Register and privacy policy
In accordance with the EU's General Data Protection Regulation (GDPR), Samla Capital Oy's register and privacy policy.
In accordance with the EU's General Data Protection Regulation (GDPR), Samla Capital Oy's register and privacy policy.
SAMLA CAPITAL’S PRIVACY POLICY
1. Who will process your personal data
Samla Capital Oy (“we”)
Kauppakatu 18 C 35
40100 Jyväskylä
Business ID 2684294-3
2. What personal data we process and where do we collect your data from
We process the following personal data, if you are a potential customer of ours or represent a potential corporate customer:
We can obtain this information from you, public sources (such as the web pages of the company you represent, commercial providers of information services), our partners that have permission to disclose information or other group companies.
We will process the following personal data of yours, if you are our customer:
We will collect this information from you, except for your credit information, which we will check from Suomen Asiakastieto Oy or Alma Talent Oy. We can also check and update your information from the population register and the Finnish Tax Administration’s registers as well as companies that offer information services. We have a legal obligation to identify our customers, so the disclosure of information is a prerequisite for establishing a customer relationship.
We will process the following personal data, if you are a representative of our corporate customer, a beneficial owner, owner or a member of the body:
We will mainly collect the information from you, but we will also receive information from the company whose representative, beneficial owner or member of the body of you are. We will also obtain information from registers maintained by authorities (for example, the population register, the Finnish Tax Administration’s registers, business registers and supervisory authorities’ registers), as well as commercial intermediaries that provide information on, for example, beneficial owners and politically exposed persons.
If you are our customer or a representative of our corporate customer, a beneficial owner, owner or a member of the body, we will perform sanction list checks (lists maintained by international organizations, such as the EU or UN, and national organizations, such as the Office of Foreign Assets Control unit (OFAC)).
If you are our partner or a representative of our partner, we may process the following information:
We will obtain the information, as a rule, from you and the partner. Information may be obtained and updated also from registers maintained by the authorities or other public sources.
3. How do we use your personal data and on what legal basis
We use your personal data in order to fulfill our statutory and contractual obligations and make offers to you, as well as offer our products and services or conclude contracts with you.
Concluding and managing contracts (implementing a contract)
The primary purpose of the processing of personal data is collecting, processing and verifying personal data before making an offer and concluding a contract, as well as documenting, managing and implementing the tasks under the contract.
Examples of tasks related to the implementation of a contract:
Compliance with the requirements and obligations specified by law, provisions or the decisions of authorities and supervisory authorities (statutory obligation)
In addition to the implementation of the contract, compliance with the obligations specified by law, provisions and the decisions of authorities requires us to process personal data.
Examples of statutory obligations that require the processing of personal data:
Managing the customer relationship and direct marketing (legitimate interest/consent)
Your personal data can be used to manage the customer relationship, for example, to send customer communications.
Your personal data can be used for direct marketing unless you have forbidden the use of your information for direct marketing purposes.
Marketing, product and customer analyses (legitimate interest)
Personal data is processed also in connection with marketing, product and customer analyses. Marketing activities, the development of processes, business activities and systems, including testing, can also be based on the processing of personal data. In this way, we can improve our product range and customer service, as well as optimize the services offered to customers. This may include profiling. We have a legitimate interest to use profiling for e.g. customer analyses done for marketing purposes.
Implementation of cooperation
Information is processed in connection with managing cooperation, to manage the service offered to the partner, as well as to instruct and inform representatives.
Consent
We can, when necessary, ask for your consent to process your personal data in certain situations (e.g. consent to sending electronic direct marketing). The consent request includes information regarding the processing of the information in question. If you have given your consent to the processing of personal data, you also have the right to withdraw your consent. You can withdraw your consent by contacting us at hannu.saastamoinen(at)samla.fi.
4. To whom can we disclose you personal data
We can disclose your personal data, where permitted by law, to other parties, such as authorities (for example, tax, police, executing and supervisory authorities in the countries concerned), group companies and business partners. Prior to disclosing any information, we will always ensure that the appropriate financial sector confidentiality obligations are complied with.
The offering of services and compliance with contracts may also require the disclosure of your personal data.
Information collected in the registers will not be disclosed to parties outside the group for marketing, sales, opinion or market research purposes.
We use the following processors for the processing of personal data:
5. Transfer of data to third countries
We do not, in principle, transfer data to organizations in so-called third countries outside the EEA without your explicit consent. The exception is sending e-mails based on certain e-mails lists through a dedicated service, whose server is located outside the EU in the U.S. This service provider complies with the EU-U.S Privacy Shield agreement, which is in accordance with the EU’s personal data protection standards.
6. How do we protect personal data
Protecting your personal data is very important to us, and we take both it and other privacy policy matters seriously by considering the protection of personal data as the foundation of our business activities. We have appropriate technical, organizational and management related security procedures, with which we protect all information held by us in the event of loss, misuse, unauthorized use, disclosure, changes and destruction.
