Privacy Statement

The privacy statement of AKG Attorneys-At-Law – how do we process your personal data

1. Who are we and what is this page

This privacy statement (hereinafter referred to as ”statement”) provides information about the privacy policies of AKG (hereinafter referred to as ”we”).

Your privacy is important to us and we are obligated to tell you how we gather, process and if necessary, disclose your personal data in our customer relationships, collaborations, assignments, and on our website (akg.fi).

In connection with the application of the General Data Protection Regulation (hereinafter referred to as “GDPR”) this privacy statement shall replace our previous privacy policies. In accordance with the GDPR we want to inform the users of our website and our current/prospect customers (hereinafter together referred to as ”customers”) and collaborators about how we gather and process personal data in a manner which is clearly distinguishable from the other matters, in an intelligible and easily accessible form, using clear and plain language.

If you need additional information regarding our privacy statement, please do not hesitate to contact us.

2. Data protection contact person

Any questions regarding this privacy statement may be addressed to our data protection contact person attorney Lauri Mäki.

3. Our registers

We process your personal data for different purposes and thus partly in different registers.

4. What personal data do we gather and process

Primarily, we gather and process personal data which:

– you give us, when you in any way contact us;

– we have obtained from elsewhere at your request, with your consent or otherwise for you;

– we have received within the framework of current legislation from public sources, such as judiciary, trade register, tax authority or the business information system (YTJ), for our purpose; and which

– is generated on our website during your visit.

You are not obligated to give us your personal data but without it we might not be able to provide our services for you.

We process, for example, the following personal data:

– basic information, such as name, contact information and language of affairs;

– information necessary to fulfill our statutory and collaboration related obligations;

– assignment-related information; and

– information gathered through the use of our websites (such as logs and cookies).

We may also process other personal data on a case-by-case basis.

5. Our purposes and legal basis for processing of personal data

We only gather and process personal data that is necessary for our operations and providing services for you or your organization.

Our purposes and legal basis for processing of personal data are:

– managing of our customer relationships, assignments and collaborations: we process personal data primarily for this purpose in which case the processing is based on the contract between us (contract);

– recruitment and marketing: Our processing of personal data is based on our interest in providing information about us and our services to you, as well as assessing our potential for collaboration (legitimate interest), you have the right at any time to object the processing of your personal data for direct marketing;

– development and reporting of our service: we may process personal data to ensure the quality of our services (including our website; legitimate interest);

– compliance with the legal obligations: we process your personal data to meet our statutory obligations regarding, for example, accounting or fulfilling binding legal obligations concerning law firms, including filing (legal obligations); and

– other purposes: we may also process your personal data for other purposes if you have given your consent for such processing (consent).

In order to fulfill your assignment, we may also have to deal with your sensitive data. Our sensitive personal data processing can then be legitimate, for example, to create, present and defend legal claims.

We will not use your personal data to generate automatic functions (including profiling).

6. To whom do we disclose information about you?

We may disclose personal data to other parties:

– to the extent required by the assignment to the judiciary or to any other relevant authority and, for example, insurance companies;

– when our affiliates (such as accountant and IT-support) process personal information by our instructions and on our behalf (we will bind all such affiliates to similar kind of privacy practices); and additionally

– when we consider that disclosure is necessary, for example, to enforce our rights, to ensure security or to respond to requests from authorities.

We may also disclose your personal data with your consent to other parties.

Your information shall not be transferred outside EU or EAA by us.

7. Cookies and external services

We use cookies and similar technologies to gather information about your general use of the Internet. Such information includes IP addresses, browser version, number of visits, and similar information concerning your use of the Internet and visits to our website. “A cookie” is a small text file that is stored on the hard drive of your computer. By using cookies, we are able to improve our website and offer you services that better meet your needs. You can use your browser settings to block cookies from being installed. However, please note that blocking cookies may prevent you from accessing certain functions on our website or otherwise impair your service experience. Google Analytics provides our web site visitor tracking service. Data collected through cookies will not be shared with other parties by us.

We may use third-party apps and tools in certain parts of our web pages. One of these is Google Maps. When you use such applications or content tools, such third parties can access your personal data, for example, when you are signed in to those services.

8. Storing of personal data

Your personal data shall only be retained for as long as it is necessary for the processing purposes specified in this statement.

However, regarding the information related to the assignments, we follow the current guidelines of the Finnish Bar Association, which also includes a recommendation on the retention of documents.

9. Your rights as a data subject

As a data subject you have:

– the right to access your personal data: you can contact us and check what information of you we have stored, however, taking into account our obligations as a law firm (such as attorney-client privilege);

– the right to have information rectified: Although we strive for comprehensive and up-to-date information, you may contact us and request for rectification of inaccurate information;

– the right to have information erased: if the information is no longer necessary in relation to the purposes for which they were collected we will erase your information. You are also entitled to demand such erasure;

– to restrict the processing of your personal data: you can contact us and limit the processing of your personal data within the limits of the law;

– the right to object: we have created mechanisms which allow data subjects to object the processing of their personal data within the limits of the law and, for example, withdraw their previously given consent; and

– the right of information portability: you can contact us if you need your information in another systems than ours and we aim to disclose the information to you in a form in which it is suitable to transmit to another system.

Given all abovesaid, please note that your rights may be restricted regarding personal data that:

– is necessary for the performance of the purposes specified in this statement;

– we are obligated by law to retain; or that

– is related to our other obligations (eg guidelines of the Finnish Bar Association).

We aim to act e.g. according to the GDPR, but if necessary, you may contact our data protection contact person or submit a complaint to authority (for more information go to https://tietosuoja.fi/en/home).

10. Data security

We continuously evaluate the risks related to our operations and protect your personal data with suitable technical and organizational measures from accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access to them. Our affiliates are also committed to a high level of security. We are constantly striving to develop our internal processes and, for example, to train our staff on the matter.

However, we believe that we will continue to use, for example, e-mail for our communication, if you do not object to this.

11. Links and other sites

This statement does not apply to third party sites (regardless of any possible links) because we cannot influence such sites or their privacy practices.

12. Updates to this statement

We will review this statement regularly and publish any updates on this page. The content of this statement was last updated on 24.5.2018.