We have received information that various scam messages are circulating in the name of Zolva. You may find more information about scam messages by clicking on this link.

Privacy Policy


Zolva Oy
Business ID 3160297–9
Pohjoisesplanadi 25-27, 00100 Helsinki
[email protected]
Privacy statement updated on 14th July, 2022


We process personal data in order to provide invoicing and debt collection services and for marketing purposes. The processing of personal data is always based on either the consent of the data subject, an assignment, the law or a justified benefit. Data is saved only to the extent and for as long as necessary in view of the purpose of processing or for meeting our statutory obligations.

Our customer register contains the information of clients’ and client companies’ contact persons that we need for fulfilling and delivering on our contracts and identifying the customers. We receive the data from the data subjects themselves, the employers of data subjects or from public sources, such as the Finnish Trade Register.

We process the personal data of customers (the object of debt collection) in order to carry out our invoicing or debt collection assignments and meet our statutory obligations.

Situations in which personal data is processed in order to carry out invoicing and debt collection assignments:
• identifying the customer
• delivering invoices, payment reminders, payment demands and payment schedule information
• customer service, including the handling of contacts and feedback and the saving of information related to the contacts
• solvency assessment
• accurate allocation and timing of debt collection measures and effectiveness monitoring
• managing legal proceedings and recovery proceedings
• contacts with authorities and courts
• payment handling
• accounts and reporting to clients
• returning excess payments to customers
• meeting the statutory data retention times and other obligations
• developing and testing services, business and systems.


We process personal data as necessary for the situation in question. Our data file can include the customer’s personal identity number or business ID, address and other contact information, native language, representative’s information, description of the invoice and debt, credit information, solvency information and assessments, court rulings and recovery proceedings, and information about contacting, customer service transactions, invoices, debt collection and payments.

We do not process special groups of personal data (so-called sensitive data), unless this has been agreed upon with you or unless necessary for presenting or defending legal claims. It might be in your best interests to notify us of matters that affect your ability to pay, such as an illness or disability. In this case, we can agree on, for example, an extended payment schedule or breaks or other changes in the payment arrangements. This information is only used with your express and documented consent.


We protect the personal data we process against misuse, loss and other unlawful access with up-to-date, appropriate organisational and technical protection means. Examples of technical data protection means include access right management, firewalls, and the use of various encryption methods and protected networks in our daily operations. Our hardware and premises are also safe from the point of view of the processing of personal data. Our data centre has round-the-clock video surveillance.

In our organisation, we restrict access to your personal data through access right control and access management. Your personal data is only processed by employees whose role includes processing and who are justified to process personal data because of their duties. All our personnel have signed non-disclosure agreements.


We store personal data only for as long as necessary for the purpose of the processing. For example, for as long as the customer relationship continues. Shorter or longer retention periods can be specified in legislation. For instance, information related to debt collection must be stored for five years after the end of the collection activities, regardless of the specific purpose of the information.


We may disclose personal data to our service providers whose right to process the data is only limited to the extent of the services they provide. These service providers include mail carrier, communications and advocacy services. We also disclose personal data to credit rating operators (such as Asiakastieto Oy and Bisnode Finland Oy) and to authorities, when permitted by legislation.

If you move abroad, your data can be disclosed to local debt collection operators in order to carry our the collection activities. In this case, only the necessary personal data is disclosed to the foreign country. In general, personal data is not disclosed outside the European Economic Area.

Personal data may be disclosed to third parties also if you have given your consent to the disclosure.


We may use automated decision-making to avoid unnecessary costs and select the best debt collection method. As part of automated decision-making, we can use scoring to decide the further processing of your case.

According to our understanding, the automated decision-making used for debt collection does not have notable consequences for the customer, such as legal consequences. The decision-making does not affect your existing contract or your contractual obligations and rights.

You have the right to request human participation in the processing or your data and a re-assessment of your scoring, if you feel that your case was not handled fairly.


The EU data protection regulation tells you what rights you have when a company or organization processes your personal data.

You have a right to:
• to receive information about the processing of your personal data
• gain access to your personal data
• correct the data
• delete data and be forgotten
• restrict data processing
• transfer data from one system to another
• object to data processing
• not to be subject to automated decision-making.

Not all rights can be used in all situations. The situation is affected, for example, by the basis on which your personal data is used.

If you believe that your data is not processed in accordance with justice or law, you can contact us by email ([email protected]) or by letter. You can also file a complaint to the Data Protection Commissioner:

Data Protection Commissioner’s Office
Lintulahdenkuja 4, 00530 Helsinki
PL 800, 00531 Helsinki
[email protected]


We reserve the right to change this statement in connection with the development of our operations, changes to the processing or personal data or legislative amendments, ensuring that our privacy always complies with legislation.



This site is registered on wpml.org as a development site.