Processing of personal data
As an insurance broker, we take the processing of personal data seriously and comply with the EU Data Protection Regulation (GDPR) and other relevant laws and regulations. This means e.g., the fact that we do not process personal data other than those necessary for the management of the assignment or customer relationship. The data is also deleted when it is no longer needed.
Storage of data
We store the data we collect for as long as is necessary to fulfill the data’s intended purpose, or for as long as there is a legal obligation to store it. For example, we may store event data or correspondence until the time limit for filing claims for that event expires.
We will erase personal data when it is no longer necessary to store them on the basis of the reasons mentioned above. We may erase some data earlier at the client's request (for example, banning direct marketing).
Disclosure of data
If carrying out a particular matter and/or agreement or contract so requires, we may disclose data to
- companies that belong to our Group
- insurance companies
- pension institutions
- To the Social Insurance Institution of Finland (Kela)
- healthcare service providers
- client communities
- persons whom the matter and/or agreement or contract concerns.
When necessary, data may also be disclosed to competent authorities to fulfil the brokerage company's legal obligations.
Client
| What types of personal data do we process? |
The data we process about you are your name, telephone number, address, e-mail address, personal ID number, insurance information, whether you are a politically exposed person, financial information, health information, and information about your family circumstances and your employment. |
|
Where does the data come from? |
We collect your data both directly from you, from the company with which you have a relationship, for example your employer and insurance companies, as well as from publicly available sources. We also receive contact data from other companies within the Söderberg & Partners Group for marketing purposes. |
|
What is the purpose of the processing? |
The purpose of the processing is to enable us to give you advice on your choice of insurance, and to administer the insurance policies that you have, directly or through your employer, a member organisation or a group insurance solution. We may also process your data in order to take preparatory measures enabling you to take out new insurance. The purpose is also to enable us to meet the legal documentation requirements that apply to our business. |
|
Required or voluntary? |
The information we have about you is required to enable us to provide insurance brokerage services, with the exception of your e-mail address, which you may choose whether to provide or not. |
|
What is Söderberg & Partners’ legal basis/legitimate interest? |
The legal basis for the processing is partly the fulfilment of a legal obligation to document the customer relationship and partly the implementation of the agreement you have with your employer or the agreement you have directly with us. We also have a legitimate interest in marketing our services. |
|
Who are recipients of personal data and in which countries are they located? |
The data we process about you are sent to the insurance company where your insurance policy is held and to your employer. Your contact details will be disclosed to other companies in the Söderberg & Partners group for marketing purposes. We may also need to disclose necessary information about you to our service providers for the performance of our services, in connection with data storage. The recipients are mainly located in Sweden or the EU/EEA. In a small number of cases we use service providers where personal data may be transferred outside the EU/EEA. In these cases we ensure that measures are taken to meet the safeguard requirements in Article 46 of the General Data Protection Regulation. Your contact details may also be shared with other companies in the Söderberg & Partners group for marketing purposes. |
|
How long is the data stored? |
We will retain your personal data for as long as necessary with regard to the period of insurance and the period in which claims for damages in respect of the insurance can be submitted. We normally store data for 11 years after our agreement with you or the company/organisation has been terminated. |
|
Are automated decisions made? |
We do not make any automated decisions based on your personal data. |
Family members
| What types of personal data do we process? |
The data we process about you are your name, family circumstances and financial information |
|
Where does the data come from? |
We collect the information from your family member who is a customer with us. |
|
What is the purpose of the processing? |
The purpose of the processing is to provide advisory services to our customer and to fulfil the legal documentation requirements that apply to our business. |
|
Required or voluntary? |
Your family member may choose whether to provide the information or not. |
|
What is Söderberg & Partners’ legal basis? |
The legal basis for the processing is that we, in order to be able to provide appropriate advice, have a legal obligation to demand certain information about family members. |
|
Who are recipients of personal data and in which countries are they located? |
The recipients are mainly located in Sweden or the EU/EEA. In a small number of cases we use service providers where personal data may be transferred outside the EU/EEA. In these cases we ensure that special measures are taken to meet the safeguard requirements in Article 46 of the General Data Protection Regulation. |
|
How long is the data stored? |
We will retain your personal data for as long as necessary with regard to the period of insurance and the period in which claims for damages in respect of the insurance can be submitted. We normally store data for 11 years after our agreement with you or the company/organisation has been terminated. |
|
Are automated decisions made? |
We do not make any automated decisions based on your personal data. |
|
What types of personal data do we process? |
If you are a contact person at a company or organisation that Söderberg & Partners has a brokerage assignment with, we process the following data: name, telephone number, email address and the type of position you hold at the company or in the organisation. If your company is a sole proprietorship, we also process your personal identity number. If you are employed or otherwise named in an insurance policy, or underlying policy, which has been signed by a company or organisation that Söderberg & Partners has a brokerage assignment with, we process data about you that is necessary for the policy in question, i.e. personal identity number, name and insurance information. If Söderberg & Partners assists a company or organisation in the event of damages, information concerning the damages is processed. If you as an individual subscribe to a policy via Söderberg & Partners, we will process your name, personal identity number, address, telephone number, e-mail address and the insurance information attributable to the policies in question. |
|
From where does the data originate? |
We collect the data both directly from you and from the company or organisation with which you have a relationship. This could be an employer, member organisation, group representative or other company or organisation with which you have a similar relationship. |
|
What is the purpose of the processing? |
The purpose of the processing is to advise and assist you, or the company/organisation that you have a relationship with, when selecting insurance, and to manage the insurance policies that you or the company/organisation have. It may also be to take the measures necessary before signing a policy or to assist in the event of damages. The purpose is also to comply with the legal documentation requirements that apply to our business. |
