Information for data subjects whose personal data from sanction lists are processed by the Controller

Pursuant to Article 14 sec. 1–2 and 5 let. b of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (“GDPR”), Finobserve sp. z o.o. provides the following information regarding the processing of your personal data:

1. Controller

The controller of your personal data is Finobserve sp. z o.o., with its registered office in Kraków, Kazimierza Morawskiego 5/323, 30-102 Kraków, entered into the Register of Entrepreneurs of the National Court Register kept by the District Court for Kraków – Śródmieście in Kraków, 11th Commercial Division of the National Court Register, under KRS number: 0001120697, NIP (Tax Identification Number): 6772514021, share capital: PLN 5 000.

2. Contact with the Controller

You may contact the Controller:

1) by email at – gdpr@fin-observe.com

2) by telephone at – +48 (737) 170 - 043

3. Purposes and legal basis of processing

The Controller processes personal data in order to make them available as part of the services offered and to enable clients to carry out business verification of economic entities.

The legal basis for the processing of personal data is the legitimate interest pursued by the Controller (Article 6 sec. 1 let. f GDPR), which consists in making personal data available within the services offered and enabling clients to verify business entities.

4. Categories of data

The Controller processes personal data available on sanction lists, in particular: name and surname, date of birth, place of birth, applied sanctions, justification for inclusion on the list, date of inclusion, and date of removal from the list.

5. Recipients of the data

The Controller may disclose your personal data to:

1) clients using the Controller’s services,

2) subcontractors (entities whose services the Controller uses in processing), such as IT service providers.

6. Source of data

The Controller obtained personal data from publicly available sources, i.e. from sanction lists. A full list of sanction lists used by the Controller can be found at (_).

7. Data retention period

The Controller stores personal data for as long as the Controller’s legitimate interest exists.

8. Automated decision-making

The Controller performs automated linking of personal data originating from different registers or published lists in order to present connections between data subjects.

9. Data subjects’ rights

You have the following rights:

1) the right of access to your personal data and to obtain a copy thereof;

2) the right to rectification of personal data;

3) the right to erasure of personal data;

4) the right to request restriction of processing of personal data;

5) the right to data portability;

6) the right to object to the processing of your personal data;

7) the right to lodge a complaint with the supervisory authority.

To exercise the above rights, you may contact the Controller.

Book Demo

FinAP CheckLists

API FinAP CheckLists

Features

Compliance

KYC & KYB

AML & CTF

History & Mission

Careers

Contact

Follow Us

AML Laws in Poland

AML Laws in Ukraine

Useful

Information for data subjects whose personal data from sanction lists are processed by the Controller