At Waselius & Wist, we value and respect your privacy and the security of your personal data. This policy describes what personal information we collect from you, how we collect and store that information and what we do with your personal information.
Which information is collected?
Whenever you contact us, for example via e-mail, telephone or letter, meet with one of us or engage our legal or other services, you may choose to give us certain personal information (such as your name, address, telephone number, e-mail address, the name of your employer and other information that you believe could be relevant).
We may have received your personal information also as a result of your relationship with one or more of our clients.
Whenever you visit our web page, our server will record your IP address together with the date, time and duration of your visit. An IP address is an assigned number, similar to a telephone number, which allows your computer to communicate over the Internet. It enables us to identify which organisations have visited our website.
How we use your information?
We use the personal information we have received from you to carry out the following tasks:
- to provide products and services requested by you or your employer;
- to process and respond to requests, enquiries or complaints received by you or your employer;
- to identify products and services you may be interested in;
- to communicate with you about our products and services;
- to monitor and analyze our business;
- to form a view of you as an individual and to identify, develop or improve our services and/or products that may be of interest to you and to carry out market research; and
- if you agree, to invite you to events, to send you our newsletter and to send you other direct marketing material. You can find more details on how we use your contacts for marketing purposes here.
The use of personal data is based on our legitimate interest in providing services to our clients and keeping in touch with various stakeholders.
If you have responded to a job advertisement or submitted your application through our website, your personal data will only be used to process the application. You can find more details on how we use your information in such context here.
We will use the personal information received from or through our clients only to provide our clients with the products and services requested by them as well as to fulfill our statutory duties in relation to anti-money laundering and knowing our clients procedures. In addition, we collect personal data that is needed to fulfill our obligations under the Rules of the Finnish Bar Association in relation to conflicts of interest procedures. This use of personal data is based on our statutory duties as well as our legitimate interest in providing services to our clients.
We use the personal information from your IP address, operating system and web browser to compile statistical data on the use of our website to track how users navigate through our site in order to enable us to evaluate and improve our site.
How and why we share your information?
We will not disclose your personal information to any other third parties without your prior consent unless we are legally compelled to do so or it is necessary in order to provide the requested services and information to you or the client who provided us with your personal information. However, we have taken steps to ensure that all entities to which we transfer the personal data keep your personal information confidential and secure and only use it for the purposes that we have specified and have informed you of.
We primarily process personal data on servers within the EU/EEA. However, in some cases, the parties who we use to process personal data on our behalf are based outside the EEA, therefore their processing of your personal data will involve a transfer of such data outside the EEA. Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring that your personal data is only transferred to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission, the transfer takes place under specific contracts approved by the European Commission which gives personal data the same protection it has within the EEA or the recipient is based in the US and certified under the EU-US Privacy Shield which requires certified providers to have in place and maintain a similar level of protection to the personal data as if it was processed within the EEA.
How long do we retain your personal information?
Any personal information received from you for networking purposes will be retained as long as we maintain contact with you.
We are legally obliged to retain any personal information that is part of a case file at least for a period of 10 years after our relationship with the client has expired.
How do we protect your personal information?
We take the necessary administrative, technical and organizational measures to ensure the security and confidentiality of your personal data and we protect your personal data against accidental loss, misuse, unauthorized access, disclosure, alteration and accidental or unauthorised destruction. All our employees and any third parties we engage to process your personal information are obliged to respect the confidentiality of your information.
Access to your information and correction
You have the right to request a copy of the personal information that we hold about you. Please e-mail us at email@example.com or write to us at the below address to request a copy of some or all of your personal information. Please also attach a copy of your identity card or passport, so we can check that requested changes are properly authorised.
Asianajotoimisto Waselius & Wist
Eteläesplanadi 24 A
You are entitled to object to certain processing of personal data, including for example processing of your personal data for marketing purposes or when we otherwise base our processing of you on a legitimate interest.
We want to make sure that your personal information is accurate and up to date. You may ask us to correct or remove information you think is inaccurate. You may also request that your personal data is erased if e.g. the personal data is no longer necessary for the purposes for which it was collected, the processing is unlawful, or the personal data has to be erased to enable us to comply with a legal requirement.
In cases where we are processing your personal data based on your consent, you have the right to withdraw your consent to such processing at any time.
If you no longer wish to receive direct marketing or promotional e-mails (newsletters, publications, invitations to our seminars, etc.) from us, you can unsubscribe at any moment, free of charge, by sending an e-mail to firstname.lastname@example.org.
Note that there may be situations where our confidentiality and other obligations under applicable legislation and the respective Bar Rules may prohibit us from disclosing or deleting your personal data or otherwise prevent you from exercising your rights, if the personal data relates to our client work.
If you are not satisfied with our response or if you believe that we are not processing your personal data in accordance with the law, you can lodge a complaint to the Office of the Data Protection Ombudsman (email@example.com).