Privacy Notice
As a responsible company, we want to make sure that your personal data is handled appropriately in a manner that respects your privacy. On this page, we describe how your personal data is processed by our firm.
For what purposes do we process your personal data?
As part of our day to day operations, we process personal data for a wide variety of purposes. Below, we describe the reasons that we need to process various kinds of personal data for.
- Data in our client register is processed to manage and develop client relationships.
- Data relating to our assignments is processed for the purposes of carrying out our assignments in accordance with the obligations set on us by law.
- We process data on interest groups, i.e. potential clients; former Castrén & Snellman employees; students, representatives of student and professional organisations and parties working in the legal services industry for the purposes of, among other things:
- sending invitations to our events,
- sending newsletters,
- sending information on our business and other marketing communications.
- We process website visitor data to develop and ensure that our website is functioning property.
- Data in our job applicant register is processed for the purposes of making recruiting decisions.
- Employee data is processed to handle our duties as an employer.
- We ensure the security of our offices using various systems, such as security cameras.
Who do we disclose or transfer your data to?
Our main rule is to not disclose your information to any third parties. If the law or an obligation placed on us by the authorities requires that we disclose information, we evaluate each request on a case-by-case basis to assess whether disclosure would be lawful. In certain circumstances, we may disclose your information to a third party or to another data controller if we have separate agreed with you on doing so.
We have also entered into agreements with certain service providers who may process your personal data on our behalf as part of their service. In these circumstances, we have entered into the appropriate agreements with the service providers to ensure the proper processing of personal data in this situations.
Are my data processed in third countries?
Personal data may be transferred outside the European Union or the European Economic Area in accordance with data protection legislation and within the limits set by it. We have ensured an adequate level of data protection, in accordance with the conditions of the EU General Data Protection Regulation, including in situations where data is transferred outside the EU or the EEA in accordance with the adequacy decisions set by the European Commission and using, where appropriate, standard contractual clauses adopted by the European Commission and, where appropriate, supplementary safeguards.
How do we protect your information?
Confidentiality is the cornerstone of our business, and we ensure the confidentiality is maintained in all circumstances. We use various technical or organisation methods and security measures to seek to ensure a sufficient level of data security. Furthermore, we restrict our employees’ access to data using role-based access rights.
How long do we keep your personal data?
We keep your data for as long as necessary for our operations and as required by the law and the Finnish Bar Association's guidelines. The periods vary greatly from one type of processing to another.
Your rights
|
Right to object |
You have the right based on your particular situation to object to profiling and other processing in situations where we process your personal data based on our legitimate interests. These situations can relate to, for example, sending a newsletter or invitation to our events that we assume you are interested in, for example, based on your company's field of operation. You can send your objection to us to privacy@castren.fi. You must specify the particular situation based on which you are objecting to processing. |
|
Direct marketing |
You can consent to or prohibit direct marketing from us on a channel-by-channel basis, including in relation to profiling for marketing purposes. |
|
Right of access to data |
You have the right to review what data we have collected on you. We can deny such a request on the grounds provided by law. Exercising this right is generally free of charge. |
|
Right to request rectification, erasure or restriction of processing of personal data |
You have the right to request that we rectify erroneous data on you. You can also request that we erase certain data on you or request that processing be restricted on the grounds provided by law. |
|
Right to data portability |
To the extent that you have provided data to us that is processed based on your consent, you are entitled to obtain such data primarily in a machine readable format and are entitled to transfer such data to another data controller. |
|
Right to lodge a complaint with a supervisory authority |
You are entitled to lodge a complaint with the competent supervisory authority if you are of the opinion that we have not complied with the data protection regulations applicable to our operations. |
| |
More information
If you have any questions relating to our data protection policies or wish to exercise your rights, please contact privacy@castren.fi.