Nikula Legal Oy
Business ID: 0914055-2
Address: Hevosalmentie 18 D, 00870 Helsinki, Finland
Data Protection Officer
Anne Nikula Nikula Legal Oy
Telephone: +358 050 341 6562
Name of the Data File
Nikula Legal Ltd’s Client data file. Data subjects include Clients who have given an assignment to Nikula Legal.
Purposes of Personal Data Processing
Providing legal services requires processing of personal data. Upholding Client data file is necessary in order to prove that Nikula Legal Ltd complies the duties set by the Act on Accounting and Tax Law (e.g. tax audit).
Client personal data can be used for following purposes:
- Customer service, Asiakaspalvelu, customer relationship management and development, customer communications;
- Providing and developing services, quality assurance of services;
- Business development;
- Opinion polls and market surveys;
- Direct marketing, targeted marketing and advertising;
- Fulfilling statutory obligations and any other official rules and regulations
The Client has allways the right to check out how his personal data has been processed. Every assignment file include information how personal data has been handled and processed.
Legal Basis of Data Processing
Contractual relationship or actions preceding the conclusion of a contract: Legal assignment in the Client’s name
Consent: Direct marketing, advertising, communications, and other contacts are based on the Client’s consent. The Client can take back his consent at any time. Personal data is not unveiled to any one for marketing purposes or corresponding.
Statutory obligation: To ensure the accuracy of accounting. Regulations concerning disclosure of personal data are included in Tax Laws, the Act on Preventing and Detecting Money Laundering and Terrorist Financing etc.
Content of Category of Personal Data
Basic Information: Data subject’s name and personal identity code / business identity number. Data subject’s address, phone number, email.
Assignment: Type of the assignment given by the data subject to the law firm
Actions: Actions taken in dealing with an assignment
Communication: Recordings and messages in various formats in which the data subject is a part
Recipients of Personal Data
Information in the personal data file is being used only by Nikula Legal Ltd for the above mentioned purposes. The data is not disclosed to anyone else but to the authorities in cases where the mandatory legislation requires it.
Transfer of Data to Suppliers
The controller may use suppliers which process personal data for its account. The data will not be transferred outside of the European Union without the Client’s explicit consent.
Personal Data Retention Period
The controller keeps and processes personal data during the validity of the contractual relationship. Once the contractual relationship has terminated, the controller will erase the personal data after a 10-year-time-lapse counted from the beginning of the year following the year when the assignment did end.
Collecting the Personal Data
Personal data is being collected primarily form the Client himself. Personal data may also be collected from public registers.
Data Subject’s Rights
The data subject has the right to receive the controller’s confirmation of whether his personal data will be processed or not, or whether they have already been processed.
When the controller processed the data subject’s personal data, the data subject has the right to receive the information in this document and a copy of the personal data being processed or already processed.
The controller may charge a reasonable administrative fee for the paper documents requested by the data subject. If the data subject submits the request electronically, the data will be delivered in a commonly used electronic format.
The data subject also has the right to request the controller to rectify or erease his personal data and prohibit the processing of their personal data for direct marketing purposes.
The data subject has the right to cancel his consent for using his personal data.
Protection Method regarding the Data File
The controller has protected the data appropriately in the technical and organizational terms, for example by the following tools:
- Protection of equipment and files
- Access control and rights
- User identity verification
- Registration of usage events and actions (assignment files)
- Processing guidelines and supervision
- Protecting the electronic communications
The controller requires that its suppliers and other partners ensure appropriate protection of the personal data to be processed.