Description of Data File and Notice on Processing


1. Controller

CapMan Plc
(Business ID 0922445-7)
Korkeavuorenkatu 32, 00130 Helsinki, Finland
Tel. +358 207 207 500

2. The person in charge

Heidi Sulin, General Counsel Korkeavuorenkatu 32, 00130 Helsinki, Finland Tel. +358 405 359 262 Email: heidi.sulin@capman.com

3. Name of the register

CapMan's business contact register.

4. The purpose of the use of the register

The register is used for the purposes of i) contacting, maintaining, using, developing and updating the CapMan's business relationships; ii) sending newsletters related to the co-operation and administering the extranet services; and iii) CapMan to conduct its obligations under the mandatory legislation e.g. in order to prevent money laundering risks.

5. Content of the register

Register includes contact information related to CapMan's business relationships or prospect relationships such as: name, position, title, address, email address, fax number and telephone number, employer data and other associated information on the co-operation with CapMan. The register also includes personal data that CapMan is obliged to collect under the mandatory legislation e.g. in order to prevent money laundering risks, such information includes e.g. passport copies and data related to recognition of data subjects.

6. Regular sources of information

Personal data is collected from the data subjects themselves or by CapMan or its representative in connection with the mutual or prospected co-operation.

7. Regular destinations and transfer of data

The personal data is not regularly transferred outside CapMan Group. As CapMan has affiliate in the Russia, certain personal data is transferred to CapMan Russia.

8. The principles for security of the data file and register

Manual registers are stored within the premises controlled by CapMan and such premises are protected from third party access, only specified CapMan employees have access to such premises.

Access to the register is solely by persons who are required to know the personal data due to e.g. their work tasks (need-to-know principle). Individuals who access register within the CapMan internal network are required to provide credentials to confirm their identity (at a minimum).Transportable computers/devices are required to be secured with anti-theft devices, placed in locked files or cabinets or otherwise secured. Practices will be implemented to prevent introduction of malware and/or other destructive elements that would impair normal and expected system operation with antivirus software with automatic updates enabled.

9. Data Subjects' Rights

Unless otherwise provided by the applicable law an individual being a data subject is entitled to have access to the registration data concerning him or her in the register. Such individual shall make a written request to this effect to the person in charge of CapMan’s register mentioned in item 2 above or request the information personally a the premises of CapMan. CapMan will either provide a written extract of the information stored in the register concerning the individual or direct at place in CapMan’s premises where the information can be accessed.

The data subject has the right to request that data provided by him or her is corrected by contacting the person mentioned in item 2.

The data subject has further a right to prohibit the use and disclose of his or her personal data for the purposes of direct marketing and/or market research by contacting the person mentioned in item 2