makes are fully automated, which means that there is a computer program that makes the decision. We do this in order to ensure efficient and accurate operations, and to give you the best possible services. If the result of automated decisions affects you significantly, you can always claim a manual assessment of the decision. We will inform you when this is the case. At our website, under "contact us", you can learn the different ways to contact us.

If we use special categories of personal data to undertake an automated individual decision, we will ask for you consent.

Privacy Policy –

Use of Cookies

A cookie is a data file stored in your browser that our website can read and write to. Other websites cannot see the contents of Storebrand’s cookies without both you and Storebrand allowing it.

Primarily, we use cookies in order to optimize your user experience on our website. Some cookies are necessary for the site to work. For example, the login is based on certain cookies. Functional cookies help us customize our website to your wishes. These cookies can for instance remember what you have put in the shopping basket on prior visits, whether you are logged in and which settings you have selected. This means, among other things, that you do not have to enter the same information several times. We also use cookies to collect statistics on how the site is used, and we can use cookies to customize ads you see on other websites.

We have divided the cookies into the following categories:

  • Necessary – crucial for the functioning of the website.
  • Functional – store information in order to customize the website to your needs
  • Statistics – collect data on, among other things, the number of visitors to the site and what pages are read the most
  • Marketing – collect information that enables customized and relevant marketing, based on how you interact with the website.

You can choose separately whether or not to allow cookies that are for functional, statistical or marketing purposes. You can change your settings whenever you want to. 

If you consent to marketing cookies, this may lead to the following happening in your browser:

Data Collection: Your visits to particular pages and your use of them is tracked. The information may be shared with partners of Storebrand, such as Facebook.

Targeting: Information about your visit to may be used to deliver ads on other websites.

Device Recognition: Information about your visits to may be merged across the different devices (PCs, tablets, phones) you use.

Information Sharing: We may share anonymized information about you and your visits to with our partners.

Reidentification: When you identify yourself, typically by logging in or performing a purchase, we may connect actions you performed before the identification to your person. This allows us to better understand what marketing messages you received before buying a product or using some other service that requires login. 

For how long are cookies stored?

Cookies remain in your browser until you delete them, or they expire. The expiration date varies, but are typically updated every time you visit our website.

How to reject or delete cookies

On you can find instructions on how to delete or reject cookies in your browser. In addition, you can manage cookie-use per category on

Please note that this will cause you to lose functionality on and other websites. This could typically mean that you will have to go through more clicks to get to the page you want to go to, or that you must enter the same information multiple times to do what you want to do.

We have some partners who also place cookies in your browser when you visit Storebrand’s website. Use the following links if you wish to opt out of this:

Questions on cookies

We continually work to develop our webpages in order to give you the best user experience. As a result, which cookies that are placed in your browser can vary.

You may be contacted after price calculation

We may contact you by e-mail or over phone to help you with your purchase when you use the purchase solutions on In your personal customer profile, you can specify how you want us to provide purchasing help. You can choose not to be contacted by reserving yourself in the individual purchase solution. We can help you with purchases for 30 days before we delete your information.

Card payment

For our payment service provider to conduct payment for products on, you are asked to provide credit/debit card information. This information is stored solely with the supplier and is subject to the supplier's privacy policy. We keep payment information only to the extent and as long as it is necessary to ensure effective processing of any problems with debit, cancellation of reservations and credit.

How do we use person profiles?

In order to give you the best customer experience at Storebrand we want to adapt our communication and marketing to you. In order to do this, we make person profiles. We never use special categories of personal data, such as health information, when we make person profiles.

When we create a person profile for the purpose of communication and marketing, we use the following information:

  • Information you have provided in connection with purchase of our products
  • Information you share with us when you use our services
  • Your behavior data from digital communication and
  • Information from publicly available registers

We use your information to ensure that we offer you relevant and customized services and offers. You can get insight into what information the person profile is made from on your profile on You can also reserve yourself against us storing information about your behavior on our website in your customer profile.

Storebrand also use personal profiles when we work with insurance, in order to notice cases who need more attention. We do not use "special categories" of personal data, such as information about your health, when creating these person profiles.

When we create person profiles in relation to insurance we use the following information:

  • Information you have shared when buying our products
  • Information you share with us when you use our services
  • Information you share with us when creating and managing an insurance case
  • Information collected from third parties
  • Information from publicly available registers

No automated decisions is made when considering insurance cases like this.

Newsletters linked to your customer relation and customer service through social media

We want to provide you as a customer with relevant information in regard to your customer relationship with us. We send you this as a newsletter by e-mail. The content of the newsletter is based on the information we have about you and your customer relationship, such as what products you have, your age, life situation and place of residence. We collect information about how you read the emails, so that we can provide you with even better customized content. Among other things, we look at how often you open the e-mails, and which issues you are interested in / click on.

