Customer register

Customer register

1. Controller

Avain Yhtiöt Oy
(Business ID: 1951766-7)
Lautatarhankatu 8 B
FI-00580 Helsinki, Finland
Tel. +358 20 7624 700

2. Person in charge of data file matters

Sales and Marketing Director
Lautatarhankatu 8 B
FI-00580 Helsinki, Finland
Tel. +358 20 7624 700/switchboard

3. Data file name

Avain Yhtiöt customer register

4. Purpose of processing personal data

Personal data is processed for the verification, management, analysis and development of the customer relationship or other relevant relationships, for example:

– maintaining customer information
– maintaining the lease receivables
– customer surveys, for example, customer satisfaction surveys
– apartment maintenance and the sharing of relevant information with maintenance companies that have a contractual relationship with the controller
– collection of rent receivables and other room rent receivables
– termination of leases
– In addition to customer communication, personal data may be used for planning and developing the controller’s business.

5. Register data content

The following personal data and changes to it can be processed in the data file, concerning the applicants for apartments, recommended customers, tenants and possible co-tenants:

Basic information such as

– name
– social security number
– contact information (postal address, telephone numbers, e-mail addresses)

Information related to the customer relationship and other relevant information, such as

– customer number
– the start date of the customer relationship
– number of persons living in the same household
– the first and last name and personal identification number of a spouse or partner living in the same household
– the first and last names and personal identification numbers of all persons living in the same household
– with the consent of the data subject, the first and last names and personal identification numbers of persons living in the same household
– information on the authorisation given by the co-applicant to the data subject to give their data to the controller
– information about a legal guardian, if used
– information on employment and the duration and quality of the employment relationship
– income and wealth information
– credit record
– debt settlement
– inheritance
– details of the apartment the person had before becoming a customer
– information on the need for housing, such as the reason for changing apartments or needing a temporary apartment. Reasons related to the need for housing include divorce/separation, current housing situation, eviction information, work/study information, family situation, amount of rent/maintenance charge, health reasons and other personal reasons.
– information related to the lease, including lease agreement information, lease payment information, security deposit information and lease termination

– in the case of a minor tenant, the identity information of the guardian who signed the lease
– complaints, feedback and other contacting that is relevant for the customer relationship, communication and actions, including recorded phone calls
– the marketing measures targeted at the data subject, their use and the information provided in connection with them
– bank account information related to the termination of the lease
– direct marketing authorisations and refusals

We handle our customers’ special and sensitive personal data with the utmost confidentiality.

6. Regular data sources

The data is collected from the data subjects and, for example, from the application form for right-of-occupancy and rental apartments and through the online services.

Personal data can also be collected and updated from the controller’s other personal data registers, customers whose relationship has terminated, the controller’s partners, and authorities and companies providing services related to personal data, such as the Population Register Centre and, regarding credit information, from the credit information register of Suomen Asiakastieto Oy. Customer service calls can be stored for a specified period of time by informing the customer of this separately. 

7. Disclosure and transfer of data

As a rule, the data is disclosed to outside of Avain Yhtiöt. Data can be disclosed to the extent permitted and required by the legislation in force, for example, to contracting parties that collect debts on behalf of Avain Yhtiöt and to the parties that have access to the data under the law. In addition, data can be handed over to the property management, maintenance, security and locksmith companies, the contractor for new or repair construction, as well as to electricity and data network suppliers that provide services related to housing.

If the apartment becomes to be owned by a party external to Avain Yhtiöt, Avain Yhtiöt may disclose to the new owner the information necessary for the management of the lease relationship.

8. Personal data retention period

The data of a rental apartment applicant are retained for a period of six years from the last time the customer submitted the application, unless the customer has made a lease agreement.

The data of a right-of-occupancy housing applicant are retained for a period of eight years from the last time the customer submitted the application, unless the customer has made an agreement on right-of-occupancy housing.

Data based on a right-of-occupancy or lease agreement may be retained for ten years after the termination of the agreement and after the fulfilment of the contractual obligations on both sides. The same retention period applies to all persons who live/have lived in the apartment and, for example, to recorded phone calls and other communication/interaction.

9. Transfer of data to outside the EU or the EEA

The data will not be transferred outside the territory of the EU Member States or the European Economic Area. 

10. Protection of the data file

The data contained in the data file that is processed electronically is protected by firewalls, passwords and other technical measures that are generally acceptable in the field of data security.
Manually maintained materials are located in premises that cannot be accessed by unauthorised persons.

Only specified employees of the controller and of companies acting on the controller’s behalf who have signed a non-disclosure agreement have access to the data contained in the data file by means of an individual right of access granted by the controller.

11. Right of inspection, prohibition and rectification

Under the Personal Data Act, data subjects have the right to inspect their data that is stored in the data file. The inspection request must be sent to the person in charge of data file matters, and it must be in writing and include the data subject’s signature. The request for inspection can also be made in person by visiting the controller.
A person may exercise their right of inspection once a year free of charge. If the requests for verification are manifestly unfounded or disproportionate, in particular where they are made repeatedly or where more than one copy is requested, a fee of EUR 80 per administrative cost shall be charged for the execution of the request or we may refuse to execute the request.

The data subject has the right to prohibit the processing and disclosure of their data for direct advertising, distance selling and other direct marketing purposes or market and opinion polls by contacting the controller.

The data subject has the right to demand rectification of incorrect data by contacting the controller.