Privacy notice

Share this

Dittmar & Indrenius > Privacy notice

Controller

Dittmar & Indrenius Asianajotoimisto Oy / Dittmar & Indrenius Attorneys Ltd. (“Dittmar & Indrenius”)
Pohjoisesplanadi 25 A, 00100 Helsinki, Finland
Telephone number during business hours: +358 9 681 700
E-mail: [email protected]

Contact person in the matter

Uura Voigt, Finance and Administration Manager
Pohjoisesplanadi 25 A, 00100 Helsinki, Finland
Telephone number during business hours: +358 9 681 700
E-mail: [email protected]

What is the purpose of processing personal data?

Dittmar & Indrenius processes personal data on our clients, potential clients and interest groups related to us in order to provide, promote, and develop our legal services, and to maintain other business relationships with individuals close to us.

In practice, this means we process personal data on you mainly in order to manage and develop our client relationship with you. In addition, we use personal data to actively communicating with our existing and prospective clients.

Personal data is also processed for planning and carrying out our business operations, and, to the extent possible, for maintaining and further developing our business as well as creating added value in it.

Dittmar & Indrenius has a legitimate interest to process personal data on you for the reasons described above. This interest arises from the relationship we have with you. Our connection with you can stem especially from your tasks or position in a company related to us, or from your public position. However, as an attorneys-at-law firm, we are also subject to a vast amount of laws which govern how we must collect, process and retain data related to our business. Due to these obligations, we also collect and maintain personal data in order to fulfil these statutory obligations.

What personal data do we collect?

We only process personal data if such data is necessary in order to carry out the purposes detailed above. As a result, the information we have on individuals varies from person to person, and depends on our relationship with you. In order for you to gain an understanding of what types of information we may have on you, we have included a list of possible data categories below.

Company and contact information

We process individualisation, identification and contact information on individuals. This information is typically related to you as a representative of the organisation you work for or otherwise represent, and may include, for example:

  • Individualisation and identification information (e.g. name);
  • Client organisation contact information (e.g. company name, address, telephone number);
  • Other relevant information (e.g. website URL, the name of the person/contact, title, telephone number, e-mail and the primary address, if different from the company address).

In addition, other information necessary for the management of our relationship with you may also be stored, for instance:

  • Date of birth of the contact person; and
  • Information about a legal specialty, hobby or some other specific area of interest.

Client information

We process information related to the client or prospective client relationship. This information is typically related to us providing services to you, and may include, for example:

  • Services ordered by the client;
  • Services provided to the client;
  • Service delivery and billing information;
  • Meeting information; and
  • Information on other material or communications related to the client or prospective client relationship.

Information about marketing and communication methods

We process information on marketing and communication methods, actions and content. This information is typically related to us providing marketing and other communications to you, and may include, for example:

  • Information on event invitations, newsletters and other promotion communications sent to you;
  • Event participation information; and
  • Information related to arranging and participating in meetings with you.

What are the regular sources of information?

Personal data is mainly collected either directly from you or during the course of Dittmar & Indrenius’ business activities. The information can also be obtained from public websites. In addition, we may use other sources to collect information related to your tasks or position in an organisation or information on your public position.

Some of the personal data we use may also be derived from the data we have. We may, for example, combine, supplement and analyse data we have in order to create new data. Some of the data we use for such actions can be collected from, for example, trade registers, corporate websites and other similar public sources.

Who processes the personal data and is the data disclosed to third parties?

As a main rule, we do not disclose personal data to third parties without your consent. Despite this, we may be required to disclose data on you to third parties in individual situations. We may have, for example, the obligation to disclose personal data to authorities if such disclosure is mandatory under applicable laws.

Despite the above, we may outsource the processing of personal data to third party service providers. In such case we ensure through contractual measures that your personal data is processed and protected appropriately and in compliance with applicable laws and this Privacy Notice.

Is the data transferred outside the European Union or European Economic Area?

As a main rule, your personal data is not transferred to countries outside the European Union or European Economic Area.

How is the data kept secure?

Dittmar & Indrenius abides by good data management practices, a high duty of care and strict data security measures to protect your personal data.

Dittmar & Indrenius and any service providers involved in the processing of personal data take appropriate technical and organisational measures to protect personal data against unauthorised access and accidental or unlawful destruction, alteration, disclosure, transfer or all other unlawful forms of processing.

The right of access to personal data is limited so that access rights are provided only to persons who require access in order to be able to perform their duties.

How long will the personal data be stored?

Personal data are retained only for as long as is necessary for the purposes for which the personal data are processed. As a general rule, contact persons’ personal data is stored for the duration of the employment or service relationship with the client organisation as well as for a period of one year from the date of last contact.

The data is systematically and regularly updated and data type specific retention periods are re-evaluated in regular intervals. During the evaluation, all outdated, unused and obsolete data is deleted.

The data retention period can vary by data category and Dittmar & Indrenius may have a statutory obligation to retain certain data for a specific time period. Due to this, the exact time periods and procedures for data destruction vary by data category.

What are your rights as a data subject and how can you use these rights?

As a data subject, you have the right to access the personal data on you and request the rectification of any erroneous or obsolete data.

In certain situations, you also have the right to have your personal data removed, or request that the data be transferred to another controller. However, please note that in the majority of situations, we need personal data on you in order to provide legal services to you. Due to this, we are often not allowed to delete personal data on our client relationship, nor are we able to provide services to you without such data.

Dittmar & Indrenius may send you electronic direct marketing related to your tasks, if you have not declined such messages. If you do not wish to receive such messages any longer, you can at any time cancel our electronic direct marketing to you by opting-out.

Dittmar & Indrenius always aims to resolve any disputes directly with you. However, you have the right to request data protection authorities to review any issue relating to our processing or your personal data.

We are happy to answer any questions concerning the processing of your personal data. For more information, please contact Uura Voigt, [email protected]

Changes to this Privacy notice

This Privacy notice was last updated on 24 May 2018.

We may update the Privacy notice due to changes in our data processing or applicable legislation. An updated Privacy notice is available on our website.

Share this

Dittmar & Indrenius