Data Protection and registry notice
EU:s general data protection regulation (679/2016, “GDPR”)
1. DATA CONTROLLER
Kaspian Law & Consulting Oy
Mannerheimintie 12 B 5th floor
00100 Helsinki (Luna House)
+358 044 704 9992
2. CONTACT PERSON OF THE REGISTER
Iiro Lehtonen, Lawyer
3. NAME OF THE REGISTER
Kaspian Law & Consulting Oy client register
4. PURPOSES OF THE USE OF PERSONAL INFORMATION
The purpose of the register is
1. Handling, developing and managing client relations;
2. Handling commissions and invoicing;
3. Recruiting. For this part the register consists only of the information delivered by the job applicant and they are stored and processed only for recruiting
5. REGISTER CONTENTS
Kaspian Law & Consulting Oy’s clients are saved to the client register.
The following data is processed in the register:
- First and last name
- Contact information
- Social security number or business identity code
- Information regarding commissions and the material collected or composed for the handling of the commissions. These are for example documents from the client, the authorites and the counterparty, and the documents composed by the lawyers, communication with the client, sent invoices and the payments.
6. REGULAR SOURCES OF INFORMATION
The information in the register is primarily collected from the registered person.
While handling commissions information regarding other parties may be gathered from the clients of Kaspian Law & Consulting Oy. Additionally, personal data may be gathered from authorities and other reliable sources within the limits of the applicable law.
7. RIGHT OF INSPECTION AND RIGHT TO RECTIFICATION OR RIGHT TO ERASURE
The data subject shall have the right to obtain information of what data, how and for what purposes their data is being processed. Giving the information can be justifiably denied if the request includes information that falls under confidentiality.
The data subject has the right to request the rectification of incorrect or inaccurate data, limitation of data porcessing or the erasure of data. The data subject may exercise his or her right in writing via email or by mail. The request to erase data basically also leads to the ending of the commission as the gathered data is always necessary for the handling of the commission. The law office has an obligation to retain certain information after the commission or the client relationship has ended. The right to be forgotten is therefore limited in regards to the information collected during commissions.
8. DISCLOSURE OF PERSONAL DATA
The data in the register may be disclosed forward. Data is disclosed forward only to the extent that is necessary for the obligations arising from commissions, client relations and legislation.
9. TRANSFER OF PERSONAL DATA OUTSIDE OF EU OR EEA
The data in the register will not be transferred outside of the EU or EEA.
10. RETENTION OF PERSONAL DATA
Personal data is retained for the time that the client relationship is valid. After the client relationship ends the information is retained for as long as is necessary due to the obligations arising from law, as a rule for at least ten years. Personal data may be retained for a longer time if required by the existing legislation or for another justified cause. For example an in-house inspection on judicial disqualification may require the retention of some data for more than ten years.
11. PRINCIPLE OF REGISTRY PROTECTION
The data stored in the register is only for the usage of the persons needing them for handling commissions.
Paper documents including personal data are stored in a locked room.
For the inspection of personal data stored electronically a username and a password is required. Additionally, the internet access is secured. Data regarding commissions fall under confidentiality and they cannot be disclosed to outside parties without the consent of the client or without a distinct regulation.
The data controller may collect data on the use of services through cookies. Cookies are small text files that the browser may save on your device when visiting a website. They are used to keep track of your movement across the site. You can manage your cookie preferences in your browser settings and choose to enable or disable cookies. Disabling cookies may affect the functioning of the website.
The information is received from the user, technically registered use of internet services, third party analytic services such as Google Analytics or public sources of information. Information collected includes the IP-address, location and time of the use of internet services, information about the used device, operating system and software, browser type and language settings, interaction with customer service in different service channels and external web pages from which the user has entered the website from and websites the user moves to from the website. The information is used to improve the service and customer experience and will not be connected to an individual user.
Cookies we use:
- Login data to facilitate the use of the service and functional cookies, such as saving
the settings when logging in which speeds up the use of the service and improves
the user experience
- Analytic cookies: Anonymised information about users provided to Google Analytics,
which allows Kaspian Law & Consulting Oy to improve the functionality of the site. An
individual user cannot be identified through the use of these cookies. These cookies
are used to analyze popular pages on the site and possible improvements.
- Targeted cookies or advertising cookies. These do not include personal information.
They allow the operation of cost-effective advertising in, for example, Facebook and
Google services. You may disable these cookies in the cookie banner.
If you wish to delete cookies from the browser or disable their use, you have a right to do so. You should familiarize yourself with the browser settings, as actions are always browser-specific. It is important to note that the disabling of the cookies may affect the
effectiveness of the use of services. By allowing cookies, you ensure the effective use of our site.
REGULAR SOURCES OF INFORMATION
Newsletter and in the future the online store and related systems and in addition the marketing campaigns. The newsletter is currently not in use.
THE REGULAR DISCLOSURE OF INFORMATION (Newsletter etc.)
The information will not be disclosed to third parties, excluding technical management of the online store and as far as necessary to ensure the functioning of the website. The information may be disclosed to a person in the register to see and review. The information may be deleted on request.
PROTECTION OF THE REGISTER
The register will not be disclosed to third parties excluding for functions related to technical management of the website. The register is password protected and encrypted. All internet accesses requiring usernames and passwords are protected https-connections.