General information regarding our processing activities

This privacy policy is applicable to Selen Law’s clients and suppliers. We do not collect or use any such information for marketing purposes.

We mainly process personal data when maintaining customer relationships with our clients as well as other business relationships with our suppliers and other relevant interest groups.

All of our processing activities are conducted in accordance with the General Data Protection Regulation (2016/679) (”GDPR”) and other applicable national data protection laws.

This privacy policy describes how we process personal data concerning the representatives and owners of our clients, potential clients, suppliers and other business partners.

We may update this policy if it is necessary in order to reflect the changes in data processing practices or otherwise. This policy applies to processing of personal data carried out by Selen Law as data controller.

We may process the following personal data relating to you:

– name and contact details
– organization and title
– phone number and email address
– date of birth / personal identification number
– Know Your Customer (“KYC”) data, including political exposure and ownership information
– correspondence between Selen Law’s representative and you
– information relating to meetings between Selen Law’s representatives and you
– invoicing and billing information

We normally receive the personal data directly from you, from other representatives of your employer or from your employer’s counterparts, in the course of an engagement.

In addition, personal data may be collected and updated from public sources, such as public search engines, other public websites and social media as well as public registers (e.g. information relating to your contact details).

Some of the personal data may also be generated by us. This information includes correspondence between you and our representatives as well as information relating to meetings between you and our representatives.

Personal data is processed to be able to offer legal services to our customers and to run, maintain, promote and develop our business.

Your personal data may be processed to enable us to administer and fulfil our obligations under the law. This includes following: complying with our bookkeeping obligations and providing information to relevant authorities such as tax authorities; identification of customer’s representatives and beneficial owners and other KYC for the prevention, detection, and investigation of money laundering and terrorist financing, as well as for the investigation and prosecution of the crime from which the assets or proceeds involved in money laundering or terrorist financing have been obtained in accordance with Act on Preventing Money Laundering and Terrorist Financing.

Your personal data may be processed in relation to claims handling, debt collection and legal processes. We may also process data for the prevention of fraud and money laundering, misuse of our services and for data, system and network security.

Your personal data may be processed mainly to pursue our legitimate interest to maintain and develop customer and business relationships and to run and develop our business. We also process personal data to comply with our contractual obligations towards you. Furthermore, we process personal data to comply with legal obligations, such as know-your-customer and anti-money laundering procedures and other procedures based on applicable law.

You may be requested to grant your consent for the processing of personal data. When the processing of personal data is based on a consent, you may withdraw your consent at any time.

We store your personal data within the European Economic Area.

We do not share personal data with third parties outside of our organization unless one of the following circumstances applies:

– if access to and use of the personal data is reasonably necessary to: meet any applicable law, regulation, and/or court order; or detect, prevent, or otherwise address crime or security issues;
– to our authorized service providers who perform services for us (including data storage, legal, accounting). Our service providers agree to limit their use of personal data and to comply with privacy and security laws and standards;
– with your explicit consent
We do not store personal data longer than is legally permitted and necessary for the purposes set out in this policy. The storage period depends on the nature of the information and the purposes of processing.

When the storage of personal data is no longer necessary for the purpose for which it was collected, we may continue storing the data only as long as such processing is required by law or is reasonably necessary for our legal obligations or legitimate interests such as claims handling and bookkeeping.

The customers’ representatives’ and beneficial owners’ identification information and other KYC data must be stored for a period of five (5) years from the expiry or termination of the relevant client relationship with us.

Your rights

You have the right to access your personal data processed by us and to request a copy of your personal data undergoing processing. In case the processing is based on a consent, you may withdraw the consent at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

You have the right to have incorrect or incomplete personal data we have stored about you corrected or completed. You may also ask us to erase the your personal data from our systems. We will comply with such request unless we have a legitimate ground to not delete the data.

You may object to the processing of personal data on grounds relating to your particular situation if such data are processed for our legitimate interest. You may request us to restrict processing of personal data for example when your data erasure, rectification or objection requests are pending and/or when we do not have legitimate grounds to process your data.

In case the processing is based on a consent or agreement, you have the right to receive your personal data that you have provided us with in a structured and commonly used format.

The above rights may be used by contacting us on the addresses set out above. We may request the provision of additional information necessary to confirm your identity. We may reject requests that are unreasonably repetitive, excessive or manifestly unfounded.

Lodging a complaint

In case you consider our processing of personal data to be inconsistent with the applicable data protection laws, a complaint may be lodged with the local supervisory authority for data protection. In Finland, the local supervisory authority is the Data Protection Ombudsman www.tietosuoja.fi

This policy may be updated from time to time.

Contact details of data controller
Selen Law Oy
Business ID: 2918815-8
Address: Lehtisaarentie 6, 00340 Helsinki, Finland
Contact: kristiina@selenlaw.fi