Data Controller
CAPEX Advisors Oy (Business ID: 2912448-8) (hereinafter referred to as “CAPEX Advisors” or the “Data Controller”)
Visiting Address: Arkadiankatu 23 C, Helsinki 00100
Email: info@capexadvisors.fi
Registers Covered by This Privacy Policy
CAPEX Advisors’ customer, supplier, marketing, and job applicant registers
Person Responsible for Register Matters
Name: Jon Forssell
Phone: +358 50 435 4337
Email: info@capexadvisors.fi
Purpose and Legal Basis for Processing Personal Data
Personal data is processed for the following purposes:
The primary legal basis for processing personal data in customer, marketing, and supplier registers is the Data Controller’s customer relationship, potential customer relationship, or other connection with the company or other entity the data subject is employed by, and the Data Controller’s legitimate interest in managing the customer or supplier relationship and targeting marketing. In the case of the job applicant register, the legal basis for processing is the job application submitted by the data subject and the Data Controller’s legitimate interest in processing it. In the case of contractual relationships, personal data processing may also be based on the Data Controller’s statutory obligations. The Data Controller may send direct marketing targeted at the company or other entity to the data subject based on their job title or position unless the data subject has objected.
Data Included in the Register
CAPEX Advisors’ personal data registers contain information about the following individuals:
The following data is processed for each purpose, as necessary:
Sources of Data for the Register
Personal data is primarily obtained from the following sources:
Disclosure and Transfer of Data
Data collected in the registers is not disclosed outside CAPEX Advisors for marketing, sales, opinion, market research, or other purposes. However, data may be transferred to the Data Controller’s partners or service providers in connection with an event organized with a partner or marketing a service offered solely or jointly with a partner, in which case the partner or service provider may process the data only for the agreed purpose. In the event of a business transaction or other corporate restructuring involving the Data Controller, data collected in the register may be transferred to the corresponding register of the party involved in the business transaction. Personal data may also be disclosed to authorities in Finland in accordance with Finnish laws upon request. The register is stored and located in a manner that prevents unauthorized parties from accessing the data. Data is not transferred outside the EU/EEA.
Security and Data Protection of the Register
The Data Controller ensures the security of the register in an accepted manner and takes appropriate technical measures to prevent unauthorized access to both the data systems maintained by IT and manually maintained and stored records.
CAPEX Advisors’ personal data registers are only processed by those authorized to do so in the course of their duties. Only designated employees of the Data Controller and companies working on behalf of the Data Controller are granted access to the register’s data.
Recipients of Personal Data in the Customer Register:
Access to the register’s data maintained by IT requires a personal user ID and password. Those handling the data have the necessary access rights granted by the Data Controller. Data is stored on a secure server located in the EU/EEA. Agreements with service providers handling the data ensure compliance with the EU Data Protection Regulation and other applicable laws.
Personal data is stored only for as long as necessary to fulfill the purposes defined in this privacy policy. Outdated and unnecessary data is securely destroyed. Due to accounting law or other applicable law, regulation, or authority directive, data may need to be retained longer than what is necessary for the purposes defined in this privacy policy.
Rights of the Data Subject
The data subject has the following rights, which may apply depending on the situation:
Exercising Rights
The data subject can exercise their rights by contacting the Data Controller using the contact details provided in the “Further Information” section. We strive to respond in a reasonable time and provide further instructions or ask additional questions regarding the request.
Before fulfilling the request, we have the right and obligation to verify your identity, meaning we must be able to identify you sufficiently.
If the same person makes repeated unjustified requests, the Data Controller has the right to either charge a reasonable fee based on administrative costs or refuse to carry out the requested action.
Further Information
For questions related to the register, you can contact the Data Controller through the contact form on the website www.capexadvisors.fi or directly by email at info@capexadvisors.fi.
This privacy policy was last updated on 10.12.2019.
To ensure security and prevent misuse, the Data Controller uses Google’s reCAPTCHA cookie, the privacy policy of which can be reviewed here and here.