Privacy notice

1. Controller

Fourton Oy (2722772-3)
Visiting address: Tapiontori 1, Tapiolan Keskustorni 13th floor, FI-02100 Espoo
Postal address: PO Box 111, FI-02101 Espoo
+358 9 4393 780, backoffice@fourton.fi

2. Contact person for matters pertaining to the data file

Fourton Oy/Anu Enroth, Head of Administration
PO Box 111, FI-02101 Espoo +358 9 4393 7815

3. Name of data file

Fourton Oy’s client register.

4. Purpose of the processing of personal data

The primary purpose of the processing of personal data is to compile, process and verify personal data in order to meet and adhere to the requirements and obligations defined in the legislation, regulations and authority decisions. The purpose of the collection and processing of personal data is to identify and know the customer for the customer register (Act on Detecting and Preventing Money Laundering and Terrorist Financing 503/2008, Act on Common Funds 48/1999, Act on Investment Services 747/2012), marketing and customer communication, customer relationship management, contact information management, risk management and tending to the obligations pursuant to authority regulations and guidelines based on the legislation.

5. Contents of the data file

Fund customers

Identification and contact information: Customer ID, name, address, countries of residence, telephone numbers (fax number), email, place of birth, personal identity code/business ID, citizenships, tax residence countries, tax identification codes, preferred language, information on possible representative, and legal status.

Information related to the business relationship: Bank and account information, subscription and redemption forms, additional information forms, identification document information, number of fund units, purchase and market value of units, information on provided certificate of participation, sector and field of business codes, information concerning communication with the customer and information change log as well as the customer relationship start date.

Information related to customer identification, classification and suitability assessment as referred to in the legislation and authority regulations: Information on the customer’s financial position and origin of assets, actual beneficiaries of the assets as well as information on political activities.

Phone call information: In order to document the assignments, Fourton Oy is obligated to record any phone calls with customers.

Asset management customers

Identification and contact information: Name, address, countries of residence, telephone numbers (fax number), email, place of birth, personal identity code/business ID, citizenships, tax residence countries, preferred language, information on possible representative, and legal status.

Information related to the business relationship: Bank and account information, contact person at Fourton, information regarding property subject to asset management under full power of attorney, agreements, powers of attorney, identification document information, information on assignments, events and meetings, and the customer relationship start date.

Information related to customer identification, classification and suitability assessment as referred to in the legislation and authority regulations: Investor information (investment experience and knowledge, investment goals, risk tolerance and risk profile). Information concerning the customer’s financial standing and loss tolerance (education, profession, family relationships, ordinary money transfers, origin of assets being transferred, and actual beneficiaries to the assets).

Phone call information: In order to document the assignments, Fourton Oy is obligated to record any phone calls with customers.

6. Data storage period

Information in the data file is deleted as the customer relationship ends, insofar as their storage is not required or allowed by the legislation. As regards the stored data, storage periods vary depending on the legislation. For example, in relation to the prevention of money laundering, financing of terrorism and fraud, the storage period requirement is at least five years following the termination of the business relationship or the performance of an individual transaction. Accounting regulations may require a storage period of up to ten years. Fourton is also entitled to store data for dispute settlement purposes, for example.

7. Regular data sources

Documentation submitted by the customer (personally, by proxy or by virtue of status), Population Register Centre, Suomen Asiakastieto Oy and the Business Information System (trade register information).

8. Regular data disclosure

Data may be disclosed to the authorities in order to execute their right to obtain information as well as to partners supervised by the authorities in order to execute their right to obtain information. In other cases, data may only be disclosed subject to the consent or authorisation of the data subject.

9. Transfer of data outside the EU and EEA

Data is stored within the EU and EEA. Data may only be transferred outside of the member states on the grounds allowed by the Personal Data Act. If data is transferred outside of the European Union or the European Economic Area, Fourton Oy will ensure a sufficient level of information security in the manner required by the legislation.

10. Principles of protecting the data file

Manual data:
– Data is stored inside locked premises with limited access.
– Classified as confidential.

Electronic customer relationship data:
– Classified as confidential.
– Data inside locked premises.
– Appropriate information security procedures in place, protected by means of firewalls and passwords.
– Access to data limited based on user authorisation and credentials. Within the context of the purpose stated in the privacy notice, data may be transferred to a backup server located in Finland and maintained by Oy Andreas Ehnberg Consulting Ab that applies appropriate encryption and protection mechanisms.

11. Right of inspection

According to the Personal Data Act, the data subject is entitled to inspect the information stored in the data file. However, access to some data has been limited due to reasons of crime prevention and investigation, for example. The data inspection request must be made in writing, using a signed form or personally on the Controller’s premises. Contact information is provided under item 2. The inspection request must state the name, personal identity code, postal address and telephone number. The response to the inspection request will be delivered to the customer’s address, verified from the Population Information System, at the latest within 30 days.

12. Right to request rectification

According to the Personal Data Act, the data subject is entitled to update and modify their data by meeting with the Controller’s representative or by submitting a request by telephone or by writing using remote identification. Contact information is provided under item 2.

The data subject is responsible for informing the Controller of any changes to their contact information or identification information. The validity of the data is checked in connection with meetings and assignments.

13. Right to request erasure

Due to the legislation concerning the finance sector, Fourton is, in many cases, obligated to store personal data during or after the customer relationship. As a result, Fourton generally cannot agree to data erasure requests. A customer may request erasure if they are opposed to the processing of data for direct marketing purposes or if the processing of data is contrary to law. Contact information is provided under item 2.

14. Other rights related to the processing of personal data

The data subject may consent to receiving direct marketing by email. The data subject may prohibit direct marketing to their postal address. The consent to or prohibition of marketing may be provided electronically, by telephone, by contacting customer service or otherwise in connection with a customer service event. However, the data subject will always receive customer communications that are necessary for the management of the customer relationship and the provision of services.

15. Data transfer

Data transfer in machine-readable format concerns personal data that has only been processed automatically and pursuant to consent or the execution of an agreement. As a rule, Fourton does not process personal data automatically and, therefore, the submittal of personal data in machine-readable format is not possible.

16. Complaint to the authority

The data subject has the right to file a complaint with the office of the Data Protection Ombudsman if they feel that Fourton has violated their rights pursuant to the data protection regulation.

Cookies

We use cookies on our website. Cookies are small text files which are stored on the user’s computer when they visit a website and allow the website administrator to identify visitors that frequent the website. Fourton Oy’s website uses cookies in order to provide services, improve user-friendliness and efficiency and to develop the website. The use Fourton Oy’s website indicates that the user consents to the use of cookies.

Cookies can be disabled by modifying the Internet settings on the computer. It should be observed, however, that cookies may be necessary for the functionality of some pages we maintain and services we provide; therefore, Fourton Oy does not guarantee the functionality of all of the provided services if cookies have been disabled.

Please contact us and we will be happy to tell you more about our investment solutions.