Privacy Notice – Advice, Invest and Asset Management operations (“Operations”)
This is a Privacy Notice, which aims to provide information regarding the processing of personal data at Finreim in connection to Finreim’s Operations.
In this Privacy Notice, the data subjects, which are hereinafter jointly referred to as “Data Subjects”, may be:
This Privacy Notice answers the following questions:
Information related to communication
Basic contact information of all Data Subjects such as name, position, title, company address, email address, telephone number, employer data, and contact history data, such as correspondence and communication notes, and given consents and prohibitions for purposes of processing personal data.
Information related to investors
Information on previous and current investments and investment strategies and policies.
Information related to identification and legal requirements
In case personal data is processed due to mandatory legislative requirements, the register may also contain other personal data that Finreim is obliged to collect under mandatory legislation.
This information includes, but is not limited to, the following: date of birth, social security number, passport copy, citizenship, residence, tax residence, source of funds, financial status, and role as a politically exposed person and/or connections to countries on sanction lists or asset freezing lists (if any).
2. Why does Finreim collect and process the personal data?
Communication & marketing
Finreim processes personal data to contact, maintain, develop and update Finreim's business relationships as well as by marketing its new services and products. Processing for this purpose is based on a consent given by the Data Subject or on a contract made between the Data Subject and Finreim.
Investment operations
Personal data is also processed for the purpose of investment/asset management operations of Finreim including legal due diligence, fund administration, reporting and decision-making. Processing for this purpose is based either on fulfilling the contractual obligations or legal requirements.
Development of business operations
Personal data may be used for the development of business operations. Personal data may be processed to analyse the business relationship or to enhance the quality of Finreim’s products and services. General visitor information of Finreim’s website may be tracked, and this information may be generalized and used to analyse the use of the website and to further develop the website. The basis for the processing is Finreim’s legitimate interest to develop its operations and enhance the quality of its products and services provided to Data Subjects.
No other purposes
Finreim does not process the collected personal data for any other purposes without informing the Data Subject in advance of that other purpose. The collected data is not processed for automated decision-making (including profiling).
3. What are Finreim’s information sources?
Personal data is mainly collected from the Data Subject himself/herself or from their employer entity.
Personal data can be also collected from publicly available or other sources such as official registers maintained by Patent and Registration Offices and the and the Finnish Business Information System (YTJ). Finreim may also collect personal data from the registers of credit rating bureaus such as Suomen Asiakastieto Oy.
The information sources may vary depending the domicile and/or the citizenship of the Data Subject.
4. How and with whom may the personal data be shared?
Finreim may share personal data with others (e.g., third parties) such as the public authorities, suppliers and business partners who may, due to such sharing and depending on the situation in question, act as a data processor or become a controller of personal data.
Finreim may fulfil an above-mentioned transfer of personal data only under a contractual obligation or a legislative obligation to do so and only if it is necessary for processing personal data systematically and effectively, protecting Finreim's and/or the Data Subjects' safety or the safety of others, investigating fraud, or responding to a government request.
Personal data may also be shared with:
The basic rules for retention are that personal data is retained only for as long as necessary to fulfil the purpose of processing or if it is required by law.
Basic personal data will be retained only as long as necessary to manage the business relationship or other interaction with the Data Subject. The data will be deleted after a reasonable period has lapsed from the last contact between the Data Subject and Finreim.
Personal data collected under mandatory legislation purposes will be retained as long as required by law.
6. What are the rights of the Data Subject?
A Data Subject is entitled to have access to personal data concerning him or her in the register, managed by Finreim, and to request Finreim to correct, update or remove personal data at any time. To the extent required by applicable data protection law, a Data Subject has a right to object or restrict data processing and request data portability, i.e. the right to receive the personal data in a structured, commonly used machine-readable format and transmit the personal data to another controller.
Data Subjects should acknowledge that certain information is strictly necessary for the performance of a contract or for compliance with a legal obligation of Finreim, which may restrict the Data Subject’s rights listed above.
In case the data processing is based on the consent given by the Data Subject, the Data Subject may at any time contact Finreim and cancel the consent for processing personal data, e.g., opt-out of receiving marketing messages.
6. Who to contact?
Controller and Controller’s representative
If the Data Subject finds violation to his or her legal rights, he or she has the right to file a complaint with the national Data Protection Authority or another Data Protection Authority within the EU or the EEA. The Office of the Data Protection Ombudsman acts as the supervising authority in Finland.
Please send any requests regarding the above-mentioned rights to the contact person at Finreim.
In this Privacy Notice, the data subjects, which are hereinafter jointly referred to as “Data Subjects”, may be:
- Investors, their ultimate beneficial owners, legal representatives or contact persons;
- Members of the Investment Committees and Advisory Boards of each fund, joint venture or other vehicle Finreim is dealing with;
- Contact persons, representatives, management team or board members of the companies from which the portfolio companies or properties are purchased or to whom they are sold to;
- Tenants of the properties under management;
- Contact persons of external advisors, co-operation partners, service providers and public officials.
This Privacy Notice answers the following questions:
- What kind of personal data does Finreim collect and process?
- Why does Finreim collect and process personal data?
- What are Finreim’s information sources?
- How and with whom may the personal data be shared?
- How long is the retention time?
- What are the rights of the data subject?
- Who to contact?
- How does Finreim secure personal data?
