Dated April 30, 2018
1 GENERAL INFORMATION
2 DATA OTHER THAN PERSONAL DATA
The Supplier may collect data other than data classified as personal data from its users using various methods. This data is necessary for monitoring the use of the Website, and we use the data to improve the Website.
3 PERSONAL DATA
The Supplier collects and processes certain personal data of the users of the Website and other data that the User has submitted on different types of contact request forms through the Supplier’s website finago.com, server sub-pages or sub-domains (e.g. blog.finago.com/fi) or by e-mail.
Based on the data submitted on the website, we can grant access to those parts and contents of the online service that the User has requested.
By collecting and processing personal data, we may also send targeted marketing messages to the User. If the User does not approve the use of his or her information as described above, the User can prevent the use of his or her information by sending a written request to [email protected]
Additional information on the processing of personal data and the User’s right in the marketing register.
4 DISCLOSURE OF DATA
The Supplier can submit statistics to third parties including use and user data and data other than personal data, but these statistics do not contain identifier information.
The website is protected using technical and organizational means. The website data is saved on servers and systems that are protected using firewalls, passwords and other technical means. Access to personal data is only granted if necessary for the processing of the data. All data processors have the obligation to observe secrecy.
When the User delivers personal data through the Website, the User gives the Supplier and/or third parties the consent to use the data as described on the Website in question.
An approval on the Website only applies to the user data stored on the Website. If the User has submitted the data to the Supplier in another way than through the Website, an approval issued on the Website does not affect the use of the data in question.
8 TRANSFERRING PERSONAL DATA OUTSIDE THE EEA
We can transfer personal data outside the EU or the European Economic Area when our partner carrying out a commission is located outside these area. In such cases, we ensure the appropriate protective measures to ensure the rights and freedoms of data subjects in accordance with the applicable data protection legislation, such as the EU’s General Data Protection Regulation (2016/679).
For example, a service provider implementing marketing for us can transfer personal data to the United States in connection with the production of the service. In a case such as this one, the appropriate measures protecting personal data are carried out in such a way that the service provider is committed to what is referred to as the Privacy Shield arrangement between the United States and the EU, or we use the model data protection contract clauses approved by the EU. You can find further information on the Privacy Shield arrangement here https://www.privacyshield.gov/welcome.
9 WEBSITES OF THIRD PARTIES
1 DATA CONTROLLER AND REGISTER
Accountor Finago Oy, Keilaniementie 1, FI-02150 Espoo, Business ID 0836922-4
Accountor Finago Oy’s marketing registers
Contact person in matters concerning the register
The contact information of the Data Protection Officer can be found on Accountor Finago Oy’s official website at https://finago.com/en/about-us/contact-information/.
You can also contact the Data Protection Officer by e-mail at [email protected] or by calling our switchboard. The switchboard number is shown at: https://finago.com/en/about-us/contact-information/.
We are part of Accountor Group. Contact details of the Group’s Data Protection Officer:
Siltasaarenkatu 18-20A, 00530 Helsinki, Finland
2 DATA STORED IN THE REGISTER
The register contains data on the data subject’s role in the company, corporation or public position and other data necessary in view of the purpose of the register. The data includes basic company info as well as the names and contact information of company decision-makers and key persons.
Regular data sources
Data is stored in the marketing register based on contact forms received from Accountor Finago Oy’s public website (including test IDs and the download of manuals). In addition, personal data can be obtained from other sources to the extent allowed by applicable laws, such sources including the Trade Register, the Population Information System, the Business Information System or the address data system of Posti.
You do not have to give us your personal data, but in that case, we may be unable to offer you our service.
The user rights of Accountor Finago Oy’s employees are transferred to themarketing register through the company’s user management system.
Personal data is stored only for a long as it necessary to carry out the purposes of use defined in this register.
Personal data is stored for the duration of the customer relationship. Personal data can also be stored as necessary after the end of the customer relationship to the extent allowed or required by the applicable law. For example, after the customer relationship has ended we typically store personal data that is necessary to respond to requirements or claims, in accordance with the valid provisions concerning the period of limitation. We may also store personal data as necessary to comply with your decision to opt out of direct marketing, for example.
The personal data is removed once its storage is no longer necessary pursuant to the law or the fulfilment of either party’s rights or obligations.
The storage periods for personal data concerning the Accountor Finago Oy’s employees are related to the terms of their employment contracts and can be reviewed by consulting the employment contract or the Supplier’s personnel instructions.
3 REGISTER’S PURPOSE AND LEGAL BASIS FOR PROCESSING PERSONAL DATA
We only collect and process personal data necessary for carrying out our business, managing customer relationships and for appropriate commercial purposes.
