Skip to content

Privacy POLICY

Scandinavian Financial Research Oy

Updated 4 April 2022


1. Introduction

Data protection refers to the exercise of the rights of the person whose data is processed in the processing of personal data. The purpose of data protection is to show when and under what conditions personal data may be processed. Personal data, on the other hand, refers to information related to an identified or identifiable natural person.

It is necessary for Scandinavian Financial Research Oy ("we") to process personal data. We follow procedures and processes to protect personal data in accordance with the requirements of data protection legislation. This privacy policy contains the basics for collecting the data and what the collected data is used for. Examples of application situations include providing our services. The Privacy Policy also applies to the processing of personal data of our employees as well as jobseekers and employees of our partners.

Scandinavian Financial Research Oy acts as the controller.


2. Why do we process personal data and on what grounds?


Purposes of the processing of personal data

We collect and process personal data in order to:

  • enable leads, potential customers and existing customers to be contacted in order to market and communicate about our own or selected third-party services, for example through newsletters, various marketing campaigns or invitations to events.
  • enable us to fulfil our obligations under the agreements with our customers, partners and, for example, our employees. This includes, for example, the processing of personal data related to research activities and the analysis of responses.
  • be able to develop our services and improve the user experience of our services.
  • be able to manage our services.
  • be able to prevent and, in certain situations, investigate possible abuses.

Legal basis for the processing of personal data

In certain situations, we ask for your consent to the processing of your personal data. These situations include, for example, consent to electronic direct marketing or the processing of some data belonging to special categories. The consent request contains information on the processing of such data. If you have given your consent to the processing of personal data, you also have the right to withdraw your consent.

When we market our services or products to persons belonging to marketing target groups, potential customers or our existing customers, we process personal data on the basis of a legitimate interest. We have a legitimate interest in marketing our services and products in different ways. We want to provide people belonging to marketing target groups with the most interesting information and marketing as possible, for example on our website and social media channels. In addition, we may market our own or third-party services, for example through newsletters or invitations to events. We may use social media tools, such as different audiences, in our marketing. We analyze our email campaigns and the activities of our websites and social media channels. This allows us to evaluate the functionality of our marketing campaigns, for example. This information is the basis for the development of our business and future marketing activities.

We analyse and combine the responses of the participants in our studies on the basis of a legitimate interest. All data provided by the participants are processed statistically in such a way that it is not possible to identify individual respondents.

We also have a legitimate interest in developing our products and services. The development of processes and systems related to our business may be based on the processing of personal data. This may also involve the processing of personal data for the prevention and detection of abuses.

In fulfilling our contractual obligations, we process personal data on the basis of a contract, such as a service, employment or assignment agreement. In addition, we process personal data to fulfil our obligations under legislation, such as accounting and tax legislation.


3. What information do we collect?

 

We collect information necessary for the purposes specified in this Privacy Policy:

Information you provide to us

The personal data we process includes, for example, name, position in the company, telephone number, address and email address. This information is processed for communication with customers and for the purpose of providing services.

If you participate in our research, you will submit to us your answer for analysis. The information provided by the respondents is statistically combined and analysed in such a way that it is not possible to identify individual respondents.

Data collected from other sources

We collect personal data from publicly available sources, such as registers maintained by public authorities (e.g. population register, tax administration registers) and commercial data brokers.


4. How long is personal data stored?

 

We store users' personal data only for as long as it is needed for the purpose of providing the service or for a maximum period permitted by law.


5. With whom can we share your information?

 

Affiliates

The same group includes SijoittajaPRO Finland Oy, to which we may share personal data for the purposes mentioned in paragraph 2 on the basis of a legitimate interest.

Ownership

If we sell, buy, merge or otherwise organize our business, personal data may be disclosed to buyers and their advisors.

Service Providers

We transfer personal data only to the extent that third parties need access to the personal data we process in order to provide our services for the purposes defined in this Privacy Policy. In this case, the service providers process the data for our reading.

For legal reasons

Your personal data may be disclosed in accordance with the requirements of competent authorities and legal requirements.

Corporate action



6. Automated decision-making and profiling

 

Automated decision-making refers to a decision that is based on automated processing and has legal effects on a person or has a similarly significant impact on him or her. We do not use automated decision-making in our operations.

Profiling, on the other hand, refers to the automatic processing of personal data, which involves, for example, the assessment or anticipation of a person's interests or behaviour. We specialise in strategic management of client relationships and customer accounts in the financial and investment services sector, and as part of our research activities, we do not assess our clients' personal interests or behaviour.

We may use profiling in our marketing in such a way that we aim to target the most suitable and interesting products and services to each customer. For the most part, however, the formation of marketing target groups is segmentation that does not involve profiling.


7. International data transfers

 

We strive to implement our services and process personal data using operators and services located in the EU or EEA.

However, in some cases, services may also be provided using operators, services and servers located elsewhere. In this case, your personal data may be transferred between different countries. Such transfers may include transfers of personal data outside the EU or EEA to countries whose legislation on the processing of personal data differs from the requirements of Finnish law. In this case, we will ensure an adequate level of protection of personal data, for example by agreement with the processor.


8. Data protection

 

Security is ensured by appropriate administrative, technical and physical security measures.


9. Minors

 

The service we provide is not aimed at minors and we do specifically not collect the personal data of minors.

 

10. Services of third parties

 

This Privacy Policy applies only to the service we provide and we are not responsible for the privacy practices of other sites. We recommend that you check the privacy statements of the websites they visit.

 

11. Amendment of the Privacy Policy

 

We may change this privacy policy. If there are any changes to the Privacy Policy, we will always notify you of changes in this privacy policy.

 

12. Your rights

 

Right of inspection

You have the right to check what information about you has been stored in the contact register.

The right to demand rectification of information

You have the right to demand that incorrect, inaccurate, incomplete, outdated or unnecessary information be corrected or supplemented.

Right to request erasure of data

You may ask us to delete your personal data from our systems. We will take the necessary steps in accordance with your request if we have no legitimate reason not to delete the data. The data may not be immediately removed from all our backup or other similar systems.

Right to restrict the processing of data

You may ask us to restrict the processing of certain of your personal data. A request to restrict the processing of data may result in more limited access to our website and services. You have the right to opt out of electronic direct marketing by following instructions included in all marketing messages we send.

Right to object to the processing of data

You may also request restrictions on the processing of your personal data if your data is processed for purposes other than the performance of our service or for the fulfilment of a legal obligation. Objecting to the processing of personal data may lead to more limited access to our website.

Right to transfer data from one system to another

You have the right to receive your personal data from us in a structured and commonly used format so that you can transmit the data to another register provider.

Right to withdraw consent

If the processing of your data is based on consent, you have the right to withdraw consent at any time.

Exercise your rights

You can exercise your rights by contacting customer service. We may request additional information necessary to verify your identity. Please also note that our operations are subject to legal obligations, for example in relation to data retention, and therefore we may be obliged to process your personal data even if you request that the processing be restricted or deleted.

If you feel that the processing of your personal data is incompatible with applicable legislation, you can lodge a complaint with your local data protection supervisory authority.

Who can I contact?

You can contact us about data protection matters by contacting us via the contact form on our website or by sending an email to sfr@sfr-group.com. This way you can also reach our organisation's Data Protection Officer. Please identify when writing a message if your case concerns data protection or if you would like to contact the Data Protection Officer. In this case, we will be able to forward your message to the right individual.