Privacy Notice

1. Controller

Fintech Finland
Lapinlahdenkatu 16, 00180 Helsinki, Finland
Tel +358 50 560 2349
(Kirsi Suopelto, CEO)

2. Contact Information

Kirsi Suopelto
Lapinlahdenkatu 16, 00180 Helsinki, Finland
Tel +358 50 560 2349
Email kirsi.suopelto(at)fintechfinland.fi

3. Name of the register

Fintech Finland’s register for stakeholder news. 

4. Purpose for the use of the register

The data are used to manage Fintech Finland’s (FinFin) memberships, to conduct surveys and questionnaires, and to send out news and invitations to members, other stakeholders and newsletter subscribers. The register is based on the information given in accepted membership applications, on subscriptions made at www.fintechfinland.fi, and on public information sources. Recipients in the register are sent newsletters either in Finnish or English.

The use of personal data in the register is based either on the person’s consent or on the point (f) of Article 6(1) of the EU General Data Protection Regulation (2016/679), in which the referred legitimate interests are FinFin’s operations, and the registered persons are relevant to FinFin as representatives of FinFin’s member companies or as stakeholders.

5. Content of the register

The register contains information required for purposes specified in section 4. These may include:

  • First name and last name
  • Job title and role (responsibilities in the organisation)
  • Contact information: e-mail address, telephone number and street address

6. Regular Sources of information

Data are received from accepted membership applications and subscriptions with the subscriber’s consent.

7. Regular destinations of disclosed data / transfer to countries outside EU or EEA

FinFin does not disclose the register’s data to any irrelevant third party. However, the data may be transferred to and processed by third-party providers which perform services on FinFin’s behalf (data processors) to enable these companies to perform the services requested by FinFin. However, these suppliers are obliged to process the data only for purposes mentioned above and they are provided with only the personal data required to fulfill these purposes. These suppliers must also follow FinFin’s instructions and applicable data privacy laws and data processing agreements.  

The third-party service providers FinFin uses include Mailchimp for sending out online newsletters and Dropbox for storing and transferring also personal data safely inside the organization. These are both United States based companies and thus using their services might enable personal data to move outside the European Union. However, both of these companies are on the EU-U.S. Privacy Shield Framework’s list of certified companies and their data privacy policy is GDPR compliant. Read more: Mailchimp, Dropbox  

8. Principles how the data file/register is secured

The register is in the use of the controller only, and no information is disclosed to irrelevant third parties. The information is stored as long as it is necessary for the purposes that the information is collected for. The correctness of the information is confirmed regularly.  

Updated on 11 December 2019