|
Required or optional? |
The data we hold about you is required for us to mediate insurance, with the exception of e-mail address and type of employment which are optional choices. |
|
What is Söderberg & Partners’ lawful basis/legitimate interest? |
The lawful basis for processing personal data for you as a policyholder, or as a recipient of advice from us, is to fulfil the agreement or to perform the preparatory work ahead of signing an agreement. We also have legal obligations to document each customer relationship. If we do not have an agreement with you directly but with your employer, member organisation or group representative and you do not have an agreement with the company/organisation that is our customer, we have a legitimate interest in processing your data in order to execute the contractual relationship with our customer or perform the preparatory work prior to entering into such an agreement. We also have a legitimate interest in marketing our services. If you want to be informed of on what basis the assessment of legitimate interest has been made, please contact us at info.finland@soderbergpartners.com. |
|
Who are the recipients of my personal data and in which countries do they reside? |
The data we process about you is sent to the insurance company where the policy is signed and to your employer. Your contact details can be shared with other companies within the Söderberg & Partners Group for marketing purposes. We may also need to disclose certain information about you to our suppliers in order to execute our services, for example in connection with data storage. The recipients reside mainly in Sweden or within the EU/EEA. In certain cases we engage with suppliers where personal data may be transferred outside of the EU/EEA, and in these cases we ensure that measures are taken to meet the protection requirements stipulated in Article 46 of the GDPR. In addition, your contact details may be shared with other companies within the Söderberg & Partners Group for marketing purposes. |
|
For how long is the data stored? |
We keep your personal data for as long as necessary with respect to the duration of insurance and the period within which liability claims arising from the insurance can be made. We usually hold your data for 11 years after our agreement with you or the company/organisation has expired. |
|
Are automated decisions made? |
We make no automated decisions based on your personal data. |
Data processing in marketing
We collect information both from companies in the Söderberg & Partners Group and through external channels. We also collect information e.g. from our website using cookies that the visitor to the site is asked to accept when they first visit the site.
We collect information for marketing purposes to help those who are interested in us and our own customers find interesting services for themselves. We also use information to communicate current affairs and keep our customers up to date with current events and changes in the insurance industry.
When visiting our site for the first time, visitors decide for themselves what kind of information we may collect from them. You have the right to refuse our marketing at any time by notifying us at info.finland@soderbergpartners.com. Our newsletters also have the option to cancel your subscription.
As a general rule, we retain the information we collect for marketing purposes for three months. If you or your employer have a customer relationship with us, we will retain your information for customer communications. Even then, you can block marketing contacts. If you have subscribed to our newsletter yourself or otherwise indicated that you would like us to receive marketing communications, we will retain your information in this case as well. You may opt out of receiving marketing communications at any time by contacting info.finland@soderbergpartners.com.
Your relationship with Söderberg & Patners will determine what kind of personal information we process about you. Below we explain in more detail what personal information we process based on the type of services you purchase from us.
Even if you are not our customer, we may process your personal information for marketing purposes.
FAQ
Your relationship with Söderberg & Patners will determine what kind of personal information we process about you. Below we explain in more detail what personal information we process based on the type of services you purchase from us.
Even if you are not our customer, we may process your personal information for marketing purposes.
Personal information related to your client relationship is processed so that we can fulfill our contractual and other obligations to you so that we can provide good client service. In addition, we are required by law to document our client relationships, which is why we are required to process personal information about our clients and their relatives.
We also need to process some personal information for our accounting and management reports. In addition, we process personal information so that we can contact potential and existing clients for marketing purposes and to develop our systems, products and offers to our clients.
If we have contacted you even though you are not our customer, we will process your information for marketing purposes.
If you do not want us to process your personal information, please contact us and we will remove the information about you. Contact your contact person or email us at info.finland@soderbergpartners.com.
Söderberg & Partners' data protection is very strong. That means we have robust technical solutions for protecting personal information, such as firewalls and intrusion detection.
In addition, we place the same demands on other parties who process your personal information on our behalf.
You have several rights regarding the processing of personal information. If you are unsure whether we are processing your personal information, you can inquire by contacting our own contact person or emailing us at info.finland@soderbergpartners.com.
Right of access
You have the right to find out if we process your personal information about you. If we do so, you also have the right to receive an extract clarifying what information we hold about you. The right also contains more information about how we process your personal information.
If you would like to obtain a registration statement, you can apply for it by submitting the application form, which can be found here.
The right to object
If we use your personal information to advertise our services to you, you have the right to object to this processing. In this case, we will stop processing the data for marketing purposes.
If you no longer wish to receive marketing communications from us, please email info.finland@soderbergpartners.com.
Right of removal and restriction
Under certain conditions, you have the right to have the data we process about you deleted. This is the case, for example, when we do not have a legal basis for processing the data or when the data is no longer needed in our business.
Right to data portability
If we process personal information about you in order to carry out an agreement we have with you or your company with your consent, you have the right to so-called data portability. This means that you have the right to request that we provide the information to you in electronic form. You can also request that we send the information directly to another controller, if technically possible.
Right to have the data correct
If we process false or incomplete personal information, you have the right to have that information corrected.