Kiinko Privacy Statement

At Kiinko, we are committed to protecting the privacy of our customers. This statement describes the most essential aspects of privacy and data protection.

We process personal data in compliance with EU and Finnish legislation as well as other regulations and instructions issued by the authorities. Our data protection practices are guided by Kiinko’s data protection policy, the implementation of which is developed and supervised by Kiinko’s data protection organisation.

Contact details for matters concerning data protection and personal data files

Please contact us if you have any questions concerning data protection.

Kiinko, Malmin asematie 6, 00700 Helsinki, Finland
Telephone: +358 (0)9 3509 290

Descriptions of data files

Kiinko maintains personal data files for various purposes. For each data file, the description of the data file includes the purpose of—and basis for—the processing of personal data, the data file’s content, the storage period of personal data, regular sources of data and the disclosure of data.
The descriptions of data files can be accessed via the links below:

Description of the principles governing the protection of data files

Any manually handled material is stored in a locked room that can only be accessed by specifically authorised persons. Our employees have been trained to take data protection into consideration in performing their duties.

Access to digital materials is restricted and requires the personal user ID and password of the authorised employee or partner. There are different levels of access rights and each user is granted access rights that are sufficient for the performance of their duties while being as limited as possible. Information systems are protected by firewalls and other up-to-date technical data security measures. The data contained in the information systems is backed up regularly.

The rights of the data subject

Pursuant to the EU General Data Protection Regulation, the subjects of our personal data files have specific rights.

  1. The data subject’s right to access the data (inspection right)

    The data subject has the right to inspect which data concerning the data subject has been recorded in the data file. The inspection right may be denied on grounds specified in the legislation. As a rule, exercising the inspection right is free of charge.

  2. The data subject’s right to demand the rectification or erasure of data or the restriction of its processing

    The data subject has the right to obtain the rectification of data concerning him or her. The data subject is also entitled to demand that the controller of the data file restrict the processing of his or her personal data, for example, while the data subject is waiting for a response to a request concerning the rectification or erasure of his or her data.

  3. The data subject’s right to data portability

    To the extent that the data subject has provided data to the customer data file to be processed based on the data subject’s consent or assignment, the data subject has the right to obtain such data for their personal use, primarily in machine-readable format, as well as to transfer the data to another data controller.

  4. The data subject’s right to lodge a complaint with the supervisory authority

    The data subject has the right to lodge a complaint with the competent supervisory authority if the data controller has not observed the applicable laws and regulations governing data protection.

  5. Other rights

    If personal data is processed based on the data subject’s consent, the data subject has the right to withdraw their consent by notifying us.