Verkkosivu ei tue käyttämääsi selainta

Verkkosivu ei tue käyttämääsi selainta. Lataa jokin seuraavista selaimista, jotta saat parhaan käyttökokemuksen Svean kotisivuilla.

Skip to content

Privacy policy

Svea Payments’ customers

Privacy policy

Svea Payments’ customers

Privacy Policy | Svea Payments Oy | customers | pdf

Contents

  • General
  • Controller and contact information
  • Legal basis for processing data
  • Data content
  • Data sources
  • Recipients and categories of recipients
  • Regular transfers of data
  • Time frame for retaining personal data
  • The data subject’s rights
  • The right to make a complaint to the authorities
  • The concequences for not providing personal data
  • Changes in this privacy policy

General

This Privacy Policy applies to certain personal data for contact persons representing Svea Payments’ customers; referring to the web stores, companies and organizations that use the payment services Svea Payments provides.

Svea Payments is a data controller in this context.

Controller and contact information

Svea Payments, Business identification code: 2121703-0

Address: Mechelininkatu 1 A, 00180 Helsinki, Finland

Contact person: Svea Payments

Telephone number: (09) 321 3300

Email: tietosuoja.payments@svea.fi

Legal basis for processing data

It is necessary for Svea Paymentsto process personal data when conducting measures according to the payment service contract where you are one of the parties, or representing one of the parties, or when Svea Payments is conducting measures, up on your request, that are required before signing a contract.

Your personal data is also processed because of activities concerning customer relationship development. The legal basis for the process is compliance with a legal obligation.

In some cases, like when it comes to electronic marketing communication, the legal basis is consent or compliance with a legal obligation. You have the right to take back your consent at any time.

According to the above presented, we will process your personal data for the following means:

  • Putting the contract into practice
  • Communication (email) (service news, service break news, and other news concerning your service)
  • Invoicing
  • Carrying out the service
  • Developing the customer relationship

Processing your personal data is also necessary so that Svea Payments can comply with legal obligations. Our legal obligations consist of i.e.

  • Customer knowledge (Know-Your- Customer)
  • Noticing, preventing, stopping and investigating money laundry, terrorism-funding and fraud
  • Reporting to the authorities
  • Obligations concerning risk control as checking credit reports
  • obligations and requirements concerning payment services

Data content

We collect such basic personal data from you that we need from our customers. This type of information is your position in the customer company, if you are a board member in the customer company and if you are a true beneficiary according to how it is more specifically defined and regulated in the prevention of money laundering and terrorist financing law (444/2017).

Data sources

As an addition to the information you have provided, we collect public information about you from the following outside sources: authority registers i.e. company registers, credit-registers, sanction lists from international organizations such as the EU and UN and other commercial informants, that provide information about true beneficiaries and politically exposed persons (PEP).

Recipients and categories of recipients

Svea Payments transfers your personal data only in situations and for means that are stated in this Privacy Policy.

Information entered in the register may be disclosed to the extent permitted and required by applicable law, including at the request of an authority or by decision of a court. Svea Payments Oy is part of Svea Ekonomi Group and information may be disclosed to affiliated companies for the purpose of conducting, targeting and monitoring marketing communications including electronic direct marketing, distance selling or other direct marketing as well as opinion polls and market research or other similar addressable delivery and marketing competitions without disclosing your personal information to third parties. Electronic direct marketing will not be targeted at consumer customers without explicit consent.

Before Svea Payments transfers your personal data, Svea Payments controls that the recipient is willing to process your personal data according to Svea Payments’ written instructions and according to the general data protection regulation ((EU) 2016/679) and other obligations that are required according to possibly applied law.

Your personal data is transferred to the following parties: Salesforce Inc., HubSpot Inc., Mailjet SAS, Zendesk and Signicat As. Svea Payments uses services provided by these three parties.

Regular transfers of data

If you function as a contact person for the customer company, your personal data is transferred outside of the European Union (EU) and the European Economic Area (EU), when the HubSpot- service is used. The service provider, HubSpot Inc.’s database is located in the United States in the East 1- Virginia- area. HubSpot Inc- is compliant to the EU- US- Privacy Shield- framework.

Except for the above mentioned, your personal data is not transferred outside of the European Union (EU) and European Economic Area (EEA).

Otherwise: Your personal data can be transferred to Svea Payments’ marketing register after your and Svea Payments’ customer relationship, or when other relevant contact has ended.

Time frame for retaining personal data

We will retain your personal data after the customer relationship has ended for as long as it is needed to guard our rights or for as long as the applicable law and regulations so us obligate.

The personal data is retained at least for such a long time as the prevention of money laundering and terrorist financing law (444/2017) requires.

The data subject’s rights

You have the following rights concerning your personal data:

  • The right to be informed and to access

You have the right to get confirmation about whether your personal data is processed or not, as well as getting access to your personal data. The request to access your data must be sent to: tietosuoja.payments@svea.fi or by mail to Mechelininkatu 1 A, 00180, Helsinki, Finland.

If the registered makes a request online, and has not requested any other form of delivery, she will get her information by generally used and data-safe electronical means. A sum for the costs that arise from delivering the information can be requested from the registered. If Svea Payments cannot verify your identity, Svea Payments has the right to request more detailed information so that the identity is verified.

  • The right of rectification

You have the right to claim Svea Payments to correct or update data that is inaccurate for the means of processing. In some cases, like if you take back your consent and your personal data is processed based on that consent, or your personal data has been processed illegally or the means for processing your personal data no longer exist, you have the right to ask Svea Payments to remove your personal data. The request for correction or removal must be sent to tietosuoja.payments@svea.fi or by mail to Mechelininkatu 1 A, 00180, Helsinki, Finland.

  • The right to restrict processing

In some cases, as if your personal data is not correct, the processing is illegal or when Svea Payments no longer needs certain data for the means of the processing but you yourself need the data for the establishment, exercise or defense of legal claims, you have the right to claim that Svea Payments restricts

the processing of your personal data. The claim for restricting your personal data has to be sent to: tietosuoja.payments@svea.fi or by mail to Mechelininkatu 1 A, 00180, Helsinki, Finland.

  • The right to restrict processing

You have the right to restrict Svea Payments from processing your personal data when it comes to means such as: marketing, sales or research concerning marketing and opinions. You have the right to back your given consent to marketing at any time. The request to restrict the processing of your personal data has to be sent to: tietosuoja.payments@svea.fi or by mail to Mechelininkatu 1 A, 00180, Helsinki, Finland.

  • The right to data portability

You have the right to collect personal data that you have provided to Svea Payments in a generally used, electronical form and you have the right to move this information to another data controller without Svea Payments stopping you. The request for data portability has to be sent to tietosuoja.payments@svea.fi or by mail to Mechelininkatu 1 A, 00180, Helsinki, Finland.

The right to make a complaint to the authorities

Svea Payments aims to right everything concerning your personal data straight with you, but if you for some reason are not happy with the way Svea Payments processes your personal data you have the right to make a complaint to the Data Protection Ombudsman.

Data Protection Ombudsman Email: tietosuoja@om.fi

Telephone: 029 56 66700

The consequences for not providing personal data

If you do not provide your personal data, Svea Payments cannot make a contract with you concerning payment services.

Changes in this Privacy Policy

Svea Payments retains the right to make changes in this Privacy Policy whenever by informing of it on it’s homepage. We suggest that you keep updated by checking the Privacy Policy on a regular basis. The updated version can always be found at Svea Payments’ website.

This Privacy Policy has been updated on 24.7.2019.