Lasku maksamatta?
Vinkit ja neuvot
Intrum yrityksenä
Ota yhteyttä
Intrum uudistuu 

 

Päivitämme ulkoista ilmettämme, joten näet jatkossa sivuillamme uusia värejä ja muotoja. Olemme silti edelleen sama luotettava Intrum ja täällä tukenasi maksuasioissa. Voit lukea lisää uudistuksesta verkkosivuiltamme.

 

 

 

 

‹ Tietosuoja ja käyttöehdot

Privacy Policy for Customers

In this Privacy Policy we will give you information on the processing of your personal data in connection with our services such as collection and debt purchase.

    What personal data we process about you?

    We collect and process your personal data that is necessary for the provision of our services, among other things, such as:

    • Your identification and contact information, such as name, personal identity code or date of birth, address, phone number, email address,  potential bank contact information and contact transaction information.
    • Your data related to collection and invoicing, such as; the case number of your collection case, client reference number, the creditor, the amount and basis of the receivable, as well as the information regarding its payment and other information related to you collection case. These also include the necessary information we receive from authorities and public registers, such as public credit information, authority decisions and enforcements. In addition, the information necessary for handling the invoicing and/or collection notified to us by the original contract party. If necessary, we also process information about vehicles such as ownership and/or keeper information. We also process recordings of phone conversations with our customer service.
    • Information you may have provided to us regarding the reasons for the payment delay. These may include personal, family or work-related reasons.
    • Information about third parties related to the debt collection case, such as the names and contact information of authorized persons, trustees or other contact persons.
    • In addition, we can process e.g. late payment and credit history information as well as information on debt, income, wealth, credit, payment history and credit rating.

    Do we process any sensitive personal data?

    Unless otherwise agreed with you or unless it is necessary for the establishment, exercise or defence of legal claims, we will not process special categories of personal data i.e. so-called sensitive personal data, such as: race or ethnic background, political, religious or ideological beliefs, trade union memberships, health, sexual orientation or sex life.

    However, it may be in your best interest to inform us of personal circumstances affecting on your ability to repay or a social force majeure to performance. This will allow us to take reasonable steps to accommodate your needs or requirements such as allowing sufficient breaks in your payment arrangement, providing breathing space to seek free independent debt advice, or adjusting your payment arrangement. Except in cases of social force majeure we will not record any sensitive personal data in our IT systems.

    We use this information to help you. Data is stored as long as it is necessary for this purpose or until data processing is necessary to present or defend in legal claims.

    For what purposes is your personal data processed?

    We process your personal data when the receivable has not been settled in accordance with the original agreement. The purpose of the processing is then the collection of an overdue receivable or the purchase of overdue receivables for collection. Within collection, data is processed to handle debt collection assignment during amicable and legal collection, as well as during collection-related litigation, criminal and bankruptcy, debt restructuring, company restructuring and application matters.

    To protect the confidentiality of your personal data, we process your identification and contact information for communication and for safe and appropriate identification.

    We also use the data to process payments and when we report collection to third parties such as enforcement authorities or credit agencies. The information is also used for client reporting and for managing, verifying and monitoring customer service situations.

    Your data can also be used for training, testing and development of our business and services, and research related to development of our customer satisfaction surveys. Telephone recordings are used to develop customer service and to confirm customer transactions afterwards.

    We also use your data for profiling and automatic decision-making. Information of your payment history and information on the results of previous collection measures are used to assess your ability to pay and through this automatic decision-making to choose the most suitable collection measure for you. Assessment and scoring of your ability to pay are necessary to ensure compliance with Good Debt Collection practices, such as to prepare payment plans that are appropriate for you to avoid unnecessary debt collection costs. Your rights and obligations are determined based on the agreement you made earlier, so profiling and automatic decision-making do not cause you legal effects or other similar significant effects. The purpose of these actions is only to help us choose the most appropriate collection measures for your financial situation.