Information related to communication
Basic contact information of all Data Subjects such as name, position, title, company address, email address, telephone number, employer data, and contact history data, such as correspondence and communication notes, and given consents and prohibitions for purposes of processing personal data.
Information related to investors
Information on previous and current investments and investment strategies and policies.
Information related to identification and legal requirements
In case personal data is processed due to mandatory legislative requirements, the register may also contain other personal data that Finreim is obliged to collect under mandatory legislation.
This information includes, but is not limited to, the following: date of birth, social security number, passport copy, citizenship, residence, tax residence, source of funds, financial status, and role as a politically exposed person and/or connections to countries on sanction lists or asset freezing lists (if any).
2. Why does Finreim collect and process the personal data?
Communication & marketing
Finreim processes personal data to contact, maintain, develop and update Finreim's business relationships as well as by marketing its new services and products. Processing for this purpose is based on a consent given by the Data Subject or on a contract made between the Data Subject and Finreim.
Investment operations
Personal data is also processed for the purpose of investment/asset management operations of Finreim including legal due diligence, fund administration, reporting and decision-making. Processing for this purpose is based either on fulfilling the contractual obligations or legal requirements.
Development of business operations
Personal data may be used for the development of business operations. Personal data may be processed to analyse the business relationship or to enhance the quality of Finreim’s products and services. General visitor information of Finreim’s website may be tracked, and this information may be generalized and used to analyse the use of the website and to further develop the website. The basis for the processing is Finreim’s legitimate interest to develop its operations and enhance the quality of its products and services provided to Data Subjects.
No other purposes
Finreim does not process the collected personal data for any other purposes without informing the Data Subject in advance of that other purpose. The collected data is not processed for automated decision-making (including profiling).
3. What are Finreim’s information sources?
Personal data is mainly collected from the Data Subject himself/herself or from their employer entity.
Personal data can be also collected from publicly available or other sources such as official registers maintained by Patent and Registration Offices and the and the Finnish Business Information System (YTJ). Finreim may also collect personal data from the registers of credit rating bureaus such as Suomen Asiakastieto Oy.
The information sources may vary depending the domicile and/or the citizenship of the Data Subject.
4. How and with whom may the personal data be shared?
Finreim may share personal data with others (e.g., third parties) such as the public authorities, suppliers and business partners who may, due to such sharing and depending on the situation in question, act as a data processor or become a controller of personal data.
Finreim may fulfil an above-mentioned transfer of personal data only under a contractual obligation or a legislative obligation to do so and only if it is necessary for processing personal data systematically and effectively, protecting Finreim's and/or the Data Subjects' safety or the safety of others, investigating fraud, or responding to a government request.
Personal data may also be shared with:
- business partners and third-party service providers, such as administrators, depositaries and legal advisors for the purpose of co-operation in the context of investment management, administration, anti-money laundering and know your client and legal due diligence. Finreim only shares the information which is necessary to share to fulfil its legal obligations;
- trusted IT service providers, for the purposes of systematic and organised handling of personal data. However, these trusted service providers act always on Finreim's behalf and Finreim is responsible for the processing of personal data;
- competent public authorities when permitted or required in order to comply with applicable mandatory laws or rules of a stock exchange, by order of a court or a request, which is made by a competent authority with legal rights to access such information. E.g., tax reporting information is annually transferred to tax authorities and the information regarding antimoney laundering is transferred to FIN-FSA upon request.
- Personal data may also be transferred to countries outside of the EU or EEA (“third countries”), but only during exceptional circumstances. Such transfer is conditional to the EU Commission assessing that the level of data protection is adequate in the target country, there are necessary standard contractual clauses in place to safeguard the transfer and/or the transfer is specifically agreed upon with the Data Subject.
The basic rules for retention are that personal data is retained only for as long as necessary to fulfil the purpose of processing or if it is required by law.
Basic personal data will be retained only as long as necessary to manage the business relationship or other interaction with the Data Subject. The data will be deleted after a reasonable period has lapsed from the last contact between the Data Subject and Finreim.
Personal data collected under mandatory legislation purposes will be retained as long as required by law.
6. What are the rights of the Data Subject?
A Data Subject is entitled to have access to personal data concerning him or her in the register, managed by Finreim, and to request Finreim to correct, update or remove personal data at any time. To the extent required by applicable data protection law, a Data Subject has a right to object or restrict data processing and request data portability, i.e. the right to receive the personal data in a structured, commonly used machine-readable format and transmit the personal data to another controller.
Data Subjects should acknowledge that certain information is strictly necessary for the performance of a contract or for compliance with a legal obligation of Finreim, which may restrict the Data Subject’s rights listed above.
In case the data processing is based on the consent given by the Data Subject, the Data Subject may at any time contact Finreim and cancel the consent for processing personal data, e.g., opt-out of receiving marketing messages.
6. Who to contact?
Controller and Controller’s representative
- Name: Finreim Oy
- Business ID: 3085714-4
- Address: Suolakivenkatu 18 B 41, 00810 Helsinki, Finland
- Name: Mr. Petri Suutarinen
- Title: CEO
- Email: surname.lastname@finreim.fi
- Phone: +358 400 330 322
If the Data Subject finds violation to his or her legal rights, he or she has the right to file a complaint with the national Data Protection Authority or another Data Protection Authority within the EU or the EEA. The Office of the Data Protection Ombudsman acts as the supervising authority in Finland.
Please send any requests regarding the above-mentioned rights to the contact person at Finreim.