Privacy statement for customer and counterparty data

Updated 21.4.2021

1. Controller

Municipality Finance Group (Municipalitys Finance Plc and Financial Advisory Services Inspira Oy) (“MuniFin”
Business ID 1701683-4
Jaakonkatu 3 A
P.O. Box 744
00101 Helsinki, Finland
Tel. +358 9 6803 5666
www.munifin.fi

2. Contact person for matters related to the register

Sinikka Huitu
Municipality Finance Plc
Jaakonkatu 3 A
P.O. Box 744
00101 Helsinki, Finland
sinikka.huitu@munifin.fi
Tel. +358 9 6803 5666

3. Name of register

MuniFin’s customer and counterparty register

4. How will personal data be used?

The personal data in the register will be used in

  • sales and marketing efforts (including direct marketing)
  • the management and maintenance of customer and partner relationships (execution and verification of business transactions) and managing contractual obligations
  • the management of obligations based on legislation and official regulations (for example related to AML regulation)

5. What personal data may be collected?

The register contains data on the following:

  1. Contact persons of municipalities, municipal federations, and companies controlled by these that are lending and leasing customers of MuniFin, and of state-guaranteed housing production companies (including entities that are subscribers to MuniFin’s newsletter) 
  2. Investors that have subscribed to municipal bonds, and the subscriptions made
  3. Contact persons of banks and investment services companies that are counterparties in funding and investment activities
  4. Contact persons of other parties that are partners of MuniFin

The following data may be saved in the register:

  • Personal and contact details (name, personal ID, address, telephone number, email address, position, organisation represented, PEP classification)
  • Division into customer or partner target groups defined by MuniFin
  • Personal data (e.g. related to hobbies or diet) provided by persons and saved with their consent
  • Additional data saved by MuniFin (such as business gifts given, connections to other target groups, responsible person named by MuniFin, regular mailing data, e.g., newsletter, customer magazine)
  • Interest in certain MuniFin’s products or product groups
  • Concerning municipal bonds: personal ID, municipal bonds subscribed to, total amount of subscription, securities account number of the investor or person representing the investor
  • MuniFin’s service details

In addition to the above-mentioned data, the filing system contains data on the persons who visit MuniFin’s office. The following data may be saved on these persons:

  • Name
  • Organisation represented
  • Email address
  • Telephone number

6. What are the sources of personal data?

  • The data subject’s own submittal (by email, on the internet, by phone or other similar method)
  • Data collected by MuniFin (invitations to tender, agreements, customer/partner websites)
  • Filing systems maintained by authorities (e.g. trade register)
  • Suomen Asiakastieto

7. How long will personal data be stored?

MuniFin will store data essential to the creation and maintenance of the customer or partner relationship in the filing system until the storage is no longer justifiable.

8. Where can personal data be disclosed?

Data is regularly disclosed

  • to authorities in accordance with current legislation
  • to companies in the MuniFin group, within the limits of the law.

9. Can data be transferred outside the EU or the European Economic Area?

Personal data in the register will not be disclosed or transferred outside the European Union or the European Economic Area unless it is ensured that the data is subject to appropriate safeguards in accordance with data protection laws.

10. How will personal data be stored and protected?

Manual materials:

Manual materials will only be printed as needed and stored in locked facilities. The data is available only to authorised persons. Printouts are destroyed after use.

Digitally saved data:

Personal data contained in the register will be kept confidential. Use of the register is instructed in the controller’s organisation, and access to the personal data register is restricted so that the data contained in the filing system and stored in systems is accessible to and entitled for use only by those employees of the controller who are authorised to do so for their professional duties. The controller requires confidentiality and appropriate information security from all its IT service providers, as well as commitment to the principles of the regulation related to personal data.

11. Right of access and right to object as well as data rectification

The data subject has the right to check the personal data submitted by him/her, the right to request the rectification of inaccurate data, as well as otherwise rely on the rights granted to him/her in the regulation related to personal data. The requests must be submitted in writing and signed to the filing system’s contact person. If the data subject sees theat. The data subject has the right to notify the Finnish Data Protection Ombudsman if the subject suspects that the processing of personal data is in violation of data protection regulations.

12. The right to object the processing of personal data

If MuniFin processes data related to a data subject on the basis of the subject’s consent, the subject has the right to withdraw the consent. The withdrawal has no effect on the legality of the processing of the subject’s personal data during the time before the withdrawal. The withdrawal can affect for example to the usability of MuniFin’s services.