    We will also process your personal data to improve, analyze, evaluate and develop our services within debt collection. We will process your personal data for this purpose only when it is necessary and cannot be achieved with less intrusive means. This means that we will always anonymize or aggregate the personal data in advance if possible. If that is not possible, we will ensure that we protect and secure your data by pseudonymizing it with encryption techniques or other appropriate safeguards. We perform these processing activities based on our legitimate interest as a business and only for as long as it is necessary to achieve the purpose.

    As a part of our corporate responsibility and the services we offer, we also produce anonymized statistical data, scoreboards and analyses, which may also use your data as a starting point. After anonymization, the information we have about you may be used to help develop our business. However, your personal data may be used as is, if it is necessary to secure you data and to ensure the appropriate test development and changes of our information systems.

    We have several statutory obligations, the fulfillment of which requires the processing of personal data. These include e.g. legal obligations related to accounting, anti – money laundering and international sanctions regulations. Your personal data can also be processed to fulfill our other statutory obligations, such as preparing official reports to the authorities.

    On what basis do we process your personal data?

    We will only process your personal data if we have a legal ground to do so. Your personal data may be passed to us for the purposes of debt collection in the event that repayments are not made as agreed under the terms of your original agreement. Your personal data may also be passed to us in case we have purchased your debt. We also provide other services such as invoice delivery, invoicing, ledger, credit information and financing services. To be able to deliver these services we may have been provided with, and will process your personal data in processor role.

    In accordance with collection services processing is necessary for the purposes of the legitimate interests pursued by your previous agreement party or us or for the performance of a contract to which you are party. Processing may also be necessary to comply with our various statutory obligations, such as to ensure compliance with good debt collection practices or to prepare official reports. The processing of personal data that is necessary for the reasons mentioned above is therefore allowed, even if you do not give your consent to the processing.

    The processing of personal data in connection with debt collection activities can also be considered a task in the public interest. Debt collection activities contribute to a healthy economy by helping companies to get paid for their products and services in a responsible way that takes into account the situation of the end customer.

    Your consent is neither required in relation to our debt purchase services if your debt is purchased by us or another entity in Intrum Group, in which case the party that purchased the debt becomes your new contractual partner. 

    Based on your consent, information about your collection cases and your collection history can be shared with credit provider or service provider as a part of credit application process on a one-time basis.

    We store your personal data securely in accordance with the requirements of data protection legislation.

    From what sources do we collect your personal data?

    When it is necessary for the performance of the contract or in accordance with our legitimate interest, we can verify that the data we hold is correct and enrich your personal data by combining it with data from different sources, among others, the following sources:

    • From our client, who can be the original creditor, a company that has purchased the debt or a company that sells your invoice to us
    • From you or your representative, agent or trustee
    • Through the implementation of our services (information related collection)
    • From Digital and Population Data Services Agency (address and personal information as well as information of guardianship of an adult)
    • From the Legal Register Centre (bankruptcy, corporate restructuring and debt adjustment information)
    • From the credit information registers of credit information companies (public payment remark information)
    • From the The Business Information System (company and organisation information)
    • From the Tax Administration  (Public tax information and income, tax information in certain cases)
    • From the Finnish Patent and Registration Office (invoicing and/or collection customer identification information)
    • From number, address and contact information service companies (phone numbers and address information)
    • From The Finnish Transport and Communications Agency Traficom (vehicle owner and holder information)
    • From courts, the police and enforcement authorities

    Do you need to provide us with your personal data?

    You do not have to provide us with any personal data. The vast majority of the personal data we process comes from sources other than yourself. We obtain data from, for example, your original contract parties and we enrich the data with information we receive from Credit Reference Agencies, public registers, our clients and authorities, as well as with payment history information previously collected from you.  

    However, you may choose to provide us with additional personal data. Such information may even help us handle your case, and it is usually to your benefit. For example, you may have a valid reason for why you have not paid your debt which you may want to share with us, or if we agree to set up a payment plan to help you pay your debt you may want to provide certain details for making the payment plan reasonable and attuned to your specific situation.

    Will we share your personal data with others?

