JMA Easy Life - Logo

Privacy policy

Privacy policy

It explains how JMA Easy Life processes personal data, people whose personal data the company processes should understand how and why their personal data is processed in JMA Easy Life's operations and what rights they have in relation to the company.

For JMA Easy Life, it is important that customer-related information, including personal data, as well as information about the company's employees, is treated securely and confidentially and that applicable regulations are complied with.

The following describes how JMA Easy Life handles personal data in central parts of its operations. JMA Easy Life carries out assignments within the framework of the business both as a data controller and as a data processor. JMA Easy Life is the data controller for the processing of personal data that the company carries out for its own purposes, including checks regarding the existence of conflicts of interest and independence.

Information on the processing of personal data for the acceptance and management of clients and assignments

Background

When processing personal data, the controller has an obligation to provide certain information to data subjects. For the purposes of this assignment, personal data will be processed by JMA Easy Life. For this reason, the following information is provided.

Processing of personal data by JMA Easy Life

JMA Easy Life will process personal data in accordance with applicable law. The personal data that will be processed is obtained from the client, its group companies (if applicable), or other, e.g. authorities, municipalities or publicly available sources and relates to authorised representatives and other persons whose personal data is needed to manage the client relationship as well as the beneficial owner. The personal data are processed prior to the acceptance of clients and/or assignments and for the performance of the assignment in order to:

  • carry out independent checks,
  • carry out quality controls; and
  • to document the actions taken.

Such processing is necessary for the performance of the legal obligations to which JMA Easy Life is subject in evaluating the possibility or has undertaken to carry out the assignment and is necessary for JMA Easy Life's legitimate interest in fulfilling its professional obligation. JMA Easy Life may also process personal data for other risk management purposes (such as insurance matters). This processing is necessary for the legitimate interest of JMA Easy Life to manage risks and possible claims.

JMA Easy Life may also process personal data to inform about seminars and other events organised by JMA Easy Life and to send out newsletters and other marketing. Processing for these purposes is necessary for JMA Easy Life's legitimate interest in being able to reach out to employees of customers who may be interested in events, marketing and news in areas relevant to these persons' positions.

The personal data in the engagement will be processed for the performance of the agreed services under the Engagement Letter. The legal basis for this processing is either legitimate interest, consent or agreement with the data subject.

Categories of personal data

The categories of personal data that may be processed for the above purposes include

  • contact details such as name, address, social security number/coordination number, telephone number, email address
  • details of employment such as departmental affiliation and job title
  • other data necessary to evaluate and manage the customer relationship.

In connection with the registration of the customer, JMA Easy Life may also process copies of the identity documents of the persons representing the client within the framework of the customer due diligence measures to be taken in accordance with the Money Laundering Act.

Transfers to third countries

Personal data may be processed by JMA Easy Life network agencies and others engaged by JMA Easy Life for the purpose of carrying out the measures mentioned above on behalf of JMA Easy Life; they may be based both within and outside the EU/EEA. In the event of a transfer of personal data for processing in a country outside the EU/EEA, which does not ensure an adequate level of protection, JMA Easy Life is responsible for ensuring that the personal data is subject to appropriate safeguards and on condition that statutory rights for data subjects and effective legal remedies for data subjects are available, or where this is not the case, that additional complementary safeguards have been put in place that would ensure that the transferred data receives a level of protection in the third country that is essentially equivalent to the level guaranteed within the EU.

Recipients of the information

JMA Easy Life is obliged to ensure that the information processed in connection with the assignment is not made available to unauthorised persons, which means that personal data will be treated confidentially. JMA Easy Life may disclose personal data to network agencies or others engaged by JMA Easy Life for the purpose of checking and maintaining impartiality and independence, to perform quality controls and take other risk management measures and to send out invitations to events and other marketing material. JMA Easy Life may also disclose personal data to insurance companies or legal advisors in connection with legal proceedings to the extent necessary to protect its legitimate interests or to other recipients if such obligation exists under applicable laws and regulations, professional obligation or government decision.

Storage of personal data

Personal data will not be processed for longer than is necessary for the purposes for which the personal data are processed. Most of the data related to the performance of the assignment will be kept for ten years after the assignment has ended

Rights as a registered person

In some cases, data subjects have the right to obtain, on request, information as to whether or not personal data relating to the data subject are being processed and, if so, the right to access the personal data in the form of a so-called 'extract from the register'. Data subjects also often have the right to have inaccurate personal data concerning them rectified. Furthermore, data subjects may have the right to have their personal data erased, the right to request the restriction of processing of personal data concerning them or the right to object to such processing. Data subjects also have the right to lodge a complaint with a supervisory authority about the processing.

The information and data that the Contractor receives within the framework of the assignment is subject to a duty of confidentiality, which means that the Contractor may not normally disclose such information. As regards personal data processed in connection with the acceptance of clients and assignments and as a result of the assignment, the Contractor is obliged to retain the documentation in this respect for at least ten years. This implies that it is not allowed to delete personal data included in such documentation before then and sometimes it is also not allowed to correct the data. For the aforementioned reasons, it is not possible for the Contractor to restrict or limit the processing of personal data in such cases at the request of a data subject. However, in the case of the Contractor's processing of personal data for marketing purposes, data subjects have the right to request erasure, rectification, restriction and to object to the processing of their personal data for such purposes.

en_GB