Svea Payments’ customers
Svea Payments’ customers
- Controller and contact information
- Legal basis for processing data
- Data content
- Data sources
- Recipients and categories of recipients
- Regular transfers of data
- Time frame for retaining personal data
- The data subject’s rights
- The right to make a complaint to the authorities
- The concequences for not providing personal data
Svea Payments is a data controller in this context.
Controller and contact information
Svea Payments, Business identification code: 2121703-0
Address: Mechelininkatu 1 A, 00180 Helsinki, Finland
Contact person: Svea Payments
Telephone number: (09) 321 3300
Legal basis for processing data
It is necessary for Svea Paymentsto process personal data when conducting measures according to the payment service contract where you are one of the parties, or representing one of the parties, or when Svea Payments is conducting measures, up on your request, that are required before signing a contract.
Your personal data is also processed because of activities concerning customer relationship development. The legal basis for the process is compliance with a legal obligation.
In some cases, like when it comes to electronic marketing communication, the legal basis is consent or compliance with a legal obligation. You have the right to take back your consent at any time.
According to the above presented, we will process your personal data for the following means:
- Putting the contract into practice
- Communication (email) (service news, service break news, and other news concerning your service)
- Carrying out the service
- Developing the customer relationship
Processing your personal data is also necessary so that Svea Payments can comply with legal obligations. Our legal obligations consist of i.e.
- Customer knowledge (Know-Your- Customer)
- Noticing, preventing, stopping and investigating money laundry, terrorism-funding and fraud
- Reporting to the authorities
- Obligations concerning risk control as checking credit reports
- obligations and requirements concerning payment services
We collect such basic personal data from you that we need from our customers. This type of information is your position in the customer company, if you are a board member in the customer company and if you are a true beneficiary according to how it is more specifically defined and regulated in the prevention of money laundering and terrorist financing law (444/2017).
As an addition to the information you have provided, we collect public information about you from the following outside sources: authority registers i.e. company registers, credit-registers, sanction lists from international organizations such as the EU and UN and other commercial informants, that provide information about true beneficiaries and politically exposed persons (PEP).
Recipients and categories of recipients
Information entered in the register may be disclosed to the extent permitted and required by applicable law, including at the request of an authority or by decision of a court. Svea Payments Oy is part of Svea Ekonomi Group and information may be disclosed to affiliated companies for the purpose of conducting, targeting and monitoring marketing communications including electronic direct marketing, distance selling or other direct marketing as well as opinion polls and market research or other similar addressable delivery and marketing competitions without disclosing your personal information to third parties. Electronic direct marketing will not be targeted at consumer customers without explicit consent.
Before Svea Payments transfers your personal data, Svea Payments controls that the recipient is willing to process your personal data according to Svea Payments’ written instructions and according to the general data protection regulation ((EU) 2016/679) and other obligations that are required according to possibly applied law.
Your personal data is transferred to the following parties: Salesforce Inc., HubSpot Inc., Mailjet SAS, Zendesk and Signicat As. Svea Payments uses services provided by these three parties.
Regular transfers of data
If you function as a contact person for the customer company, your personal data is transferred outside of the European Union (EU) and the European Economic Area (EU), when the HubSpot- service is used. The service provider, HubSpot Inc.’s database is located in the United States in the East 1- Virginia- area. HubSpot Inc- is compliant to the EU- US- Privacy Shield- framework.
Except for the above mentioned, your personal data is not transferred outside of the European Union (EU) and European Economic Area (EEA).
Otherwise: Your personal data can be transferred to Svea Payments’ marketing register after your and Svea Payments’ customer relationship, or when other relevant contact has ended.
Time frame for retaining personal data
We will retain your personal data after the customer relationship has ended for as long as it is needed to guard our rights or for as long as the applicable law and regulations so us obligate.
The personal data is retained at least for such a long time as the prevention of money laundering and terrorist financing law (444/2017) requires.
The data subject’s rights
You have the following rights concerning your personal data:
- The right to be informed and to access
You have the right to get confirmation about whether your personal data is processed or not, as well as getting access to your personal data. The request to access your data must be sent to: email@example.com or by mail to Mechelininkatu 1 A, 00180, Helsinki, Finland.
If the registered makes a request online, and has not requested any other form of delivery, she will get her information by generally used and data-safe electronical means. A sum for the costs that arise from delivering the information can be requested from the registered. If Svea Payments cannot verify your identity, Svea Payments has the right to request more detailed information so that the identity is verified.
- The right of rectification
You have the right to claim Svea Payments to correct or update data that is inaccurate for the means of processing. In some cases, like if you take back your consent and your personal data is processed based on that consent, or your personal data has been processed illegally or the means for processing your personal data no longer exist, you have the right to ask Svea Payments to remove your personal data. The request for correction or removal must be sent to firstname.lastname@example.org or by mail to Mechelininkatu 1 A, 00180, Helsinki, Finland.
- The right to restrict processing
In some cases, as if your personal data is not correct, the processing is illegal or when Svea Payments no longer needs certain data for the means of the processing but you yourself need the data for the establishment, exercise or defense of legal claims, you have the right to claim that Svea Payments restricts
the processing of your personal data. The claim for restricting your personal data has to be sent to: email@example.com or by mail to Mechelininkatu 1 A, 00180, Helsinki, Finland.
- The right to restrict processing
You have the right to restrict Svea Payments from processing your personal data when it comes to means such as: marketing, sales or research concerning marketing and opinions. You have the right to back your given consent to marketing at any time. The request to restrict the processing of your personal data has to be sent to: firstname.lastname@example.org or by mail to Mechelininkatu 1 A, 00180, Helsinki, Finland.
- The right to data portability
You have the right to collect personal data that you have provided to Svea Payments in a generally used, electronical form and you have the right to move this information to another data controller without Svea Payments stopping you. The request for data portability has to be sent to email@example.com or by mail to Mechelininkatu 1 A, 00180, Helsinki, Finland.
The right to make a complaint to the authorities
Svea Payments aims to right everything concerning your personal data straight with you, but if you for some reason are not happy with the way Svea Payments processes your personal data you have the right to make a complaint to the Data Protection Ombudsman.
Data Protection Ombudsman Email: firstname.lastname@example.org
Telephone: 029 56 66700
The consequences for not providing personal data
If you do not provide your personal data, Svea Payments cannot make a contract with you concerning payment services.