• Trustable, Secure and Provable Automation of Regulatory Compliance

    Digitalize regulatory compliance

    and reduce your associated cost by 50%

  • What We Do

    Our mission is to turn regulatory compliance into an automated, real time process. We support leading auditors and banks with solutions tailored to the following domains: financial audit; asset backed securitization; KYC automation and internal control.

    3 Step Transformation to Continuous Audit

    Read how our solution can help you transform your approach to financial audit in three concrete steps - and slash the cost by over 50%

    iconicChainServer

    Open-source high speed blockchain for compliance data

    Distributed ledger for storing all the data, documents and records needed for establishing compliance.

    Immutable, chronological, reliable, fast.

    Generic and re-usable across industries and different companies. And it's free.

    iconicSecurities

    Full automation of Asset-backed Securitization transactions

    From pool selection, through transaction setup to regulatory and investor reporting: we have you covered. We support all required reporting standards: ESMA, COREP and many more.

    iconicCompliance

    Real-time compliance analysis

    Continuously analyze and assess compliance of regulated companies.

    Reliably establish full compliance. In real time.

    Always.

  • Who We Are

    Our founder team brings together a unique combination of business acumen, deep domain expertise and technology know how to deliver disruptive solutions leveraging technologies such as high speed private blockchain and machine intelligence. With experience from global companies and lean startups, we have what it takes to meet the challenges faced by regulated companies.

  • Our Solutions

    We offer solutions to banks, auditors and other highly regulated companies. Here's a sample of our solutions

    Automated Asset Backed Securities

    Full life-cycle management & compliance

    Working with leading banks, we developed the world's first blockchain based solution for automating setup, transaction, servicing, reporting and compliance management of asset backed securities.

    Automated, full scope Financial Audit

    Real-time, full scope, secure financial audit. At 40% lower cost.

    Our solution profoundly transforms the approach to audit. Instead of sample based, limited scope analysis, we enable continuous, rule based analysis of the full scope of economic activity - allowing the auditor to focus on what really matters. And save over 40% of the cost.

  • iconicchain in social media

    What others & we say about ourselves in social media

  • iconicchain in the news

    What the world says about us

    iconicchain selected Finland's most innovative FinTech startup!

    February 2018

    We are proud to be selected as Finland's most innovative FinTech startup by Business Finland. See more here

  • Connect With Us

    We'd love to hear from you.

    ×
    PRIVACY NOTICE 
    With this Privacy Notice we provide you information about why and how we process your personal data in our business operations. Please note that we process personal data both as a controller and a processor (see Section 3 of this Privacy Notice for more information of our data processing activities as a processor).
    
    We process your personal data for the following purposes as a controller:
    a)	Customer relationships
    b)	Strategic analysis of customer data to develop services and fulfil customer needs
    c)	Business partner relationships
    d)	Communications
    e)	Social media
    f)	Cookies
    g)	Recruiting
    
    I. WHAT TERMS ARE USED IN THIS PRIVACY NOTICE?
    
    Controller means the party responsible for processing the personal data of the data subject.
    
    Customer means our customer who uses our Service.
    
    Data subject is a term for a human being in accordance with data protection laws.
    
    Legal basis for processing means the legal ground on which the controller processes the data subject's personal data. The lawfulness of processing is described in Article 6 of the GDPR.
    
    Personal data means any information concerning the data subject or information by which the data subject can be identified.
    
    Privacy notice means a document drawn up in accordance with Articles 13 and 14 of the EU General Data Protection Regulation (hereinafter ”GDPR”), through which the controller informs data subjects of the ways their personal data is processed.
    
    Processor means the party who processes personal data on behalf of the controller.
    
    Purpose for processing means the reason why the controller processes the data subject's personal data.
    
    II. OUR CONTACT DETAILS
    
    iconicchain Oy (Business ID: 2875875-3) 
    Lodenkuja 2 J, 
    02450 Sundsberg, Finland
    
    If you have any questions regarding the privacy notice, please contact our DPO at dpo@iconicchain.com. 
    
    III. WHEN ARE WE A PROCESSOR?
    
    We are a processor and our Customers are controllers for the personal data of our Customers’ customers. 
    
    We process the personal data of Customer’s customers on behalf of our Customers when the Customers use our Compliance Services.   
    
    When we process personal data of Customer’s customers on behalf of our Customer, we comply with the provisions of relevant data processing agreements.
    
    IV. WHY DO WE PROCESS YOUR PERSONAL DATA?
    
    We process your personal data in accordance with the processing purposes listed below. In the sections on processing purposes, you will find information on what personal data we process and on what legal basis we process your personal data.
    
    a)	Customer relationships
    
    Explanation: Personal data is processed to conclude and carry out customer relationships. 
    Category of data subjects: Customers.
    Categories of personal data: Contact details and customer relationship data.
    Legal basis for processing: Performance of our contractual obligations with the Customers.  
    
    b)	Strategic analysis of customer data to develop services and fulfil customer needs 
    
    Explanation: Personal data is processed to develop our services and better fulfil customer needs.
    Category of data subjects: Customers.
    Categories of personal data: Contact details and customer relationship data.
    Legal basis for processing: Our legitimate interests, according to which we develop our services and better fulfil customer needs. Our interests override those of the Customers, as we need to be able to analyze our data to enhance our services. 
    
    NB! You may have a right to object data processing for these purposes (see section concerning your rights). 
    
    c)	Business partner relationships
    
    Explanation: Personal data is processed to conclude and carry out business relationships.
    Category of data subjects: Business partners (contact persons).
    Categories of personal data: Contact details and data related to our relationship.
    Legal basis for processing: Performance of our contractual obligations with our business partners. 
    
    d)	Communications
    
    Explanation: Personal data is processed to carry out communications.
    Category of data subjects: People who contact us.
    Categories of personal data: Contact details and possible other data disclosed to us by the data subject.
    Legal basis for processing: Our legitimate interests, according to which we carry out our communications. Our interests are in line with those of the people who contact us, as they expect us to process their data for communications purposes.
    
