Register Description

1.   CONTROLLER

Merilampi Attorneys Ltd. (”Merilampi”)
Lönnrotinkatu 5
00120 Helsinki
Finland
+358 9 686 481

2.   CONTACT PERSON

Sakari Aalto
Lönnrotinkatu 5
00120 Helsinki
Finland
+358 9 686 481
law.offices@merilampi.com

3.   NAME OF THE REGISTER

Client and business partner register

4.   PURPOSE OF PROCESSING

Most data in the Client and business partner register is enterprise data, but the register contains personal data as well. Merilampi processes personal data pursuant to the General Data Protection Regulation (EU 2016/679 “GDPR”) article 6(1)f. The legal basis for processing is the legitimate interest of Merilampi to manage and maintain records of its clients and business partners. Such processing includes, for example processing for invoicing and communications purposes. In addition, the personal data can be used in sales and marketing campaigns.

5.   PERSONAL DATA COLLECTED AND RETENTION

The Client and business partner register contains information about the clients and business partners of Merilampi to the extent that such information is reasonably necessary to effectively manage the client relationship. Such personal data included in the register are name, position, phone number and email address of the client’s or business partner’s representative. If the data subject is a natural person, the register includes also his/her home address and social security number.

Merilampi will only store personal data for as long as it relevant and will remove the collected personal data when it is no longer needed for the abovementioned purposes. The Finnish Bar Association has given non-binding instructions concerning data retention as to client assignments and pursuant to the instructions data shall be stored up to 10 years from the closing of the assignment. The aforementioned instruction shall be noted when determining the time period for data retention but due to the nature of certain information, client  or business partner relationships or assignments some data may be stored for a longer or a shorter period of time.

6.   SOURCE OF PERSONAL DATA

Personal data is collected directly from the data subjects – usually from the client’s or business partner’s representative him/herself, who will be the client’s or business partner’s primary contact person or from another representative of the client or business partner. Moreover, data subjects may give their contact information in events or direct sales contacts and information can be received from other business partners. Processing personal data is always in full compliance with the limitations of the applicable data protection law.

7.   DISCLOSURE OF PERSONAL DATA

Personal data may also be disclosed to third parties if Merilampi wishes to appoint external processors or sub-processors.

Personal data may also be disclosed to authorities pursuant to applicable laws.

In case Merilampi enters into a joint venture with or is sold to or merged with another business entity, personal data may be disclosed to the new business partner or owner.

8.   TRANSFERS OUTSIDE EU/EAA REGION

Personal data will not be transferred outside the EU/EEA region.

9.   DATA SECURITY

With respect to electronic data:

Most data are stored electronically on servers provided by third parties. Merilampi has appropriate data security measures in place in order to protect all electronic personal data. Merilampi will ensure that the registers will not be subject to access by unauthorized persons or unlawful processing or other damage.

With respect to personal data on paper:

Merilampi ensures that all papers containing personal data are protected in an appropriate manner and Merilampi has sufficient measures in place to monitor any unauthorized access.

In case Merilampi is subject to damage, destruction or other similar event that Merilampi could not possibly have prevented, Merilampi will notify the data subject immediately in accordance with the obligations of the applicable laws. Merilampi is not, however, liable for such unpredictable events.

10. INDIVIDUAL RIGHTS

According to the General Data Protection Regulation, data subjects have the following rights regarding their personal data:

  • Right of access to their personal data;
  • Right to request the controller to rectify incomplete or incorrect personal data;
  • Right to object to or restrict the processing of personal data and to object to automated decision-making;
  • Right to request the controller to erase personal data; and
  • Right to transfer personal data to another controller.

According to GDPR article 77, the data subject is entitled to lodge a complaint with the supervisory authority concerning the processing activities carried out by Merilampi. Such complaint may be lodged in particular, in the member state of his or her habitual residence or place of work or the alleged infringement took place.

If the data subject wishes to exercise his or her rights, he or she should contact the Controller via email to law.offices@merilampi.com. Merilampi will use all reasonably available resources to respond to any such request without undue delay.

11.  COOKIES

11.1  Cookies on our Website

Cookies are small text files that are stored in your computer’s memory and hard drive when you visit certain web pages. They are used to enable websites to function or to provide information to the owners of a website. Web beacons (also called “pixel tags”) are electronic images placed on a website that typically help us access certain cookies on the website, enable us to count visitors on our websites and improve our services. Web beacons also collect information about visits from your IP-address.

This Cookie policy informs you how Merilampi Attorneys Ltd. (“Merilampi”) uses cookies, web beacons and other similar technologies (jointly referred to as “cookies”) in its websites and how you can manage and control the use of cookies on your computer or device.

Cookies that are used on our Websites help Merilampi to provide customized services and information. Merilampi uses cookies on all our Websites to gather information how and when pages in our Websites are visited, what our users’ technology preferences are and whether our Websites are functioning properly.

In general terms, we use cookies on our Websites for the following purposes:

Analytical purposes: Analytical cookies allow us to recognize, measure and track visitors to our Websites. This helps us to develop the way our Websites function, by determining whether site visitors can find information easily, or by identifying the aspects of websites that are of the most interest to them, for example.

Usage preferences: Some cookies on our Websites are activated when visitors to our sites make a choice about their usage of the Website. Our Websites then use the settings preferences of the user in relation to future visits. This allows us to tailor the experience on our Websites to the individual user.

Policy Administration:  We use cookies to record when a site visitor has seen a policy, such as this one, or provided consent, such as consent to the terms and conditions on our Websites. This avoids repeated questions to a user regarding the same terms.

Session management: The software that runs our websites uses cookies for technical purposes needed by the internal workings of our servers. For instance, we use cookies to distribute requests among multiple servers, authenticate users and determine what features of the site they can access, verify the origin of requests, keep track of information about a user’ s session and determine which options or pages to display in order for the site to function.

Functional purposes: Functional purpose cookies store information that is needed by our applications to process and operate. For example, where transactions or requests within an application involve multiple workflow stages, cookies are used to store the information from each stage temporarily, in order to facilitate completion of the overall transaction or request.

To make full use of our Websites, your device will need to accept cookies. Our Websites will not function properly without them. In addition, cookies are required in order to provide you with personalised features on our Websites.

On certain of our Websites, we include content designed for display using Adobe Flash Player, such as animations, videos and tools. Local flash storage (often referred to as “Flash cookies”) can be used to help improve your experience as a user. Flash storage is retained on your device in much the same way as standard cookies, but is managed directly by your Flash software.

If you wish to disable or delete information stored locally in Flash, please see the documentation for your Flash software, located at www.adobe.com. Please note that, if you disable Flash cookies, some site functionality may not work.

11.2  Third party cookies

When you visit our Websites, you may receive cookies that are set by third parties. These may include cookies set by Google. These cookies are used for the purposes described in the “Cookies on our Website?”  section of this policy. We do not control the setting of these third-party cookies, so we recommend you to check the third-party websites for more information about their use of cookies and how to manage them.

11.3  Amending cookie preferences

You may delete cookies from your computer at any time. The instructions for removing cookies from your computer or mobile device depend on the operating system and web browser you use. Please note, however, that withdrawing your agreement to the use of cookies on our Websites will mean that certain functionalities are not usable or are more difficult to use.

The site www.allaboutcookies.org includes instructions for managing cookies on many commonly used browses, or you may consult the vendor documentation for your specific software.

Further information about cookies

If you would like to find out more about cookies in general and how to manage them, please visit www.allaboutcookies.org.