Data Protection / GDPR

In this page we have gathered information on how Rantalainen’s data protection policies regarding GPDR (General Data Protection Regulation), which came into force on 25.05.2018. The GDPR contains obligations to companies who process personal data.

Updated at 9.8.2022

GDPR in a nutshell

The GDPR contains new obligations regarding processing of personal data and data protection. Integral in the new regulation is the risk-based approach and data controller’s obligation to demonstrate that its processing activities are compliant with the requirements of the GDPR. The Data controller is required to handle sensitive data with caution. Additionally, the data controller must be able to demonstrate that it is operating according to the regulation.
Additional information about the GDPR can be found from:
Data Protection Ombudsman

Rantalainen’s contractual reform

Rantalainen is updating existing service agreements with its customers to be compliant with the General Data Protection Regulation. Simultaneously Rantalainen will update the accounting firm conditions (KL2004), which have been in use since 2004. In the new conditions (TAL2018), which are widely applied in the accounting industry, various matters are taken into consideration regarding the development and shift of accounting services. Simultaneously the understandability and readability of the terms have been improved.

We at Rantalainen have also taken the EU General Data Protection Regulation (GDPR) into account in the new conditions by composing a separate data protection agreement. In the renewed terms, the requirements that electronic services and electronic communication with authorities constitute, are also considered. Additionally, the contract responsibilities are defined more precisely than earlier, due to the development of information technology.

Simultaneously with the renewal of the conditions, we at Rantalainen have expanded our liability insurance to answer to the requirements of our new services and increased the accounting firm’s contractual liability limit in the event of damage. The limit has been raised from the industry standard 10.000 euros to 100.000 euros this applies to each of our customers.

Customer-specific exceptions from the contract terms, which have been specifically agreed upon, will stay in effect unless otherwise agreed upon.

The contracts will be updated digitally. The contact persons of our clients will receive a link through which they can digitally sign and accept the new conditions. If the client wishes, the contract update can be delivered and signed in paper form.

Updated service agreements

The updated service agreements consist of the documents below

Attachment Description Download
Accounting services contract Customer specific contract regarding the production of services
General conditions Taloushallintoliitto’s general conditions (TAL2018)
RAN GDPR 2018 Rantalainen’s modified conditions based on Taloushallintoliitto’s general conditions
Attachment 1-A Record of Processing Activities
Attachment 1-B The Accounting Firm’s Data Security of Personal Data
Attachment 1-C A record and instructions on personal data processing provided by the client
Attachment 2-B Information security of personal data in software

Rantalainen as a personal data processor

Information security in ensured by both technical and organizational measures. Personal data processing is executed in a appropriate and secure manner. Personal data processing and data security is illustrated in the documents above attachment 1-A and 1-B.

Software and subcontractors used by Rantalainen

Software used by Rantalainen, software providers and subcontractors who are responsible for them are for their part personal data processors. Below we have listed links to the software providers and subcontractors data security web sites. Additionally, the data security of different softwares is illustrated in the attachment 2-B.

Data Protection Officer

Rantalainen’s acting data protection officer is director of legal affairs Kimmo Martikainen (, 040 555 8081)

Your contact person in contractual issues

Primarily service managers, service executives and your personal contact person will address your questions. However, if you prefer you may also contact the persons below.

Kimmo Martikainen

Sopimukselliset ja EU-tietosuojaan
liittyvät asiat
Lakiasiainjohtaja, varatuomari

040 555 8081

Toni Borgman

Järjestelmien tekninen suojaus

045 329 8511

Toni Takala

Järjestelmien tekninen suojaus

044 753 5706