This privacy statement describes Taaleri’s practices in the collection and use of personal data from you and about you when you are our customer.
Taaleri Wealth Management Ltd acts as the controller.
Taaleri processes your personal data on several different basis so, when we talk about the customer or ‘you’ in this privacy statement, we mean not only customers but also our customers’ employees or, for example, agents or representatives, actual beneficiaries or the company’s responsible persons. Processing concerns, for example, the establishment of a customer relationship, its maintenance and development, and the implementation of assignments and asset management.
Data processing is based on agreements made with you, for example on an asset management agreement.
With regard to direct electronic marketing, processing is based on your consent. Financial legislation requires from Taaleri a number of processing measures, which are not directly tied to the execution of the agreement but which Taaleri must carry out. The purposes of such measures include knowing the customer and comparison of sanction lists and warning lists. Legislation also requires customer categorisation by product target group, so that different products are offered only to the correct target groups. The processing criterion for these is legitimate interest.
In addition to agreement execution and customer relationship management, we also process your data on the basis of legal requirements. Such processing may concern, for example, bookkeeping regulations, reporting to tax authorities, enforcement authorities and supervisory authorities, taking care of obligations concerning service- or product-specific legislation (such as securities or funds), or risk management.
Personal data is also processed for marketing purposes, and for the development of Taaleri’s operations (processes, business and systems).
The statutory obligation to know about our customers requires us to collect their personal IDs and names and, in order to verify them, a document such as a copy of the passport, driving licence or other similar personal identification.
We must also have your contact details (telephone number, address and email address).
At the beginning of the customer relationship, financial information is collected and an investor profile and a suitability assessment made. The information is regularly updated.
We also collect data concerning statutory requirements (country of taxation or foreign tax register number, and the information concerning the customer due diligence obligations and the prevention of money laundering).
In addition, we collect information on the customer’s interests in order to carry out management of the customer relationship or, for example, information about special dietary requirements for invitational events.
Telephone calls, emails and chat discussions may also be recorded and saved in order to confirm assignments, or for the purposes of documentation, quality control and development.
We obtain most of the data directly from you or, for legally incompetent persons, from their trustee or guardian.
In addition to obtaining information from you or your trustee, we can also obtain it from external sources such as official bodies or commercial information sources. Such sources include the Population Register, company registers, registers of supervisory authorities, tax administration registers, sanction lists and credit information registers.
We can also obtain data through our online services. You can find out more about the privacy procedures in use online here.
After the end of the customer relationship, we delete the data which are not needed or which may not be kept by law. For the data that are kept, the times for storing it vary depending on legislation. For example, concerning the prevention of money laundering, terrorist funding and fraud, the storage time requirement is at least five years from the end of the business relationship or the payment of an individual transaction. Bookkeeping regulations may require storage for up to 10 years. Taaleri also has the right to store data, for example in case of disputes.
The provision of Taaleri’s services and compliance with agreements require the assignment of your personal data to a third party.
We can assign or transfer your data in a situation where one of our partners is performing a task on behalf of Taaleri, which is in accordance with the purpose of collecting your data, or when we are using software maintained by another party. A written agreement has been concluded with all our partners in which the responsibility of the processor for processing your data is precisely specified, and in which the processing of your data is limited only to processing under the agreement.
Data is also assigned within the Taaleri Group and to external business partners (such as banks with whom we cooperate, other banks and providers of investment insurance) so that we can provide our services.
As a rule, we do not transfer or assign your data outside the EU/EEA area. If we do this under exceptional circumstances, we ensure by agreement that your data are protected at least to the level required by the EU’s General Data Protection Regulation.
We never sell your data to anyone.
As a rule, because of financial sector legislation, in many cases we have an obligation to keep your personal data not only during the customer relationship but also after it, which is why we usually are unable to consent to your request for the deletion of data. You do, however, have the right to request the deletion of your data in the following cases:
With your consent, we send various letters such as up-to-date information about the market, investment ideas and invitations to events. You always have the right to refuse the processing of your personal data for direct marketing purposes. When you wish to cancel your consent to such letters, you can be removed from the mailing list through a link in each letter. Alternatively, you can send a short message to the address email@example.com stating that you wish to be removed from our mailing list.
We do our best to keep your information up-to-date, but if you notice errors in it, contact us at firstname.lastname@example.org, and we will correct it.
When you want to know what information we have about you, send a short message to us at email@example.com and ask to see your data. We will respond to your request as quickly as possible, but no later than within 30 days.
You have the right to receive the personal data you have given us in machine-readable format. This right concerns personal data that are processed only automatically, and based on consent or on performance of a contract. We will deliver this data within 30 days of your request.
If you feel that your rights based on the Data Protection Regulation have been infringed by Taaleri, you are entitled to make a complaint on the matter to the office of the Data Protection Ombudsman.
We value your privacy. Wealth management inseparably embodies a high level of data protection.
Taaleri protects your personal data by reasonable physical, technical and organisational measures in order to prevent the unauthorised use and processing of personal data, and its unauthorised or accidental loss, destruction or damage. Such measures include the following:
As our operations develop, our processing practice presented in this statement may be subject to new forms, and thereby privacy practices may change. We keep this statement up-to-date, so we urge you to read its content from time to time.
Controller: Taaleri Wealth Management Ltd, Kasarmikatu 21 B, 00130 Helsinki, tel. +358 800 552 135, email firstname.lastname@example.org
Data Protection Officer Maarit Hannula, Taaleri Plc, Kasarmikatu 21 B, 00130 Helsinki, tel. +358 40 5384 101, email maarit.hannula (at) taaleri.com