What personal data we collect
How we may use your personal data and the lawful basis for doing so
Who we may disclose your personal data to
How we protect your personal data
Your privacy rights
How long we process your personal data
Contacting us or the data protection authority
Personal data is in most cases collected directly from you or generated as part of the use of our services and products. Sometimes additional information is required to keep information up to date or to verify information we collect. The personal data we collect can be grouped into the following categories:
National identification number and name. We are obliged to collect documentation of such information, for instance in the form of copies of your passport, driver’s license, or the like or by identifying the customer electronically.
Phone numbers and addresses, including postal address – in the case of a foreign address, also the home country.
Type of agreement, transactional data, credit history, insurance history.
Country of taxation or foreign tax payer reference, customer due diligence and anti- money laundering requirements.
For example information concerning health is needed for Fellow Finance insurance product.
We collect information you provide directly to us. For example, when becoming a new customer, we collect personal data, such as name, national identification number, e-mail address and phone number, income and debt information to be able to provide you with the product or service in question. Fellow Finance also collects information which you provide us with such as messages you have sent us, e.g. feedback or a request in our digital channels. Calls and chat conversations with you may also be recorded and logged for verification of orders, documentation, and for quality and improvement purposes. For security purposes, we may have cameras in our offices.
Publicly available and other external sources; register held by governmental agencies (such as population registers and registers held by tax authorities, company registration offices, enforcement authorities, etc.), sanction lists (held by international organisations such as the EU and UN as well as national organisations such as Office of Foreign Assets Control (OFAC)), registers held by credit-rating agencies and other commercial information providers providing information on e.g. beneficial owners and politically exposed persons.
In connection with payments, we collect information from remitters, banks, payment service providers and others. From other entities in the Fellow Finance Group or other entities which we collaborate with.
We use your personal data to comply with legal and contractual obligations as well as to provide you with offers and services. Entering into and administration of service and product agreements (performance of a contract). The main purpose of our processing of personal data is to collect, verify, and process personal data prior to giving an offer and entering into a contract with you as well as documenting, administering and completing tasks for the performance of contracts. Examples of the performance of a contract:
Fulfilment of requirements and obligations for us stated in laws, regulations or decisions from authorities and supervisors (legal obligation) In addition to the performance of contract, processing of personal data also takes place for us to fulfil our obligations under law, other regulations or authority decisions.
In addition to the performance of contract, processing of personal data also takes place for us to fulfil our obligations under law, other regulations or authority decisions. Examples of processing due to legal obligations:
Personal data is also processed in the context of marketing, product- and customer analyses. This processing forms the basis for marketing, process-, business- and system- development, including testing. This is to improve our product range and optimize our customer offerings. This may also involve profiling (see below). We have a legitimate interest to use profiling for example when conducting customer analysis for marketing purposes or monitoring transactions in order to detect frauds.
There are situations when we will ask for your consent to process your personal data. Examples of such situations are processing of payment transaction data for marketing purposes, or for some processing of special categories of data. The consent will contain information on that specific processing activity. If you have given consent to a processing of your personal data you can always withdraw the consent.
We may in some cases use automated decision-making, if it is authorized by legislation, if you have provided an explicit consent or if it is necessary for the performance of a contract, for example automated credit intermediation and approval process in the online channels. You can always request a manual decision-making process instead, express your opinion or contest decision based solely on automated processing, including profiling, if such a decision would produce legal effects or otherwise similarly significantly affect you.
We may share your personal data with others such as authorities, Fellow Finance companies, suppliers, payment service providers and business partners. Before sharing we will always ensure that we respect relevant secrecy obligations.
To fulfill services and agreements we have to disclose information about you. If, for example you have asked us to transfer funds, we need to disclose certain information to fulfill that transfer.
To provide our services, for example credit transfer, we disclose data about you that is necessary to identify you and perform an assignment or agreement with companies that we cooperate with in order to perform our services. These services include, but not limited to, secure identification solutions in the relevant country and between parties in the financial system such as transaction receivers.
We also disclose personal data to authorities to the extent we are under statutory obligation to do so. Such authorities include tax authorities, police authorities, enforcements authorities and supervisory authorities in relevant countries.
In addition, data are disclosed, with your consent or if this is permitted pursuant to legislation, internally in Fellow Finance and to external business partners (including correspondent banks, vendor partners of finance object and insurers).
Keeping your personal data safe and secure is at the centre of how we do business. We use appropriate technical, organizational and administrative security measures to protect any information we hold from loss, misuse, and unauthorized access, disclosure, alteration and destruction.
You as a data subject have rights in respect of personal data we hold on you. You have the following rights;
Your request to exercise your rights as listed above will be assessed given the circumstances in the individual case. Please note that we may also retain and use your information as necessary to comply with legal obligations, resolve disputes, and enforce our agreements.
We will keep your data for as long as they are needed for the purposes for which your data was collected and processed or required by laws and regulations. This means that we keep your data for as long as necessary for the performance of a contract and as required by retention requirements in laws and regulations. Where we keep your data for other purposes than those of the performance of a contract, such as for anti-money laundering, bookkeeping and regulatory capital adequacy requirements, we keep the data only if necessary and/or mandated by laws and regulations for the respective purpose.
The data retention obligations will differ within Fellow Finance subject to local law. Specific examples are:
The above is only for explanatory purposes and the retention times may differ country to country.
In case of any different interpretation of the texts of this Agreement in Finnish and English, the Finnish wording shall be decisive.