fbpx
e

Privacy Policy

 

SAMLA CAPITAL’S PRIVACY POLICY

1. Who will process your personal data

Samla Capital Oy (“we”)
Kauppakatu 18 C 35
40100 Jyväskylä
Business ID 2684294-3

2. What personal data do we process and where do we collect your data from

Processes the following personal data of yours, if you are a potential customer of ours or represent a potential corporate customer of ours:

  • name,
  • contact information: phone numbers, e-mail and street addresses,
  • position in the company that you represent and
  • information you have provided to us when you expressed your interest.

We can obtain this information from you, public sources (such as the web pages of the company you represent, commercial providers of information services), our partners that have permission to disclose information or other group companies.

We will process the following personal data of yours, if you are our customer:

  • “Know Your Customer” information: Name, birth date, personal ID number, place of birth, citizenship, copy of your passport, driver’s license or another acceptable identity document;
  • Contact information: Phone numbers, e-mail and street addresses (including postal address and foreign addresses);
  • Financial information: Wealth and income information, credit information;
  • Information related to contracts: information related to a contract, information about investments in funds managed by us;
  • Billing and payment information;
  • Information related to statutory requirements: Information that we need to fulfill the “Know Your Customer” requirement and manage risks related to the financing of money laundering and terrorism. Such information includes, for example, your primary source of income, origin of your funds, as well as information related to tax liability in a different country, such as a foreign tax reference number and your citizenship, as well as the country where you are liable to pay taxes.
  • E-mail communication, messages in our other digital channels, as well as other documentation regarding communication with you.
  • Possible bans related to marketing.
  • Newsletter and Key Investor Information Document subscriptions.
  • Other possible information related to the customer relationship that you have disclosed

We will collect this information from you, except for your credit information, which we will check from Suomen Asiakastieto Oy or Alma Talent Oy. We can also check and update your information from the population register and the Finnish Tax Administration’s registers as well as companies that offer information services. We have a legal obligation to identify our customers, so the disclosure of information is a prerequisite for establishing a customer relationship.

We will process the following personal data of yours, if you are a representative of our corporate customer, a beneficial owner, owner or a member of the body:

  • “Know Your Customer” information: Name, birth date, personal ID number, place of birth, citizenship, copy of your passport, driver’s license or another acceptable identity document;
  • Contact information: Phone numbers, e-mail and street addresses,
  • Your position at the corporate customer;
  • E-mail communication, messages in our other digital channels, as well as other documentation regarding communication with you.
  • Possible bans related to marketing.
  • Newsletter and Key Investor Information Document subscriptions.

We will mainly collect the information from you, but we will also receive information from the company whose representative, beneficial owner or member of the body of you are. We will also obtain information from registers maintained by authorities (for example, the population register, the Finnish Tax Administration’s registers, business registers and supervisory authorities’ registers), as well as commercial intermediaries that provide information on, for example, beneficial owners and politically exposed persons.

If you are our customer or a representative of our corporate customer, a beneficial owner, owner or a member of the body, we will perform sanction list checks (lists maintained by international organizations, such as the EU or UN, and national organizations, such as the Office of Foreign Assets Control unit (OFAC)).

If you are our partner or a representative of our partner, we will process the following information of yours

  • Basic information: name, phone number, e-mail address and position at the partner company;
  • Possible bans related to marketing; and
  • Cooperation agreement and information related to the cooperation.

We will obtain the information, as a rule, from you and the partner. Information may be obtained and updated also from registers maintained by the authorities or other public sources.

3. How do we use your personal data and on what legal basis

We use your personal data in order to fulfill our statutory and contractual obligations and make offers to you, as well as offer our products and services or conclude contracts with you.

Concluding and managing contracts (implementing a contract)

The primary purpose of the processing of personal data is collecting, processing and verifying personal data before making an offer and concluding a contract, as well as documenting, managing and implementing the tasks under the contract.

Examples of tasks related to the implementation of a contract:

  • processes necessary for making an investment
  • customer service during the contract period

Compliance with the requirements and obligations specified by law, provisions or the decisions of authorities and supervisory authorities (statutory obligation)

In addition to the implementation of the contract, compliance with the obligations specified by law, provisions and the decisions of authorities requires us to process personal data.

