Privacy Policy for Private Customers (Natural persons) and Marketing Register

1. DATA CONTROLLERS

YIT Corporation (business ID 0112650-2)
Contact information of the head office:
P.O. Box 36,
Panuntie 11
00621 Helsinki
e-mail: privacy@yit.fi

SIA “YIT LATVIJA”
Uniform registration number (VRN) 40003377087,
Vienības gatve 109, Riga, LV-1058
e-mail: celtnieciba@yit.lv 

YIT Corporation is responsible for processing of personal data at YIT Group level on the legal basis and for the purposes defined in this Policy, including Group level marketing and sales; use of services, financial and other administration and business management; customer and supplier relationship management; analysis and development of products, services, customer and supplier relationship and businesses.

SIA “YIT LATVIJA” is responsible for processing of personal data for its own purposes on the legal basis defined in this Privacy Policy, including for the performance of contractual obligations or the management of the customer and supplier relationship.

2. CONTACT POINTS FOR QUESTIONS ABOUT THE PROCESSING OF PERSONAL DATA

You can contact YIT Corporation by emailing a request to: privacy@yit.fi.
You can also contact SIA “YIT LATVIJA” by emailing a request to: celtnieciba@yit.lv. 

3. PURPOSE AND LEGAL BASIS FOR PROCESSING OF PERSONAL DATA

Personal data are processed for:

  • fulfilling data subject’s request for information before signing an agreement (reservation agreement, preliminary agreement or purchase agreement). When processing personal data, the requested information shall be sent to the data subject via the technical means indicated by the data subject;
  • preparation of a reservation agreement and/or preliminary agreement;
  • verification of the origin of the funds to be invested by the data subject in accordance with the requirements of the Law on the Prevention of Money Laundering and Terrorism and Proliferation Financing, upon conclusion of the preliminary agreement;
  • preparation of a statement of apartment inspection;
  • preparation of a purchase agreement with annexes;
  • providing personal data to a notary public for preparation of an application for registration to the Land Register;
  • preparation of a statement of transfer and acceptance of the apartment;
  • contacting the data subject in order to comply with the data subject’s requests relating to the conclusion or performance of the agreement;
  • servicing the data subject during the guarantee period;
  • sending the data subject’s personal data to the manager of the residential building where the apartment property was purchased;
  • getting the consent of the data subject for direct marketing;
  • verifying the presence/absence of a data subject in international sanctions registers
  • promotional sweepstakes and contests;
  • organization of data subject satisfaction surveys and opinion polls;
  • detection of criminal offences;
  • analysing, profiling, segmentation, and statistics for the purposes described above.

Data controllers use cookies.

4. DATA SUBJECTS AND CATEGORIES OF PERSONAL DATA:  

The controllers process the following categories of personal data:

  • basic information of the data subject, including name, surname, personal ID number, year of birth, gender, native language, profession, declared place of residence, e-mail address, phone number, bank account number. The data subject chooses preferred way of communication. Other personal data contained in the evidence of origin of the funds may also be processed in order to verify the origin of the funds invested by the data subject, as required by the Law on the Prevention of Money Laundering and Terrorism and Proliferation Financing;
  • marketing data – data subject’s wishes and interests, such as types and characteristics of the desired real property, geographical locations, size, number of real properties owned, other information that the data subject has provided and consents to being used in order to receive offers from the controllers;
  • data subject account data – term of data subject relationship and the factual background to the establishment and termination of the relationship; data on concluded agreements, including information on the progress of performance of the agreements, data subject feedback and complaints, correspondence with the data subject, marketing research; other communications; data on payment of issued invoices;
  • digital service user data – registration data for a digital account, such as username, nickname, password and other identifiers; information about the service use, such as use of the service features and browsing information when using a user’s digital account; information collected through the use of cookies and other similar technologies, such as the data controller’s websites and pages browsed by the data subject, the device model, individual device and/or cookie identifier, the channel through which the service is accessed (web browser, mobile browser, application), browser version, IP address, session identifier, session time and duration, screen resolution and operating system; location data, such as coordinates calculated using GPS, WLAN connection points or mobile network base stations if the user has given his/her express permission for this purpose;
  • data from the use of social media – the website of the data controller may include social media features, such as the Facebook Like and Share The data controller may receive a comment or link shared by a user from the data controller's website on Facebook; the data controller may also receive the user’s public profile data on Facebook and any information shared by the Facebook user with the data controller's services. Your interaction with these features is governed by the privacy policy of the company that provides these features, e. g. Facebook: https://www.facebook.com/about/privacy/update?ref=old_policy
  • data subject performance analysis data, such as data subject marketing segments and profiles derived from the data described above and from data from regular sources by using analytics and patterns, such as calculating potential interests of the user/customer or otherwise segmenting the user/customer to specific a group of users.

5. SOURCES OF PERSONAL DATA

The data controller SIA YIT LATVIJA obtains personal data directly from the data subject when the data subject completes a questionnaire before entering into an agreement. The identity of the data subject is verified by the data controller by checking an identity document. Additional personal data necessary for the controller to verify the origin of the data subject’s funds are obtained by the controller from publicly accessible databases, such as Lursoft, State Revenue Service.

6. DISCLOSURE AND TRANSFER OF DATA

Personal data are only transferred to notaries public for the purpose of preparing applications for registration in accordance with the agreement on purchase of real property. A clause on the transfer of data to a notary public is included in the preliminary agreement on purchase of real property concluded with the data subject.

Personal data are not transferred outside the European Union (EU) or the European Economic Area (EEA).

7. DATA PROTECTION AND RETENTION 

Access to personal data is limited to employees of the controllers who have an employment relationship directly related to the performance of their duties. Digital data are protected by firewalls, passwords and other technical means. Documents in paper form containing personal data are stored in locked cabinets protected by access controls.

8. ACCESS, RECTIFICATION AND OTHER RIGHTS OF THE DATA SUBJECT

Data subjects have the right to know what kind of personal data have been collected and processed by the controllers. At the data subject’s request, the controllers will correct, erase (except in cases where erasure is not permitted by laws and regulations) or supplement inaccurate, unnecessary, incomplete or outdated personal data.

Data subjects have the right to withdraw their consent to the use of data for direct marketing by sending a written notice to the company e-mail address: celtnieciba@yit.lv.

The data subject shall have the right to lodge a complaint regarding the processing of personal data with the Data State Inspectorate by sending it to the Elijas iela 17, Riga, LV 1050 or electronically to e-mail: pasts@dvi.gov.lv.