Voinko palvelua käyttää vaikka en olekaan ensiasunnon ostaja?

Ehdottomasti! Me palvelemme jokaista asunnon ostajaa. Meille on tärkeintä, että sinulle asunnonostajana on selvää, mihin olet ryhtymässä. Vaikka olisitkin jo aikaisemmin ostanut asunnon, on asuntokauppa saattanut muuttua vuosien saatossa. Me olemme aiheen kanssa tekemisissä joka päivä ja tietomme päivittyvät jatkuvasti.

Voitteko antaa takuun sille, että tekemäni asuntokauppa on oikeasti hyvä?

Sellaista takuuta emme voi valitettavasti antaa. Mutta annamme takuun sille, että arvioimme harkitsemasi kaupan käyttämällä siihen kaiken ammattitaitomme ja osaamisemme. Ennustaminen on vaikeaa, varsinkin tulevaisuuden, ja siksi emme voi koskaan olla varmoja siitä, mitä yllätyksiä maailma tuo tullessaan.

Kuinka nopeasti raportti toimitetaan?

Pyrimme toimittamaan raportit 24 tunnin kuluessa tilauksesta, jos olemme saaneet käyttöömme kaikki tarvittavat asiakirjat. Jos sinulla on kiire, kerro se meille ja yritämme hoitaa homman vieläkin nopeammin. Mikäli jokin yksityiskohta vaatii lisäselvitystä, pidämme sinut koko ajan ajan tasalla.

Jatkuvasti puhutaan taloyhtiöistä. Entäpä jos olenkin hankkimassa kiinteistöä, onko palvelunne soveltuva niihinkin?

Kiinteistöt poikkeavat merkittävästi asunto-osakeyhtiömuotoisista. Pystymme kuitenkin olemaan avuksi myös kiinteistökaupan kohdalla - niissä painopiste on dokumentaatiossa. Mikäli olet harkitsemassa kiinteistökauppaa, ota meihin suoraan yhteyttä, niin katsotaan millaista palvelua kaipaisit.

Voisitteko etsiä minulle asunnon puolestani?

Kyllä, voimme etsiä asuntoa määrittelemiesi kriteerien mukaan julkisesti tarjolla olevien kohteiden joukosta. Voimme myös analysoida valitsemasi kohteet ja käydä tarjousneuvotteluja. Emme kuitenkaan voi tehdä varsinaista ostotarjousta, koska OUN® ei ole välitysliike.

Mitä kaikkia maksutapoja hyväksytte?

Käytämme MobilePay-palvelua, joka on luotettava ja nopea maksutapa. Maksun voi suorittaa MobilePayllä tai kortilla (Visa ja Mastercard).

Mitäpä, jos valitsemani kohde osoittautuukin huonoksi eikä siitä synny kauppoja, mitä silloin tapahtuu?

Silloin voi onnitella itseäsi, koska tulit juuri välttyneeksi tekemästä huonoa kauppaa! Harmitus voi silti olla suuri, mutta mieti kuinka suuri se olisi, jos olisit vienyt kaupan loppuun asti ja vasta sen jälkeen raaka totuus paljastuisi.

Combined privacy policy and information document in accordance with the Data Protection Act and the European Union General Data Protection Regulation (2016/679/EU).

Data Controller

Oun Oy

Business ID: 3179402-6

Contact for Data Protection Matters

+358 (0)20 7436 150
info@oun.fi

Name and Content of the Register

Oun Oy’s customer register (“Customer Register”).

Purpose of Collecting Personal Data and Legal Basis for Processing

General Information on Processing Personal Data

To the extent that the Customer Register contains personal data, its processing complies with the Data Protection Act and other applicable laws, regulations, provisions, and official guidelines concerning the processing of personal data. Personal data refers to information that can be linked to a specific individual. This document describes in more detail the procedures for collecting, processing, and disclosing personal data, as well as the rights of the customer, i.e., the data subject.

