Privacy Policy for Finlancer Accounting

1. Introduction

Finlancer Accounting (referred to as "we," "us," or "our") is committed to protecting the privacy of our clients and website visitors. This Privacy Policy outlines how we collect, use, process, and disclose your personal data in compliance with the General Data Protection Regulation (GDPR) (EU) 2016/679 and Finnish data protection laws. By using our services or visiting our website, you agree to the collection and use of information in accordance with this policy.

Our goal is to provide trustworthy, efficient, and modern accounting solutions. This policy reflects our dedication to transparency and security regarding your personal information.

2. Data Controller

The data controller responsible for your personal data under this Privacy Policy is:

If you have any questions about this Privacy Policy or our data protection practices, please contact us.

3. Information We Collect

We may collect and process various types of personal data depending on your interaction with us:

3.1. Information You Provide Directly

• Contact Information: Name, email address, phone number, physical address (for invoicing, official communications).
• Financial Information: Bank account details, tax identification numbers, details of income and expenses necessary for accounting services.
• Identity Information: National ID, passport details, or other identification documents required for client verification (KYC/AML purposes).
• Communication Data: Content of communications with us via email, chat, or phone calls.

3.2. Information Collected Automatically

• Usage Data: Information on how you access and use our website and services (e.g., IP address, browser type, pages visited, time spent on pages, referral sources).
• Technical Data: Device information (e.g., unique device identifiers), operating system.

3.3. Information from Third Parties

In some cases, we may receive personal data from third-party sources, such as public registries (e.g., Finnish Business Information System - YTJ) or service providers, where necessary to perform our accounting services or comply with legal obligations.

4. How We Use Your Information (Purposes of Processing)

We use the collected information for various purposes, primarily based on legitimate interests, contractual necessity, or legal obligations:

• To Provide and Maintain Our Services: Managing your accounting, VAT reporting, expense categorization, and other specified services.
• To Process Transactions: Handling payments and billing for our services.
• To Communicate with You: Sending service updates, administrative messages, support responses, and informational content.
• For Legal and Regulatory Compliance: Fulfilling our obligations under Finnish law regarding accounting, taxation, anti-money laundering (AML), and know-your-customer (KYC) regulations.
• To Improve Our Services: Analyzing usage data to enhance functionality, user experience, and service offerings.
• For Security and Fraud Prevention: Protecting our systems and clients from unauthorized access, fraud, or other illegal activities.
• For Marketing (with Consent): Sending promotional materials about our services, where you have provided explicit consent. You can opt out at any time.

5. Legal Basis for Processing

We process your personal data under the following legal bases:

• Contractual Necessity: Processing data necessary for the performance of a contract to which you are a party or to take steps at your request prior to entering into a contract (e.g., providing accounting services).
• Legal Obligation: Processing data necessary for compliance with a legal obligation to which we are subject (e.g., tax reporting, AML regulations).
• Legitimate Interests: Processing data for our legitimate interests, provided these do not override your fundamental rights and freedoms (e.g., improving our services, preventing fraud, direct marketing where permitted).
• Consent: Where required, we will ask for your explicit consent to process your data for specific purposes (e.g., for certain marketing activities). You have the right to withdraw your consent at any time.

6. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. The retention periods are determined by legal obligations (e.g., Finnish accounting law requires keeping accounting records for 6-10 years) and the nature of the data.

Once the retention period expires, your personal data will be securely deleted or anonymized.

7. Data Sharing and Disclosure

We will not sell or rent your personal data to third parties. We may share your data with trusted third parties only in the following circumstances:

• Service Providers: We engage third-party companies and individuals to facilitate our services (e.g., IT infrastructure providers, payment processors, cloud accounting software providers). These third parties have access to your personal data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.
• Legal Requirements: We may disclose your personal data if required to do so by law or in response to valid requests by public authorities (e.g., a court or government agency).
• Business Transfers: In connection with or during negotiations of any merger, sale of company assets, financing, or acquisition of all or a portion of our business by another company.
• With Your Consent: We may share your data with third parties when you give us explicit consent to do so.

All third-party service providers are carefully vetted and are required to comply with GDPR-level data protection standards.

8. International Data Transfers

As a Finnish company, our primary data processing takes place within the European Economic Area (EEA). If any of our service providers or operations require transferring personal data outside the EEA, we ensure that appropriate safeguards are in place (e.g., Standard Contractual Clauses, adequacy decisions) to guarantee the protection of your data in accordance with GDPR requirements.

9. Your Data Protection Rights (GDPR)

Under GDPR, you have the following rights concerning your personal data:

• Right to Access: The right to request copies of your personal data.
• Right to Rectification: The right to request that we correct any information you believe is inaccurate or complete information you believe is incomplete.
• Right to Erasure: The right to request that we erase your personal data, under certain conditions.
• Right to Restrict Processing: The right to request that we restrict the processing of your personal data, under certain conditions.
• Right to Object to Processing: The right to object to our processing of your personal data, under certain conditions.
• Right to Data Portability: The right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.
• Right to Withdraw Consent: Where processing is based on consent, you have the right to withdraw your consent at any time.
• Right to Lodge a Complaint: The right to lodge a complaint with a supervisory authority, particularly in the Member State of your habitual residence, place of work, or place of the alleged infringement. In Finland, this is the Data Protection Ombudsman (tietosuoja.fi).

To exercise any of these rights, please contact us at [email protected]. We will respond to your request within one month, in accordance with GDPR requirements.

10. Data Security

We are dedicated to ensuring the security of your personal data. We implement appropriate technical and organizational measures to protect your data against unauthorized access, alteration, disclosure, or destruction. These measures include data encryption, access controls, secure servers, regular security audits, and staff training on data protection practices.

While we strive to use commercially acceptable means to protect your Personal Data, no method of transmission over the Internet or method of electronic storage is 100% secure. Therefore, we cannot guarantee its absolute security.

11. Cookies

Our website uses cookies to enhance user experience, analyze site traffic, and for marketing purposes. You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of this website may become inaccessible or not function properly.

12. Changes to This Privacy Policy

We may update our Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date at the top. We encourage you to review this Privacy Policy periodically for any changes. Your continued use of our services after any modifications to this policy will constitute your acknowledgment of the modifications and your consent to abide and be bound by the modified Privacy Policy.

13. Contact Us

If you have any questions or concerns about this Privacy Policy or our data processing practices, please do not hesitate to contact us:

• By Email: [email protected]
• By Phone: +358 9 6899 4222
• By Mail: Finlancer Accounting, Hietalahdenkatu 12, 00180 Helsinki, Finland