Use of Personal Data

Alisa Bank is committed to protecting your privacy and keeping your personal data safe. We process personal data in compliance with the EU General Data Protection Regulation (GDPR) and specific legislation for the financial industry and ensure the implementation of privacy protection and banking secrecy in all processing of personal data. With «you», we refer to our customers, potential customers, a customer’s employee, or other relevant parties, such as beneficial owners, authorized representatives, and responsible persons.

On this page we describe the collection, usage, storage and sharing practices of personal data in Alisa Bank. At the end of this page, you will find the data protection notices for the client register, the work applicant register, and the register for the annual general meeting. Within the Alisa Bank group, the data controller will be Alisa Bank Plc and/or the Alisa Bank company that you have a relationship with.

Collection of Personal Data

We process personal data for several reasons and the collected personal data can be divided into the following data categories (including examples):

  • Identification data (name, social security number)
  • Contact data (address, phone number)
  • Financial data (agreement type, transaction data & credit history)
  • Data related to legal requirements (taxation, customer due diligence and anti-money laundering obligations)
  • Special categories of data (e.g. health data is needed for Alisa Bank’s insurance product)

Personal data is in most cases collected directly from you or generated as part of the use of our services and products. Data may also be collected from publicly available and other external sources, such as the population register, tax register, company registration office and credit-rating register.

In connection with payments, we collect data from remitters, banks, payment service providers and other entities in the Alisa Bank Group or other entities which we collaborate with.

Usage of Personal Data

We use your personal data primarily to comply with our legal and contractual obligations as well as to provide you with offers and services. Personal data is also processed in the context of marketing, product and customer analyses in order to improve our product range and optimize our customer offerings.

There are situations when we will ask for your consent to process your personal data. The consent will contain data on that specific processing activity. If you have given consent to processing of your personal data, you can always withdraw such consent. We may in some cases use automated decision-making, for example in automated credit intermediation and approval process in the online channels, provided that this is permitted by legislation, or you have provided an explicit consent or if it is necessary for the performance of the contract. You can as a rule always request a manual decision-making process instead of an automated one.

We may disclose your personal data to authorities, Alisa Bank companies, suppliers, payment service providers and business partners. The disclosure of data is based on regulatory obligations, providing of services, performance of agreement, as well as your consent. Before sharing we will always ensure that we respect relevant secrecy obligations.

Protecting of Personal Data

Protecting of Personal Data is at the very core of our business. We use appropriate technical, organizational, and administrative security measures to protect any data we hold from loss, misuse, unauthorized access, disclosure, alteration, and destruction.

Rights of Data Subjects

As a data subject you have the following rights in respect of your personal data controlled by Alisa Bank:

  • Right to obtain information on the processing of personal data, e.g. whether Alisa Bank is processing your personal data, and if yes, in what manner.
  • Right of access to the personal data we are keeping about you, unless restricted by legislation. In many cases this data is already present to you in the online services of Alisa Bank.
  • Right to retification of inaccurate or incomplete data, within legislative restrictions.
  • Right to erasure (right to be forgotten) means that in certain situations you do have the right to ask for your data to be erased without undue delay. We have legislative obligations to retain your personal data during your customer relationship, and even after that.
  • Right to restriction of processing of your personal data in certain situations.
  • Right to object to processing is the right to object to your data being processed at all in certain situations. You always have the right to object to processing of your personal data for direct marketing and profiling in connection to such marketing.
  • Right to data portability means that when possible, you have the right to receive the personal data that you have provided to us in a machine-readable format. Where secure and technically feasible the data can also be transmitted to another data controller from us
  • Right not to be subject to a decision based solely on automated processing means that you can generally always demand human involvement in decisions concerning you when such decisions have legal effects for you or similarly significantly affect you

Your request to exercise your rights as listed above will be assessed given the circumstances in the individual case. Please note that we may also retain and use your data as necessary to comply with legal obligations, resolve disputes, and enforce our agreements.

Data Retention

We will keep your data for as long as needed for the purposes for which your data was collected and processed or as long as required by regulation. The retention times may differ from country to country, due to local legislation.

The Authority

The data protection authority in Finland is the Data Protection Ombudsman, whose contact information can be found at www.tietosuoja.fi You can also contact or make a complaint to the data protection authority in any country where Alisa Bank is offering you products or services.

Contact information

If you want to exercise your registered rights, you can contact Alisa Bank's Data Protection Officer via email: dataprotectionofficer@alisapankki.fi

In case of any different interpretation of the texts of the Data Notices in Finnish or other languages, the Finnish wording shall be decisive.

Clients and Other Concerned Parties

Job Applicants

Persons Registered for General Meeting

Whistle Blowing Channel