Purpose of Collecting Personal Data

Contractual, Customer, or Similar Relationship
The purpose of the Customer Register is the data controller’s contractual or customer relationship with the client
Relationship with the client’s potential counterparty in connection with performing the assignment
Contractual relationship with the user of consulting assignments or other professional services
For the apartment search and other services of a potential customer

In this section

These individuals are referred to as the Customer in this policy.
Statutory Anti-Money Laundering Supervision
- In accordance with Chapter 3, Section 3 of the Act on Preventing Money Laundering and Terrorist Financing (444/2017, hereinafter “Anti-Money Laundering Act”), customer due diligence information and other personal data required by law are stored, retained, and may be used to prevent, detect, and investigate money laundering and terrorist financing, as well as to bring to investigation money laundering and terrorist financing and the offense by which the property or criminal proceeds subject to money laundering or terrorist financing were obtained. Customer due diligence information or other personal data obtained solely for the purpose of preventing and detecting money laundering and terrorist financing shall not be used for purposes incompatible with these purposes.
Data Storage Based on Consent:
- To the extent that the right to register based on the aforementioned laws or circumstances is exceeded, or the mentioned other legal basis does not exist, the Customer’s separate consent is requested for storing, processing, and retaining personal data. Assignment information is also used for contractual relationships related to consulting and other professional services and is retained in a manner similar to the Assignment Diary.

Purpose of Data Use

The information in the Customer Register may be used for the following main purposes:

managing and developing the customer relationship
producing, offering, developing, improving, and protecting services
billing, collection, and verification of customer transactions
targeting advertising
analyzing and compiling statistics on services
customer communication, marketing, and advertising
protecting and securing the rights and/or property of the data controller and other individuals and parties related to assignments in connection with services,
fulfilling the data controller’s statutory obligations, and
other similar purposes.

Consequences of Not Receiving Information:
If the data controller does not receive the information referred to in sections 1, 2, and 3 of Purpose of Collecting Personal Data, the customer relationship cannot be initiated or continued, or other contractual arrangements or participation in legal transactions with the Customer cannot be undertaken.

Content of the Customer Register, i.e., What Information We Collect

In connection with managing the customer relationship, the following information is or may be collected:

Customer’s basic information, such as full name, address
Personal identity code of the individual acting on their own behalf or on behalf of a company, and possibly the business ID for reliable identification
Information related to billing and collection
Information related to the customer relationship and contractual relationship, such as services offered to the Customer, their date of use, fee, service seller information, and other similar information
Permission information and prohibitions, such as direct marketing permissions and prohibitions
Interests and other information provided by the Customer
Other transaction information for services
Complaints and their processing information
Customer’s credit information and other financial information for assessing the fulfillment of contractual obligations

In register information concerning Anti-Money Laundering Act supervision, the following information related to the Customer is or may be processed:

name, date of birth, and personal identity code
representative’s name, date of birth, and personal identity code
legal entity’s full name, registration number, registration date, and registration authority
full names, dates of birth, and nationalities of members of the legal entity’s board or equivalent decision-making body
legal entity’s line of business
beneficial owners’ name, date of birth, and personal identity code
name of the document used to verify identity, document number or other identifying information and issuer, or a copy of the document, or if the customer has been remotely identified, information about the procedure or sources used for verification
information about the Customer’s activities, nature and scope of business, financial position, grounds for using the transaction or service, and information about the origin of funds, as well as other necessary information obtained to know the Customer as referred to in Chapter 4, Section 1 of the Anti-Money Laundering Act
information related to determining the origin of funds in accordance with Chapter 4, Section 3 of the Anti-Money Laundering Act, and necessary information obtained to fulfill the enhanced due diligence obligation related to politically exposed persons in accordance with Section 13
for a foreign Customer who does not have a Finnish personal identity code, information about the Customer’s nationality and travel document information

Data Retention Period

Information collected in the register is retained only for as long and to the extent necessary in relation to the original or compatible purposes for which the personal data was collected.

The need to retain personal data is assessed regularly; and in any case, information concerning a registered individual is deleted from the register two years after the registered individual’s customer relationship with the data controller has ended and the obligations and actions related to the customer relationship have been completed. Accounting documents are retained for five years from the end of the financial year.

The data controller assesses the need to retain information regularly in accordance with its internal codes of conduct. In addition, the data controller implements all possible reasonable measures to ensure that personal data that is inaccurate, incorrect, or outdated in relation to the purposes of processing is deleted or corrected without delay.

Information in accordance with the Anti-Money Laundering Act is retained for five (5) years, unless further retention of such information is necessary for criminal investigation, pending litigation, or to protect the rights of the data controller or its employees. The need for further retention of information and documents is then reviewed no later than three (3) years after the previous review of the need for retention (Act on Preventing Money Laundering and Terrorist Financing, 444/2017, Section 4).