    We will only share your personal data to third parties if there is a legal basis or other legitimate grounds for doing so. We can share your data to parties, that participate in the production of our services, e.g. to the following entities:

    • To the client whose receivables we collectTo the invoicing and/or collection customer, i.e. you, your trustee or the entity you appoint
    • For courts, enforcement authorities and police authorities
    • To the authorities supervising our operations
    • For credit information companies
    • To Tax Administration for Positive Credit Register
    • To insurance companies for handling of our client’s legal expenses insurance
    • For foreign debt collection agents in connection with international debt collection services
    • For number, address and contact information service companies and the Digital and Population Data Services Agency for checking information
    • Name and address information to delivery companies for mailing letters

    We also share your personal data with our external service providers who facilitate us or provide part of our services. These include, for example, audit-, printer and mail services, IT, - telephone and messaging services, as well as services that offer customer experience measurement, legal services and internal service providers of the Intrum Group.

    Our employees will have access to the personal data. In such case, access will be granted only if it is necessary for the purposes described above in terms of the job duties of the employee in question. All our employees are bound by an obligation of confidentiality.

    Will your personal data be transferred abroad?

    As a general rule, personal data is not transferred outside the European Economic Area (EEA). We are part of the Intrum Group, so the data may be transferred to another country. In that case, we will ensure that appropriate safeguards in accordance with the EU General Data Protection Regulation (GDPR) are followed.

    In accordance with international debt collection services, depending on the situation, your personal data may be transferred outside of Finland within the EEA area or outside the EEA area to our collection agent operating in the target country.

    International debt collection can be divided into two different situations in terms of data transfer:

    1)       You live abroad, and you have a debt case/s in Finland. In this case, we may send your data for the collection of your debts to our sister office or our collection agent  or, if you live outside the EEA, to our collection agent located there.

    2)      You live in Finland, and you have a debt case/s abroad. In this case, your debt can be collected in Finland on behalf of our sister company or agent.

    Privacy Policies for all Intrum entities are available at Privacy & terms | Intrum

    Only our collection agents operate outside the EEA. For this reason, we have agreed with all our agents on the use of standard contract clauses approved by the EU Commission in order to secure your personal data and to ensure the level of personal data protection in accordance with the Data Protection Regulation. We will never transfer your personal data outside the EEA without ensuring adequate data protection and a level of data security.

    Our external vendors who provide us data storing services may have access to the personal data we process. The vendors who act as processors of your data and, in order to secure your data, undertake to comply with the data processing agreement they have entered into with Intrum. These vendors may also be located outside the European Economic Area, for example in the United States. In these scenarios personal data is always stored within the EEA. We will never transfer your personal data outside the European Economic Area without ensuring the protection and safe processing of the data. Therefore, we make sure that potential recipients of the data outside the EEA region have signed the standard contractual clauses approved by the EU Commission before data transfer, or that the data protection legislation of the recipient country in question guarantees an adequate level of data protection according to the decision of the European Commission. We may disclose information outside of these groups if required by law, for example to combat fraud or anti-money laundering.

    How long do we store your personal data?

    We retain your personal data for as long as it is necessary for the legitimate purpose for which the data was collected, or for as long as we have a legitimate interest in retaining the data. The retention period of your data may also be determined based on special legislation. The retention period can be determined, for example, in accordance with the Act on the Registration of Debt Collection Agencies, the recommendations of the Bar Association or the requirements set by the Accounting Act.

    According to collection regulation, we store personal data related to the collection case for five (5) years from closing the case unless a longer retention period is required by law.

    Based on the recommendation of the Bar Association, we keep information related to a litigation or other legal assignment for 10 years from the termination of the assignment.

    In accordance with the Accounting Act, we keep account transactions related to accounting for six (6) years from the end of the accounting year. Call recordings are kept for six (6) months starting from the recording of the call.

    In situations where we might be a subject to a compensation claim and in order to defend ourselves against legal claims, we retain information related to the damage event in accordance with the statute of limitations for three (3) years from the detection of the damage. Investigations related to the fight against money laundering or the fight against fraud may in certain situations require a different storage period than usual.

    Will you be subject to automated decision-making?