7. Your rights related to privacy
As a data subject, you have rights regarding the personal data held by us. You have the following rights:
A) The right to access your personal data
You have the right to access your personal data held by us. Your right of access can, however, be restricted by legislative measures or if the access to information would adversely affect the rights and freedoms of others.
B) The right for rectification of inaccurate or incomplete data
If the information is inaccurate or incomplete, you have the right request the rectification of the information, unless constrained by law.
C) The right to request the erasure of data
You have the right to request the erasure of your data in the following cases:
Due to finance sector legislation, we are obliged in many cases to retain your personal data during the customer relationship and also after it.
D) The right to restrict the processing of personal data
You can ask us to restrict the processing of your personal data to only the storing of the data, if
E) The right to object to the processing of data
You have the right to object to the processing of your personal data on grounds relating to your particular situation, if the processing is based on our legitimate interest, and there are no legitimate grounds for the processing.
You always have the right to object to the processing of your personal data for direct marketing purposes or profiling related to direct marketing.
F) The right to data portability
You have the right to receive the personal data you have given us in a machine-readable form. This right applies only to personal data that has been processed automatically and based on your consent or the implementation of the contract. The information may also be transferred from us to another data controller, if it is safe and technically possible.
If you want to exercise your above-listed rights, please contact us by e-mail at hannu.saastamoinen(at)samla.fi or by mail at Samla Capital Oy, Hannu Saastamoinen, Kauppakatu 18 C 35, 40100 Jyväskylä.
8. The right to complain to a data protection authority
You have the right to lodge a complaint with a supervisory authority, if you believe that the GDPR was breached when your personal data was processed.
Contact information for the supervisory authority:
Data Protection Supervisor office
Street address: Ratapihantie 9, 6th floor, 00520 Helsinki
Postal address: P.O. Box 800, 00521 Helsinki
Switchboard: 029 56 66735
9. Cookies
We use cookies on the samlacapital.fi website and other websites owned by us to develop website usability (Google Analytics) and for marketing purposes (Facebook and Google AdWords or another comparable digital advertising channel). A cookie is a small text file that is stored on your computer or device when you visit our website. Our website cookies collect information on demographics and topics, which may indicate the user’s age and gender, the user’s website behavior on our websites, the user’s browser and network connection and other HTTP information. Google Analytics, Facebook and Google AdWords as data controllers also process cookie information for their own purposes, and their own terms are applied to the processing of cookies. You can manage and view the information Facebook has collected from our websites with Facebook’s own tool (https://www.facebook.com/off_facebook_activity/). You can manage information collected by Google with Google’s MyActivity service (https://myaccount.google.com/).
Our website uses the Mailchimp newsletter system, which saves name and e-mail information when a user subscribes to our newsletter. You can manage you own personal data in the Mailchimp system with the link found in our marketing e-mails. Please note that unsubscribing may affect receiving any information or invites from Samla Capital Oy in the future.
Website cookies are valid either temporarily during the browser session or for a long period according to an end date set according to the cookie. Cookies that are active during the browser session, such as the user login check with a cookie, are automatically deleted when the user closes the browser. Long-term cookies are valid for 1-24 months depending on the cookie. The user approves the use of cookies when using the website with a browser, whose settings allow the use of cookies, or when approving the use of cookies with a website cookie bar. Users may prevent the use of cookies by changing their browser settings. This may, however, critically impact the website functionality, and we cannot guarantee the website functionality without the allowance of cookies.
The website’s sending of forms, such as information on the downloading of the key investor information document, sending of the contact form or other form entries are stored on the website for 30 days. If the user gives their consent for direct marketing or enters into a customer relationship with Samla Capital Oy, the customer data is stored for the duration of the customer relationship or as long as the marketing consent is valid.
10. How long do we retain your personal data
We retain your data for as long as it is needed for the purpose it was collected for, or as long as required by law and regulations. If we retain your data for purposes other than executing the contract, such as preventing money laundering, bookkeeping and implementing capital requirements, we will retain the data only if it is necessary with regard to the purpose in question and/or as provided by law and regulations.
For clarity’s sake we list below examples of the data retention periods:
11. How do we make changes to this description and the one concerning cookies
We continue to improve and develop our services, products and web pages, so we might make changes to our privacy policy from time to time. Please read our privacy policy periodically in order to receive up-to-date information.
12. Contact information regarding our privacy policy
If you have questions about our privacy policy, you can contact our staff. The primary contact person regarding our privacy policy is Hannu Saastamoinen, whom you can contact by e-mail at hannu.saastamoinen(at)samla.fi or by mail at Samla Capital Oy, Hannu Saastamoinen, Kauppakatu 18 C 35, 40100 Jyväskylä.
Last updated on May 5, 2020