For potential customers of all the company’s various services, information is retained for approximately 12 months from the last contact.

We retain visitor and analytics data from our website for 38 months.

Other personal data is deleted after there is no longer a need to retain the personal data. If the collection and retention of personal data has been based solely on the Customer’s consent, for example subscribing to a newsletter or similar, the personal data is deleted at their request.

Regular Data Sources and Where Information Is Collected From

Personal data is collected from the Customer in connection with the preparation of assignment agreements and documents, when otherwise using the data controller’s services, or otherwise directly from the Customer. Personal data may also be collected and updated from, for example, the population register and other official registers as well as credit information registers.

Information based on consent is collected directly from the Customer or, with their consent, from registers or sources maintained by authorities or third parties.

Personal data is collected through website forms, email, or some other suitable method. Personal data may also be collected from devices using cookies or other similar technologies.

Disclosure of Information, i.e., To Whom Information May Be Provided

Personal data is not disclosed to third parties.

Information is not regularly transferred outside the European Union or the European Economic Area. However, information may be transferred or disclosed outside the European Union or the European Economic Area in accordance with the law, if the information is transferred to a country where the European Commission has determined that the level of data protection is adequate, or if contractual arrangements can guarantee an adequate level of data protection. Transfer outside the EU may also occur in connection with the use of various cloud services, such as OneDrive, Google Drive, iCloud, Dropbox, or similar.

Information is disclosed to authorities in cases required by law.

In connection with the outsourcing of the data controller’s IT management, processing of personal data may also occur by the data controller’s subcontractors, but only on behalf of the data controller.

Principles of Register Protection, i.e., How We Protect Your Personal Data

Access to the register requires a username granted by the Customer Register’s main user. The main user also determines the access level granted to other users. Only those employees of the data controller and subcontractors’ employees who need it to perform work-related tasks have access to the information. The information is collected in the service’s databases, which are protected by firewalls, passwords, and other technical means.

To the extent that personal data is processed on behalf of the data controller by its subcontractor, agreements between the data controller and the subcontractor ensure the arrangement of appropriate protective measures and ensure that the processing of personal data meets the requirements of data protection legislation.

There may occasionally be temporary local copies of register entries (such as Excel, CSV, and printouts) with authorized employees, for example for customer mailings and regular communication. Temporary copies are deleted after the purpose of use has ended.

Customer Rights and How I Can Act to Ensure Lawful Processing

Reviewing, Obtaining, and Transferring Information:

The Customer has the right to review what information concerning them has been stored in the Customer Register. The Customer must submit a review request to the data controller in writing in a personally signed form or in a document verified in a corresponding manner, or by email.

Notwithstanding the above, the Customer does not have the right to review information obtained to fulfill the reporting or inquiry obligation stipulated in the Anti-Money Laundering Act (Anti-Money Laundering Act 4:3 §). However, the Data Protection Ombudsman may, at the Customer’s request, review the lawfulness of the processing of this information.

The data controller will provide the aforementioned information to the Customer within 30 days of submitting the review request.

The Customer has the right to have customer information concerning them that they have provided transferred to a third party in a structured, commonly used, and machine-readable format. However, the data controller retains the transferred information in accordance with this privacy policy.

Correcting Incorrect Information:

The Customer has the right to correct information concerning them stored in the personal register to the extent that it is incorrect.

Objecting to or Restricting Data Processing and Deleting Information:

The Customer has the right to object to the processing of information concerning them for direct advertising, distance selling and other direct marketing, as well as market and opinion research and the data controller’s business development, and to restrict the processing of information concerning them, as well as the right to have personal data concerning them already registered for the mentioned purpose deleted, even if there would otherwise be a basis for processing the information.

Withdrawing Consent:

If the information in the register is based on the Customer’s consent, the consent can be withdrawn at any time by notifying the data controller’s representative mentioned in this policy. Upon request, all information that does not need to be retained, or cannot be retained, by law or other basis mentioned in this privacy policy will be deleted.

Procedure for Exercising Rights:

A review, correction, or other request can be submitted by contacting the data controller’s customer service using the contact information provided in this policy.

Disputes:

The Customer has the right to bring the matter to the Data Protection Ombudsman if the data controller does not comply with the Customer’s correction or other request.

Profiling and Automated Decision-Making:

The data controller does not conduct profiling directed at the Customer based on personal data or use automated decision-making.