    To choose the most appropriate collection method and to avoid unnecessary collection costs, we may use automated decision-making. It is also necessary for handling of your case in an efficient and timely manner. Scoring may be used in relation to automated decision-making to define the most appropriate collection measures in your case. The score is based on our payment surveys that help us to predict your future payment behaviour together with your earlier payment history, and payment default information as well as your age and residence. A score is awarded by automated means, and the score defines, for example, whether we will continue amicable collection or if we should proceed to legal collection or enforcement.

    We do not consider the automated decision-making to produce legal effects or similarly significantly affect you, as it does not affect your rights and obligations based on your earlier contract. If you believe that we have handled your case wrongly due to the score, you may ask us to manually reconsider the score by human intervention.

    What rights do you have?

    We process your personal data reliably and securely. Please note that there are legal obligations related to data retention and therefore we may be required to handle your data despite of your request to restrict the handling or delete the data. Although we do not need your consent to process your personal data, you still have many rights related to the processing of personal data.

    In Invoicing and Sales Ledger Services, Credit Information Services for personal credit information and information delivered to positive credit register, our client acts as the controller and is responsible for implementing your rights.

    Right to Access

    You have the right to receive information about how your personal data is processed. This applies, among other things, to the following information:

    • Why we process your personal data
    • Which personal data groups do we process
    • To whom we disclose personal data
    • How long do we keep personal data or the basis for determining the retention period
    • What rights do you have
    • Where have we received your personal data (unless we have received it from you)
    • Does the processing involve automatic decision-making
    • If your personal data has been transferred to a country outside the European Economic Area, how have we ensured the protection of personal data
    • All the above-mentioned principles regarding the processing of personal data are presented in this data protection statement.

    You also have the right to receive a copy of the personal data we process about you. However, a fee will be charged for additional copies.

    Right to correction

    It is important that the information we have is correct. If there are errors in the personal data (for example due to a change of name or address), it is a good idea to inform us about them.

    The right to erasure/ be forgotten

    If you think we are processing personal data illegally, for example for an unnecessarily long time, you can ask us to delete the data.

    The right to restriction

    A person who has requested the correction of their personal data or objected to its processing has the right to limited processing until we have had time to clarify the matter, confirm the accuracy of the personal data or change it in accordance with the instructions we have received. Personal data can then only be processed with your consent or in connection with legal requirements, to protect the rights of another person or when an important public interest requires processing.

    You can also demand that the processing of personal data be restricted if you think the processing is illegal, but you do not want the personal data to be deleted.

    The right to object

    If you want automated decision-making to be re-evaluated, you can object to the processing of the matter. You can also object to the processing if the processing is based on our or our customer's legitimate interest. In this case, we will continue processing the data only if we are able to justify this with compelling reasons that outweigh your interests, rights and freedoms. However, we always have the right to process your personal data if it is necessary to present or defend legal claims. You also have the right to object to direct marketing directed at you at any time.

    The right to data portability

    You have the right to receive from us in a structured, commonly used and machine-readable form the personal data about you that you have submitted to us for processing on the basis of consent or for the execution of a contract. You also have the right to request that the data in question be transferred to another controller.

    The right to appeal

    If you are not satisfied with our answer or if you think that we are processing your data unfairly or unlawfully, you can complain to the Data Protection Authority (DPA). More information about the DPA and the complaint procedure is available at www.tietosuoja.fi

    The right to withdrawal of consent

    You have the right to withdraw consent for the processing measures that are based on consent. In that case, we will stop processing based on consent. We also inform other parties to whom we may have disclosed your personal data about your requests related to the exercise of your rights.

    How can you complain about the use of your data or exercise your rights?

    If you want to complain about the processing of your personal data or about something related to your right mentioned above, you can contact our data protection officer to clarify the matter.

    Data Protection Officer: tietosuoja@intrum.com

    Our data protection officer will be happy to answer your more detailed questions about how we process personal data.

     

    The Controller:

    Intrum Oy (Business ID 1470246-8)
    Postal address: PB 47, FI-00811 Helsinki
    www.intrum.fi

     

    This Privacy Policy has been updated 04.11.2025