This privacy statement describes Taaleri’s practices in the collection and use of personal data from you and about you when you are our customer.
Taaleri Wealth Management Ltd acts as the controller.
Taaleri processes your personal data on several different basis so, when we talk about the customer or ‘you’ in this privacy statement, we mean not only customers but also our customers’ employees or, for example, agents or representatives, actual beneficiaries or the company’s responsible persons. Processing concerns, for example, the establishment of a customer relationship, its maintenance and development, and the implementation of assignments and asset management.
On what basis do we process your data?
Data processing is based on agreements made with you, for example on an asset management agreement.
With regard to direct electronic marketing, processing is based on your consent. Financial legislation requires from Taaleri a number of processing measures, which are not directly tied to the execution of the agreement but which Taaleri must carry out. The purposes of such measures include knowing the customer and comparison of sanction lists and warning lists. Legislation also requires customer categorisation by product target group, so that different products are offered only to the correct target groups. The processing criterion for these is legitimate interest.
How and for what purpose do we process your data?
In addition to agreement execution and customer relationship management, we also process your data on the basis of legal requirements. Such processing may concern, for example, bookkeeping regulations, reporting to tax authorities, enforcement authorities and supervisory authorities, taking care of obligations concerning service- or product-specific legislation (such as securities or funds), or risk management.
Personal data is also processed for marketing purposes, and for the development of Taaleri’s operations (processes, business and systems).
What data do we collect and why?
The statutory obligation to know about our customers requires us to collect their personal IDs and names and, in order to verify them, a document such as a copy of the passport, driving licence or other similar personal identification.
We must also have your contact details (telephone number, address and email address).
At the beginning of the customer relationship, financial information is collected and an investor profile and a suitability assessment made. The information is regularly updated.
We also collect data concerning statutory requirements (country of taxation or foreign tax register number, and the information concerning the customer due diligence obligations and the prevention of money laundering).
In addition, we collect information on the customer’s interests in order to carry out management of the customer relationship or, for example, information about special dietary requirements for invitational events.
Telephone calls, emails and chat discussions may also be recorded and saved in order to confirm assignments, or for the purposes of documentation, quality control and development.
Where do we collect data from?
We obtain most of the data directly from you or, for legally incompetent persons, from their trustee or guardian.
In addition to obtaining information from you or your trustee, we can also obtain it from external sources such as official bodies or commercial information sources. Such sources include the Population Register, company registers, registers of supervisory authorities, tax administration registers, sanction lists and credit information registers.
We can also obtain data through our online services. You can find out more about the privacy procedures in use online here.
How long do we keep your data?
After the end of the customer relationship, we delete the data which are not needed or which may not be kept by law. For the data that are kept, the times for storing it vary depending on legislation. For example, concerning the prevention of money laundering, terrorist funding and fraud, the storage time requirement is at least five years from the end of the business relationship or the payment of an individual transaction. Bookkeeping regulations may require storage for up to 10 years. Taaleri also has the right to store data, for example in case of disputes.
The assignment of data
The provision of Taaleri’s services and compliance with agreements require the assignment of your personal data to a third party.
We can assign or transfer your data in a situation where one of our partners is performing a task on behalf of Taaleri, which is in accordance with the purpose of collecting your data, or when we are using software maintained by another party. A written agreement has been concluded with all our partners in which the responsibility of the processor for processing your data is precisely specified, and in which the processing of your data is limited only to processing under the agreement.
Data is also assigned within the Taaleri Group and to external business partners (such as banks with whom we cooperate, other banks and providers of investment insurance) so that we can provide our services.
As a rule, we do not transfer or assign your data outside the EU/EEA area. If we do this under exceptional circumstances, we ensure by agreement that your data are protected at least to the level required by the EU’s General Data Protection Regulation.
We never sell your data to anyone.
Your rights and how to use them
Right to request the deletion of data
As a rule, because of financial sector legislation, in many cases we have an obligation to keep your personal data not only during the customer relationship but also after it, which is why we usually are unable to consent to your request for the deletion of data. You do, however, have the right to request the deletion of your data in the following cases:
- You refuse the processing of data for direct marketing purposes.
- The processing of the data is illegal.
When you no longer want our marketing
With your consent, we send various letters such as up-to-date information about the market, investment ideas and invitations to events. You always have the right to refuse the processing of your personal data for direct marketing purposes. When you wish to cancel your consent to such letters, you can be removed from the mailing list through a link in each letter. Alternatively, you can send a short message to the address email@example.com stating that you wish to be removed from our mailing list.
When you want to correct incorrect information about you
We do our best to keep your information up-to-date, but if you notice errors in it, contact us at firstname.lastname@example.org, and we will correct it.
When you want to know what data we have about you
When you want to know what information we have about you, send a short message to us at email@example.com and ask to see your data. We will respond to your request as quickly as possible, but no later than within 30 days.
When you want to transfer your data
You have the right to receive the personal data you have given us in machine-readable format. This right concerns personal data that are processed only automatically, and based on consent or on performance of a contract. We will deliver this data within 30 days of your request.
Complaint to the authorities
If you feel that your rights based on the Data Protection Regulation have been infringed by Taaleri, you are entitled to make a complaint on the matter to the office of the Data Protection Ombudsman.
Protection of your data
We value your privacy. Wealth management inseparably embodies a high level of data protection.
Taaleri protects your personal data by reasonable physical, technical and organisational measures in order to prevent the unauthorised use and processing of personal data, and its unauthorised or accidental loss, destruction or damage. Such measures include the following:
- your data are available only to employees in our Group who are entitled to them based on their jobs
- comprehensive data protection training for our personnel
- the technical protection of data, for example by firewalls
Amending the privacy statement
As our operations develop, our processing practice presented in this statement may be subject to new forms, and thereby privacy practices may change. We keep this statement up-to-date, so we urge you to read its content from time to time.
Contact information in case of privacy-related questions
Controller: Taaleri Wealth Management Ltd, Kasarmikatu 21 B, 00130 Helsinki, tel. +358 800 552 135, email firstname.lastname@example.org
Data Protection Officer Maarit Hannula, Taaleri Plc, Kasarmikatu 21 B, 00130 Helsinki, tel. +358 40 5384 101, email maarit.hannula (at) taaleri.com