Mainostoimisto Reflex Oy
Business ID 0700247-1
20300 Turku, Finland
FOR WHAT PURPOSE IS MY PERSONAL DATA COLLECTED AND PROCESSED?
Keräämme, säilytämme ja käsittelemme sinua koskevia henkilötietoja vain ennalta määriteltyihin tarkoituksiin. We collect, store and process your personal data for predefined purposes only. The main purposes are:
- Fulfilling our contractual obligations
- Fulfilling our legal obligations and claims
- Customer communications and handling contact requests
- Developing our business
- Targeting our services to you
- Storing correct and reliable information through e.g. backups
WHAT KIND OF PERSONAL DATA IS COLLECTED AND FROM WHAT SOURCES?
We collect personal data mainly from you when you contact us, or later when you are using our services. We also collect data about our website visitors with Google Analytics in order for us to be able to analyse and develop our website and target relevant marketing to visitors.
We might typically get the following data from you:
- Business name and ID
- Phone number and email of contact person
- Title or profession
- Postal and invoicing address
- Information about the device or connection you are using (e.g. IP address, time, browser type, device operating system, visited pages and time spent, location, web address from which the user arrived at the website)
- Information collected through cookies
- Other text-based information related to the business relationship
Other data processed based on your consent:
- Social security number
Data sources include e.g. LinkedIn, Google Analytics and forms on the website. Personal data is collected from the data subject in connection with the data controller’s client contacts by e.g. phone, web service and client events. In addition and in connection with the acquisition of new clients for example, we may use names picked up e.g. from various media to acquire new business.
ON WHAT GROUNDS IS THE PERSONAL DATA BEING PROCESSED?
We make sure that we always have a basis required by law to process your personal data. We might process your personal data on several different grounds. We process your data to implement the contract and to fulfil legal obligations. We also process your personal data on the grounds of our legitimate interest, which include providing our services and carrying out and developing our business. We might process some personal data on the basis of your consent.
WHO PROCESSES MY DATA AND IS IT GIVEN TO THIRD PARTIES?
Your data is being processed mainly by our company personnel when they are performing daily tasks. We might outsource some of the personal data processing with regards to, for example, the information systems that save, store and process the data. In these cases, we always make sure, e.g., by contracts, that your data remains confidential and that your data is being processed in accordance with the legislation. We might also disclose the data if so required by our contractual obligations or if the law or a competent authority requires so. We might also disclose your data if we were part of a merger or acquisition.
IS MY DATA DISCLOSED OUTSIDE OF THE EU?
The servers needed for the operation of the software are located mostly in the EU or EEA or in such countries outside of the EU or EEA where the European commission has deemed data security to be at an adequate level. To fulfil our service, data can be transferred outside of the EU or EEA in compliance with the transfer criteria of data privacy legislation. Such transfer and storing of data will be carried out in compliance with the relevant legislation and with adequate security mechanisms in place (EU – US Privacy Shield certificate). Mainostoimisto Reflex Oy does not disclose client data for direct marketing purposes.
FOR HOW LONG IS MY PERSONAL DATA BEING STORED?
We do not store your personal data longer than is necessary for its intended use or longer than our contractual or legal obligations require. The storage period of personal data may vary due to the intended use or the situation. We aim to update your personal data from time to time by deleting unnecessary data and by updating obsolete data.
HOW IS MY PERSONAL DATA BEING STORED AND SECURED?
Your data is being stored on our service providers’ servers, which have been secured in accordance with general industry procedures. The personal data we collect and process is kept confidential and disclosed only to those who require it to do their job, or confidentially and in a limited manner to third parties on the basis of service agreements. Access to your personal data is protected with usernames, passwords and access rights per user.
We protect your personal data with appropriate technical and organisational security measures. Such measures include, for example, proactive and reactive risk management, the use of firewalls, encryption technologies and secure equipment rooms, as well as access control and security systems.
IS GIVING MY PERSONAL DATA MANDATORY? WHAT HAPPENS IF I DON’T CONSENT TO GIVING MY PERSONAL DATA?
WHAT ARE COOKIES AND ARE THEY BEING USED ON THE WEBSITE?
You can block Google from collecting and using data (cookies and IP addresses) by downloading and installing a tool available at https://tools.google.com/dlpage/gaoptout?hl=en or by using another ad and tracking blocker.
WHAT KIND OF RIGHTS AND OPTIONS DO I HAVE?
If we are processing your data with your consent, you can withdraw your consent at any time by, for example, sending an email to firstname.lastname@example.org
Access to data
You have a right to get a confirmation from us on whether we are processing your personal data and what kinds of personal data we are processing. In addition, you also have the right to receive supplementary information about the grounds of processing your personal data.
The right to correct your personal data
You have the right to request that we correct incorrect, outdated or otherwise inadequate personal data concerning you.
The right to prohibit direct marketing
You have the right to prohibit the processing of your personal data for direct marketing purposes by sending an email to jenita.pernell(at)mainosreflex.fi
The right to object to the processing of personal data
If we are processing your personal data on the basis of general interest or on the basis of our legitimate interest, you have the right to object to the processing of your personal data when there is no significant reason that would override your rights or when the processing is not necessary to deal with a legal claim. Please note that in this situation we would most likely be unable to provide services to you.
The right to restrict processing
In certain situations, you have the right to demand that we restrict the processing of your personal data.
The right to portability of personal data
If we are using your data on the basis of your consent or to fulfil a contract, you have the right to receive the data that you have provided us electronically in a commonly used format, so that the data can be transferred to another service provider.
HOW CAN I IMPLEMENT MY RIGHTS?
You can implement the previously mentioned rights by contacting us, for example, by email at email@example.com. We kindly ask you to mention your name, address, and phone number and to attach a copy of your passport, driver’s license or other form of identification so that we can ensure your identity.
WHO CAN I CONTACT REGARDING PRIVACY ISSUES?
Mainostoimisto Reflex Oy
Business ID 0700247-1
20300 Turku, Finland
Last updated 20.05.2018