We process your personal data for the following purposes:
1 Sales and marketing
We can contact you to tell you about the properties of new products, for example, or to market and sell you other products or services. We can also process your personal data for the purposes of marketing research and customer surveys. The processing of personal data is based on our legitimate interest to provide information as part of a service and to market our other products to you. You have the right to object to your personal data being processed for the purposes of direct marketing at any time (see paragraph 6 of this register).
2 Service development, data security and internal reporting
We also process personal data to ensure the data security of the product and the website, to improve the quality of the product and the website, and to develop the product. We can also compile internal reports on the basis of personal data; these reports are put at the disposal of our management for the appropriate management of our business. In these cases, the processing of personal data is based on our legitimate interest to ensure the appropriate data security of our product and website and to receive adequate and appropriate information for the product’s development and the management of our business.
3 Other purposes you have consented to
We also process your personal data for other purposes, if you have given us your consent for such processing.
4 PERSONAL DATA TRANSFERS AND DISCLOSURES
We can disclose personal data to other Accountor Group companies to the extent allowed by applicable law for the purposes described in this register, including the marketing of the products and services of the aforementioned companies. Personal data can also be transferred between Accountor Group companies for internal administrative purposes, such as for reporting purposes and for us to be able to run our business efficiently, with the use of centralised information and communication systems, for example. The disclosure of personal data within Accountor Group is based on our legitimate interest to engage in our business and manage our customer relationships efficiently, and to tell our customers about the services of other Accountor Group companies.
We can also disclose personal data to third parties
- to the extent allowed or required by law, such as to carry out a request for information made by a competent authority or in relation to legal proceedings.
- when our partners process personal data on our behalf and according to our instructions. We always ensure the appropriate processing of your personal data.
- in the event that we are party to a merger, corporate arrangement or the disposal of business or a part thereof.
- when we consider the disclosure to be necessary for the realisation of our rights, protecting the safety of you and others, investigating misuse, or responding to a request made by an authority.
- at your consent to the parties the consent applies to.
5 GENERAL PRINCIPLES OF PERSONAL DATA USE AND PROTECTION
Accountor Finago Oy’s employees’ privilege management is carried out using a role-based user management process in which each employee is given only those privileges required for their task and job description.
Data in the marketing register may also be updated by a contractual partner of Accountor Finago Oy. In this case, Accountor Finago Oy is responsible for the activities and data security of its contractual partner, as it would be for its own.
Cloudflare: (The CDN service collects a list of IP addresses): https://www.cloudflare.com/cookie-policy/
Hubspot is certified under the Privacy Shield: https://www.privacyshield.gov/list
Emaileri: All the servers in the service are located in System Partner Oy’s data center (Vampula, Finland), which fulfills the 54A/2012M specification issued by the Finnish Communications Regulatory Authority.
About Hotjar’s cookies: https://help.hotjar.com/hc/en-us/articles/115011789248-Hotjar-Cookies
Giosg (chat cookies): https://giosg.github.io/giosg_docs/cookies.html
Google’s tag manager and analytics (securing data): https://support.google.com/analytics/answer/6004245?hl=fi
6 RIGHTS OF DATA SUBJECTS
According to the current data protection legislation, the marketing register contains personal data that constitutes a person register. With respect to this, the data subjects have rights to their data as provided for in regulations and laid down in the legislation.
You have the right to check your personal data. You can also request the rectification, update or erasure of your personal data at any time. However, please note that the personal data necessary for carrying out the purpose defined in this Policy or the retention of which is required by law cannot be erased.
You have the right to object to or restrict the processing of your personal data to the extent required by the applicable law.
In accordance with the applicable law, you have, in some cases, the right to data portability, i.e. the right to receive your personal data in a structured, commonly used and machine-readable format and the right to transmit the data to another controller.
When we process your personal data on the basis of your consent, you have the right to withdraw the consent you have given at any time. After this, we will not process your personal data unless there is some other legal basis for such processing.
You can exercise your rights by sending a request to us to the address [email protected].
If you think that the processing of your personal data is inappropriate, you have the right to contact to the Data Protection Ombudsman in the matter. The contact details of the Data Protection Ombudsman are available here: http://www.tietosuoja.fi/en/index.html.
7 DATA SECURITY
We carry out the appropriate measures (including physical, digital and administrative measures) to protect personal data against loss, destruction, misuse and unauthorised access or disclosure). For example, personal data can only be accessed by the people who need it to carry out their work.
If you have any further inquiries about this Policy or the processing of your personal data, please send us an email to the address [email protected].