    NB! You may have a right to object data processing for these purposes (see section concerning your rights). 
    
    e)	Social media
    
    Explanation: Personal data is processed in our social media sites and accounts.
    Category of data subjects: People who contact us.
    Categories of personal data: Contact details and possible other data disclosed to us by the data subject.
    Legal basis for processing: Our legitimate interests, according to which we manage our social media. Our interests are in line with those of the people who contact us, as they expect us to process their data for communications purposes. 
    
    NB! You may have a right to object data processing for these purposes (see section concerning your rights). 
    
    f)	Cookies
    
    Explanation: Personal data is processed in cookies of our websites.
    Category of data subjects: People visiting our websites.
    Categories of personal data: IP addresses.
    Legal basis for processing: Consent based on the Act on Electronic Communications Services of Finland (917/2014). 
    
    Please have a look at our Cookie Notice for more information about cookies used in our websites. 
    
    g)	Recruiting
    
    Explanation: Personal data is processed to carry out recruiting.
    Category of data subjects: Job applicants.
    Categories of personal data: Contact details, CV data, videos and pictures and possible other data disclosed to us by the data subject.
    Legal basis for processing: Our legitimate interests, according to which we carry out our recruiting. Our interests are in line with those of the job applicants, as they expect us to process their data for recruiting purposes. 
    
    NB! You have a right to object data processing for these purposes (see section concerning your rights). 
    
    V. FROM WHERE DO WE COLLECT YOUR PERSONAL DATA?
    
    We collect your personal data from different sources, depending on our purposes for processing personal data. 
    
    a) Customer relationships / b) Strategic analysis of customer data to develop services and fulfil customer needs / d) Communications / e) Social media / g) Recruiting
    
    We collect your personal data for these purposes from yourself.
    
    c) Business partner relationships
    
    We collect your personal data for these purposes from yourself, our business partners and different public sources (e.g. trade register and social media).
    
    f) Cookies
    We collect your personal data by using cookies.
    
    VI. DO WE TRANSFER YOUR PERSONAL DATA?
    
    We may transfer personal data to third parties as a normal course of our business. When personal data is transferred to third parties, we ensure that the transfers are carried out in a secure way and in accordance with adequate data protection agreements.  
    
    We may also transfer personal data to third countries. When doing so, we ensure an adequate level of data protection, e.g. by using standard contractual clauses issued by the European Commission, and other similar arrangements. 
    
    All personal data may be transferred to data storage and communications services providers. Accounting related data may be transferred to financial management services providers. 
    
    VII. HOW LONG DO WE RETAIN YOUR PERSONAL DATA?
    
    The retention period of your personal data depends on the purposes for which we process your personal data. We inspect the necessity of the personal data stored regularly and keep records of the inspections.
    
    a) Customer relationships / c) Business partner relationships
    
    We process and retain personal data for as long as our contractual relationship is in effect.
    
    b) Strategic analysis of customer data to develop services and fulfil customer needs 
    
    We process and retain personal data for as long as it is necessary to fulfil the purpose of data processing. 
    
    d) Communications
    
    We will process and retain the necessary personal data for three (3) years after the contact. 
    
    e) Social media
    
    We will process and retain social media information until individuals remove their information from our social media channels.
    
    f) Cookies
    
    The retention period depends on each cookie used. 
    
    g) Recruiting
    
    We will process and retain the necessary personal data for a maximum of twelve (12) months from the receival day of your job application.
    
    VIII. WHAT DATA PROTECTION RIGHTS DO YOU HAVE?
    
    You may have the right to use the below listed data protection rights. The contacts concerning the rights shall be submitted to the controller’s contact person. Your rights can be put into action only when you have been satisfactorily identified.
    
    You may also have a right to lodge a complaint to the supervisory authority, if you think that the processing of your personal data infringes the data protection laws. 
    
    Right to inspect
    
    The data subject has a right to inspect what data the controller has stored of him/her.
    
    Right to rectify and erasure
    
    The data subject has a right to request the controller to rectify or erase the personal data concerning the data subject on the grounds provided by law.
    
    Right to restriction of processing
    
    The data subject can request the controller to restrict the processing of the personal data concerning the data subject on the grounds provided by law.
    
    Right to data portability
    
    The data subject shall have a right to receive the personal data concerning him/her, which he/she has provided to the controller, in a structured, commonly used and machine-readable format where the processing is performed automatically and based on consent or a contract.
    
    Right to object
    
    Where personal data are processed for direct marketing purposes, the data subject shall have the right to object at any time to processing of personal data concerning him/her for such marketing.
    
    Where personal data are processed on the basis of the legitimate interests of the controller, the data subject shall have the right to object the processing of personal data concerning him/her for such purposes in accordance with the law.
    
    Automated individual decision-making, including profiling
    
    The data subject shall have a right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him/her or similarly significantly affects him/her.
    
    Right to withdraw consent
    
    Where the legal basis for the processing of personal data is the consent of the data subject, the data subject shall have the right to withdraw his/her consent.
    
    IX. CAN THIS PRIVACY NOTICE BE AMENDED?
    
    We may unilaterally amend this privacy notice. We update the privacy notice as necessary, for example, when there is a change in legislation. Amendments to this privacy notice will take effect immediately when we post an updated version on our website.
    
    If we make significant changes to the privacy notice, or if there is a significant change in the way it is used, we will notify the data subjects.
    
    (Last update 25 March 2021)