In order for us to send you an e-mail, you must register an e-mail address with us. You can easily unsubscribe from the newsletters at the bottom of the email you have received. In your customer profile on, you will see that you have unsubscribed, and there you can also sign up again.

Customer service in social media

We answer general questions from our customers through several social media platforms. When contacting us through social media, you must never provide personal information. We take privacy seriously and we will delete posts that contain personal information such as social security numbers or bank account numbers. If you want personal advice, we recommend using secure channels, such as a telephone or our logged in chat function.
We remind you that everything you do on the various social media platforms is registered by the platform and can be used to customize your user experience. You can read more about this here:


Marketing in digital channels

We want to provide our customers with personalized marketing in digital channels. In order to receive this, you must give consent for receiving electronic marketing from us via email, SMS, social media and other websites (such as Google and Schibsted). You can always give and withdraw your consents in your customer profile on, or by contacting our customer center. 

For digital marketing we always use the e-mail address or the phone number that you have provided. In order to get personalized marketing in social media and other websites, we need to know who you are when using the relevant channels and websites. We do this by linking, for example, the mobile number and e-mail address you have given us, with corresponding information that you have given to relevant social media and websites. Once the link is made, you will be able to get information and marketing that we hope and believe is relevant to you.

Storebrand Fordel

Storebrand Fordel is a customer program for employees with occupational pensions in Storebrand. Through this program we want to give employees insight and overview of their own pension. We send out newsletters about pension and savings, in addition to invitations to seminars for members of Storebrand Fordel. You can unsubscribe to our newsletters through the link in the bottom of the emails you receive from us. You can also manage newsletter subscriptions in your customer profile.

The Business portal (Bedriftsportalen)

The Business Portal (Bedriftsportalen) is a solution for Storebrand's corporate customers. Here, the company can, among other things, manage participants of collective agreements, receive invoices, view history of employee and contractual relations and send and receive inquiries from Storebrand in accordance with Storebrand's security requirements.

The company appoints the persons who has service needs to access information about both the agreement and employees associated with the agreement. In the Business Portal, information such as employee salary, position, employment status, and degree of disability will be available. Storebrand emphasizes that the company must themselves consider whether employees who are granted access are eligible to access this information. When the company creates users for the Business Portal, the company confirms that the appointed person is eligible for access to the information mentioned above.

The Business Portal contains cookies that are stored on your computer. Cookies are used in the Business Portal for login purposes, to make sure our visitor statistics to be reliable, and to provide users with the best possible functionality. We also use Google Analytics for optimization and traffic analysis to improve the portal. We delete information stored in the Business Portal according to established principles.

Storing of communication

When Storebrand provides investment services, we are required by law to provide documentation of these services. That is why we make audio recordings of all phone calls and store other customer communications, such as e-mail and chat. Contact your advisor if there is any information you do not want stored. We must store documentation related to investment services for five years. The purpose of this is to ensure that the investment service we provide is documented.

We record other phone calls unless you reserve yourself from this. We want to record conversations to make sure that information shared is accurate and to give you confidence in the advice we provide. We also want to use the conversation to train our employees. We store these recordings for three years. 


Storebrand's chatbot helps you with answers to questions and simple services. For the robot to be better, we take samples of what customers ask for and improve the robot's response based on this.

If you have used our chatbot on logged-in pages, we store the information in our customer system for three years, and five years for investment services, to ensure that information that is shared is accurate and gives you confidence in the advice we provide. Open page chats are deleted continuously.

Customer Surveys

We conduct short surveys with our customers after they have been in contact with Storebrand. The feedback we receive from these surveys provides us with valuable input on how we can improve our products and services. It also allows us to measure the effect of our improvement efforts, as well as to understand how customer satisfaction affects customer behavior over time.

If you do not want to share this type of information with us, you can simply refrain from responding to the survey. We use Norstat for data-processing in conjunction with customer and marketing questionnaires.

Storebrand Community is our online customer panel, where we invite customers to participate in customer surveys, group discussions and testing of new digital services. Participation is voluntary, and you can opt out of the panel at any time. In some cases, Storebrand will call and ask for more information when customers have provided feedback. 

Data Protection Officer

Storebrand's Data Protection Officer shall help you as a customer. Contact our Data Protection Officer at If if you have questions about regarding how we treat your personal data, or regarding your privacy rights you’re your right to access data, erasure and data portability.

If if you have any complaints regarding our processing of your personal data, you can always contact our Data Protection Officer at

Changes in the privacy policy

We periodically need to update this privacy policy in order to provide you with accurate information about how we process personal data. We will inform you if there are significant changes.

Last updated June 2021