Examples of statutory obligations that require the processing of personal data:

  • the KYC i.e. “Know Your Customer” obligation
  • preventing, detecting and examining money laundering, the financing of terrorism and fraud
  • sanction checks
  • accounting regulations
  • reporting to tax, police, executing and supervisory authorities
  • obligations related to risk management
  • other obligations that are related to service or product-specific legislation, such as legislation related to funds

Managing the customer relationship and direct marketing (legitimate interest/consent)

Your personal data can be used to manage the customer relationship, for example, to send customer communications.

Your personal data can be used for direct marketing unless you have forbidden the use of your information for direct marketing purposes.

Marketing, product and customer analyses (legitimate interest)

Personal data is processed also in connection with marketing, product and customer analyses. Marketing activities, the development of processes, business activities and systems, including testing, can also be based on the processing of personal data. In this way, we can improve our product range and customer service, as well as optimize the services offered to customers. This may include profiling. We have a legitimate interest to use profiling for e.g. customer analyses done for marketing purposes.

Implementation of cooperation

Information is processed in connection with managing cooperation, to manage the service offered to the partner, as well as to instruct and inform representatives.

Consent

We can, when necessary, ask for your consent to process your personal data in certain situations (e.g. consent to sending electronic direct marketing). The consent request includes information regarding the processing of the information in question. If you have given your consent to the processing of personal data, you also have the right to withdraw your consent. You can withdraw your consent by contacting us at hannu.saastamoinen(at)samla.fi.

4. To whom can we disclose you personal data

We can disclose your personal data, where permitted by law, to other parties, such as authorities (for example, tax, police, executing and supervisory authorities in the countries concerned), group companies and business partners. Prior to disclosing any information, we will always ensure that the appropriate financial sector confidentiality obligations are complied with.

The offering of services and compliance with contracts may also require the disclosure of your personal data.

Information collected in the registers will not be disclosed to parties outside the group for marketing, sales, opinion or market research purposes.

We use the following processors for the processing of personal data:

  • IT services providers
  • providers of mailing and communication services
  • accounting firm
  • providers of marketing services

5. Do we transfer your data to third countries

We do not, in principle, transfer data to organizations in so-called third countries outside the EEA without your explicit consent. The exception is sending e-mails based on certain e-mails lists through a dedicated service, whose server is located outside the EU in the U.S. This service provider complies with the EU-U.S Privacy Shield agreement, which is in accordance with the EU’s personal data protection standards.

6. How do we protect personal data

Protecting your personal data is very important to us, and we take both it and other privacy policy matters seriously by considering the protection of personal data as the foundation of our business activities. We have appropriate technical, organizational and management related security procedures, with which we protect all information held by us in the event of loss, misuse, unauthorized use, disclosure, changes and destruction.

7. Your rights related to privacy

As a data subject, you have rights regarding the personal data held by us. You have the following rights:

A) The right to access your personal data

You have the right to access your personal data held by us. Your right of access can, however, be restricted by legislative measures or if the access to information would adversely affect the rights and freedoms of others.

B) The right for rectification of inaccurate or incomplete data

If the information is inaccurate or incomplete, you have the right request the rectification of the information, unless constrained by law.

C) The right to request the erasure of data

You have the right to request the erasure of your data in the following cases:

  • You withdraw your consent for the processing of data, and there is no other justified reason for the processing
  • You object to the data processing, and there is no acceptable reason for continuing the processing
  • You object to the data processing for direct marketing purposes
  • The data processing is against the law
  • The data is no longer needed for the purposes for which it was collected or otherwise processed

Due to finance sector legislation, we are obliged in many cases to retain your personal data during the customer relationship and also after it.

D) The right to restrict the processing of personal data

You can ask us to restrict the processing of your personal data to only the storing of the data, if

  • you contest the accuracy of the data we have processed
  • you contest the lawfulness of the data processing but object to the erasure of your data
  • you have objected to the processing of your data
  • we no longer need your data, but you need it in regards to a legal claim

E) The right to object to the processing of data

You have the right to object to the processing of your personal data on grounds relating to your particular situation, if the processing is based on our legitimate interest, and there are no legitimate grounds for the processing.

