Good to know
Transact safely with us. Read about the steps we take to ensure safe transacting and how you can contribute to the safety of your online transactions.
Learn more about our online service
When you log in to our online service, your details are pre-filled, and making a claim is quick and easy.
Safety online
Loss of connection
If you do not use the online service for 15 minutes, you will be automatically disconnected from the service.
Use of email
You can also transact with us by email. The LocalTapiola email addresses use the following format: firstname.lastname(at)lahitapiola.fi. If your business is urgent, call us, or log in to the online service and send our customer service a message there.
We cannot guarantee that an open email will remain confidential. Avoid sending sensitive or otherwise confidential data over an open data network.
We never email any customer data that are covered by insurance secrecy, unless authorised by the customer. For taking care of matters of this kind, we recommend to log in to the online service, where all communication is secure.
All LocalTapiola online services that ask users to provide any specific personal data, such as your personal identity code, are TLS (Transport Layer Security) encrypted.
It is for you personally to ensure that the data you provide are correct and that any messages you send are delivered successfully.
We will email you marketing material only if you have authorised us to do so.
Payment by credit and payment cards
Adoption of chip cards has made it more difficult to produce counterfeit credit and payment cards, while also closing down the space where stolen cards can be used. To pay for your purchases, you only enter your personal PIN code.
However, always make safety a priority, and never do any of the following:
- Never disclose your card number or PIN code if someone asks you for it by email;
- Never write the card PIN code on paper – instead try to remember it by heart;
- Never let anyone else use your card and PIN code;
- Never type the card PIN code online in any context; Never let the card out of sight when paying for your purchases at a store.
When making purchases, check the receipts whether your card transactions add up. In your credit card invoice, also check that you have not paid more than you should have, and that the payment figures are identical to your receipts.
When withdrawing cash at an ATM, make sure that no-one can see your PIN code. When using a payment terminal at a store, do not let others see your PIN code.
If you lose your card, immediately call the Deactivation Service on +358 20 333 (24h).
Phishing
Phishing is the practice where the sender pretends to represent a real entity and, under a false identity, tries to ‘phish’ information such as credit card numbers from customers. An email message may urge you to log in to an internet website that requests you to disclose your details.
We recommend that, to log in to the online service, you should use the Kirjaudu sisään (Log in) link at lahitapiola.fi. If you are using your own computer at home, and you are certain that no unreliable parties can access your information, you can save the login website address to your Favourites.
Never reply to any messages if you are not absolutely certain who sent them. Be alert when reading message contents, and consider the type of messages you usually receive from LocalTapiola.
We never ask your personal details by email. We use online banking credentials only for logging in to the LocalTapiola online service, or to confirm a transaction. Additionally, identification numbers are also used for identifying customers in the telephone service. In that context, we provide to the bank only part of the username as well as a single one-time password, which neither the customer nor LocalTapiola can use after that.
If you are unsure about who the sender of a message you received is, or if you suspect that you have provided details to an unauthorised party, immediately call LocalTapiola on +358 9 453 2900.
Reporting information security incidents
We take information security seriously, and strive to ensure appropriate protection of all our services, customers and customer data. Employing a continuous process, the information security of our services is subject to comprehensive audit and inspection. We have also taken steps to prepare for scenarios where an external party detects an information security issue or a vulnerability in our services.
On the Hacker
One platform, LocalTapiola is running a professional bug bounty program, under which we utilise the best hackers in the world to find and remedy problems.
In addition to this bug bounty program, we invite you to email your information security notifications to security(a)lahitapiola.fi. In order for us to be able to efficiently process messages about vulnerabilities and information security problems sent to this address, it is essential that the reporter of the problem provide us with, at least, the following information:
- the address where the vulnerability was detected;
- the method by which the vulnerability can be verified;
- the submitter’s contact details (email address);
- the other relevant vulnerability related information (such as screenshots).
We will do our best to contact the reporter as soon as possible after reception of the report, and to maintain communication for as long as it takes to investigate the observation. Where necessary, we will escalate the matter to the Finnish Communications Regulatory Authority’s CERT-FI function, as well as to the other relevant public authorities. We hope that the reporter will not publish or disclose any reported observations to third parties.
We wish to emphasise that the security(a)lahitapiola.fi address is only for sending information security and vulnerability related observations and reports. This address does not provide information security advice or any other customer service.
It is forbidden to test our services without authorisation or by unlawful means (Criminal Code, Chapter 38, Sections 5–8). Unlawful means are defined as comprising any actions to compromise our customers’ data or the continuity of our services. All abuses will be investigated.
TLS encryption
All our websites are TLS (Transport Layer Security) encrypted, thereby protecting your sessions from the moment you start them. TLS encryption is an extremely safe protection protocol, which makes it possible to establish a secure connection between your browser and the LocalTapiola server. This protects the data sent online in such a way that third parties cannot hijack any confidential data. Usually, browsers have TLS encryption switched on by default.
To proceed to manage your insurances, always type lahitapiola.fi in the address bar of your web browser. The lock icon guarantees safe encryption but not automatically that the website is authentic. Be alert if you use a link that you received in a text message or in an email to access any LocalTapiola services. Before providing your credentials, always check that you are in the real, authentic online service.