Data Protection Notice

1 GENERAL

The purpose of this notice is to provide privacy information required by the EU General Data Protection Regulation (GDPR) to both the data subject, i.e., the data controllers’ client, and to the supervisory authority. The registers are the companies’ client registers, and they cover the clients and prospective clients of the data controllers.

2 DATA CONTROLLERS AND CONTACT DETAILS

Name and business ID:

Meklaritalo Oy, 2282436-9, ”data controller”

ITM Brokers Oy, 1870131-5, ”data controller”

Address: Kuninkaankatu 22 B, 5. krs, 70100 KUOPIO

E-mail: toimisto (at) meklaritalo.fi

3 PURPOSE OF AND LEGAL BASIS FOR PROCESSING PERSONAL DATA

The purpose of and the applicable legal basis for the
use of personal data are as follows:

Providing and developing insurance broking services
and related consultancy and advisory services based on agreements with
corporate and public entity clients.

Fulfillment of statutory obligations and legal requirements (such as identification of the client and the prevention of money laundering and terrorist financing), including compliance with the regulations and instructions of the supervising authorities (Financial Supervisory Authority).

We are lawfully registered by the Financial Supervisory Authority who regulates and supervises our activities. Insurance brokerage is subject to special legislation that controls the operations of registered insurance brokers, including strict obligation of confidentiality as regards personal data and other client-specific information

4 CATEGORIES AND CONTENTS OF PERSONAL DATA

Regarding our corporate and
public entity clients, our client registers may contain statutory information
required to identify the clients and their status; ID numbers, names,
addresses, financial data, insurance contracts, resumes of insurances,
insurance solutions, quotations, proposals, service contracts as well as
invoicing and payment data of our clients.

As regards persons employed or represented by our
client entities, the client registers may contain:

  • names, ID numbers,
    titles
  • addresses, telephone
    numbers and e-mail addresses
  • information on
    employment and remuneration history
  • limited health
    status data.

5 SOURCES OF PERSONAL DATA

Personal data may be
obtained from our contractual corporate and public entity clients, the subject
individuals themselves, insurance companies, cookies, and publicly available
sources.

6 RECIPIENTS AND GROUPS OF RECIPIENTS OF PERSONAL DATA

Personal data may be disclosed, i.a., to insurance companies, pension institutions, social insurance institutions, health care providers, client entities, and the subject individual for the fulfillment of our contractual obligations as well as to competent authorities under statutory circumstances.

7 TRANSFERRING PERSONAL DATA

Personal data processed by us or by our subcontractors is not transferred outside the EU or the EEA.

8 PROTECTION OF THE REGISTER

The protection of the means and equipment for storing data
and documents is appropriately maintained, and the documents are stored in a
secured space. The access control at the data controllers’ premises has been
appropriately arranged.

The right to access
the data and documentation (whether in electronic or written form) is controlled
by each responsible broker who will only allow access for other employees of
the controllers who are under obligation of confidentiality.

9 DATA RETENTION

Data will only be saved as long as our contractual
obligations to the client or our statutory obligations so require. Unnecessary
and outdated data will be erased, also at other times when deemed necessary or
required by law or statutory regulations.

10 RIGHTS OF THE DATA SUBJECT

Each individual data subject has the right to receive confirmation from the data controllers as to whether personal data concerning the data subject is being processed, or whether personal data has been processed. The data subject is entitled to receive a copy of the processed personal data and the personal data undergoing processing.

The data subject also has the right to request the
rectification, erasure or processing restriction of their personal data collected
by the controllers and the right to prohibit the processing of personal data
for direct marketing purposes.

Where processing of personal data of the data subject is based on consent, the data subject shall have the right to withdraw their consent. However, a withdrawal of consent may detrimentally affect the usability and functionality of the service in question. The withdrawal of consent shall not affect the right and lawfulness of processing based on consent prior to its withdrawal.

All requests mentioned here shall be provided to the
data controllers.

In case the data subject finds the processing of their
personal data unlawful, they have the right to lodge a complaint with the
competent supervisory authority.

Helsinki

Meklaritalo
ITM Brokers Oy
Töölönkatu 4
00100 HELSINKI
Puh. 040 143 1724
Yhteystiedot

Joensuu

Meklaritalo Oy
Puh. 044 237 1226
Yhteystiedot

Jyväskylä

Meklaritalo Oy
Tikkutehtaantie 2 link_icon
40800 VAAJAKOSKI
Puh. 050 401 0116
Yhteystiedot

Kuopio

Meklaritalo Oy
ITM Brokers Oy
Kuninkaankatu 22 B, 5. krs link_icon
70100 KUOPIO
Puh. 040 485 1987
Yhteystiedot

Lahti

Meklaritalo
ITM Brokers Oy
Puh. 040 152 9399
Yhteystiedot

Mikkeli

Meklaritalo Oy
Porrassalmenkatu 29, 6. krs link_icon
50100 MIKKELI
Puh. 040 485 1986
Yhteystiedot

Porvoo

Meklaritalo
ITM Brokers Oy
Runeberginkatu 36
06100 PORVOO
Puh. 040 143 1724
Yhteystiedot

© Meklaritalo Oy
Design: Haaja