You always have the right to object to the processing of your personal data for direct marketing purposes or profiling related to direct marketing.

F) The right to data portability

You have the right to receive the personal data you have given us in a machine-readable form. This right applies only to personal data that has been processed automatically and based on your consent or the implementation of the contract. The information may also be transferred from us to another data controller, if it is safe and technically possible.

If you want to exercise your above-listed rights, please contact us by e-mail at hannu.saastamoinen(at)samla.fi or by mail at Samla Capital Oy, Hannu Saastamoinen, Kauppakatu 18 C 35, 40100 Jyväskylä.

8. The right to complain to a data protection authority

You have the right to lodge a complaint with a supervisory authority, if you believe that the GDPR was breached when your personal data was processed.

Contact information for the supervisory authority:

Contact information for the supervisory authority:

Data Protection Supervisor office
Street address: Ratapihantie 9, 6th floor, 00520 Helsinki
Postal address: P.O. Box 800, 00521 Helsinki
Switchboard: 029 56 66735
tietosuoja@om.fi

9. Cookies

We use cookies on the samlacapital.fi website and other websites owned by us to develop website usability (Google Analytics) and for marketing purposes (Facebook and Google AdWords or another comparable digital advertising channel). A cookie is a small text file that is stored on your computer or device when you visit our website. Our website cookies collect information on demographics and topics, which may indicate the user’s age and gender, the user’s website behavior on our websites, the user’s browser and network connection and other HTTP information. Google Analytics, Facebook and Google AdWords as data controllers also process cookie information for their own purposes, and their own terms are applied to the processing of cookies. You can manage and view the information Facebook has collected from our websites with Facebook’s own tool (https://www.facebook.com/off_facebook_activity/). You can manage information collected by Google with Google’s MyActivity service (https://myaccount.google.com/).

Our website uses the Mailchimp newsletter system, which saves name and e-mail information when a user subscribes to our newsletter. You can manage you own personal data in the Mailchimp system with the link found in our marketing e-mails.

Website cookies are valid either temporarily during the browser session or for a long period according to an end date set according to the cookie. Cookies that are active during the browser session, such as the user login check with a cookie, are automatically deleted when the user closes the browser. Long-term cookies are valid for 1-24 months depending on the cookie. The user approves the use of cookies when using the website with a browser, whose settings allow the use of cookies, or when approving the use of cookies with a website cookie bar. Users may prevent the use of cookies by changing their browser settings. This may, however, critically impact the website functionality, and we cannot guarantee the website functionality without the allowance of cookies.

The website’s sending of forms, such as information on the downloading of the key investor information document, sending of the contact form or other form entries are stored on the website for 30 days. If the user gives their consent for direct marketing or enters into a customer relationship with Samla Capital Oy, the customer data is stored for the duration of the customer relationship or as long as the marketing consent is valid.

10. How long do we retain your personal data

We retain your data for as long as it is needed for the purpose it was collected for, or as long as required by law and regulations. If we retain your data for purposes other than executing the contract, such as preventing money laundering, bookkeeping and implementing capital requirements, we will retain the data only if it is necessary with regard to the purpose in question and/or as provided by law and regulations.

For clarity’s sake we list below examples of the data retention periods:

  • Preventing, detecting and examining money laundering, the financing of terrorism and fraud: at least five years after the end of the business relationship or after a single transaction
  • Accounting regulations: for ten years
  • Other obligations that are related to service or product-specific legislation, such as legislation related to funds: for seven years
  • Information regarding the execution of a contract: up to ten years after the end of the customer relationship as protection against legal claims.

11. How do we make changes to this description and the one concerning cookies

We continue to improve and develop our services, products and web pages, so we might make changes to our privacy policy from time to time. Please read our privacy policy periodically in order to receive up-to-date information.

12. Contact information regarding our privacy policy

If you have questions about our privacy policy, you can contact our staff. The primary contact person regarding our privacy policy is Hannu Saastamoinen, whom you can contact by e-mail at hannu.saastamoinen(at)samla.fi or by mail at Samla Capital Oy, Hannu Saastamoinen, Kauppakatu 18 C 35, 40100 Jyväskylä.

Last updated on May 5, 2020