July 3, 2016

1. Controller

Posti Group Corporation
Postintaival 7, FI-00230 Helsinki / PO Box 1, FI-00011 POSTI, Finland

2. Contact person for register-related matters

Carl Hoffman
PO Box 1, FI-00011 POSTI, Finland
carl.hoffman @ posti.com, tel. +358 20 4511

3. Name of register

Register of Posti Group Corporation on the executives referred to in the market abuse regulation of the European union, their circle of acquaintances and their business operations

4. Purpose of personal data processing

The purpose of the register is to comply with the control referred to in article 19 of the regulation on market abuse ((EU) 596/2014) regarding the business operations of the executives and their circle of acquaintances.

5. Data content of register

In terms of the executives and their circle of acquaintances, the following information is to be marked in the register:

  • The executive's position
  • For the circle of acquaintances: grounds for being included in the circle of acquaintances
  • Name of the natural or legal person, a form of identification if delivered (date of birth, business ID)
  • Start date of position or relationship as an executive or acquaintance
  • Contact details (telephone, e-mail, mailing address)
  • Business notifications received from the registered party and published

6. Regular sources of data

The executive and their circle of acquaintances and public sources of data, such as the Trade Register and the Business Information System.

7. Regular disclosure of data

Information can be disclosed by parties referred to in the market abuse regulation and the related control measures. The parties may include legality control authorities in the EU area, such as the Financial Supervisory Authority and the police in Finland.

8. Transfer of data outside the European Union or the European Economic Area

Data is regularly transferred to Posti Group Corporation's countries of operation outside the EU. Due to the technical processing of data, some of the data may be physically situated on external subcontractor servers or hardware, through which they are processed via a technical remote connection. Personal data is not transferred outside the European Union or the European Economic Area, unless it is necessary for the technical implementation of the service. In all cases, the precondition for disclosing and transferring data is that the parties receiving and processing the data have signed an agreement with Posti Group Corporation that ensures the legal processing of the data.

9. Principles of register protection

A) Manual material
Posti Group Corporation is responsible for the confidentiality, quality and accuracy of the personal data in accordance with general information security principles. Separate instructions have been prepared on the processing of sensitive data.

B) IT-processed data
Posti Group Corporation is responsible for the usability, integrity and accuracy of the data in the register. Data is transferred using information security solutions that comply with Posti Group Corporation's information security principles. Data is encrypted in compliance with the information security principles of Posti Group.

10. Right of access

After delivering the information necessary for searching data, each person will have the right to know which information regarding them has been saved in the personal data file or whether any information regarding them has been saved in the register.

Anyone wishing to review the information regarding themselves must present a related request to the controller with a personally signed document or by personally visiting the controller. The aforementioned request must be delivered to the aforementioned contact person.

11. Right to demand data correction

Any demands on correcting the information must be addressed to the controller's contact person.