Privacy Notices

Personal Data Act (Articles 10 and 24) and EU General Data Protection Regulation (GDPR) Privacy and Data Protection Statement.

The effective date of this privacy policy is May 4, 2018. This policy is kept up to date.

1.      THE REGISTRAR

Vision Hunters Ltd Oy
Business identity code: 2223586-3
Contact: Katja Winberg
Visiting address: Eteläesplanadi 22 B, 4th floor, 00130 Helsinki, Finland
E-mail: katja.winberg@visionhunters.com

2.      Name of the Register

Vision Hunters Ltd Oy, Customer Information Register

3. Legal basis and purpose of processing personal data

The processing of personal data is based on the legitimate interest of the company in the implementation of the customer relationship and/or contract

The purpose of processing personal data is

  • Providing and developing our services, for example, through a survey
  • Fulfilling our contractual and other promises and obligations
  • Managing our customer relationship

4. What information do we process?

We process the following customer or other registered personal information in the customer register:

  • Basic information of the data subject such as name*, customer number*, username and/or other unique identifier*, password*;
  • Contact details of the data subject such as e-mail address*, telephone number*, address information*
  • Information about the company/association and the contact persons of the company/association such as business ID*, association register number* and contact persons* and contact information*
  • Customer and contract information such as information on past and current contracts and orders, other business information such as electronic billing information and electronic communications;

Providing personal information marked with an asterisk (*) is a prerequisite for our contractual relationship and/or customer relationship. Without the necessary personal information, we cannot deliver the product and/or service.

5. Where do we gather information?

We receive information primarily from the registered person.

In addition, personal data may also be collected and updated for the uses described in this Privacy Statement, also from publicly available sources and information obtained from public authorities or other third parties, within the limits of applicable law. Such updating of data is performed manually or by automatic means.

6. To whom do we grant and transfer information, and do we transfer data outside the EU or the EEA?

We utilize our subcontractors in the processing of personal data. We have outsourced IT management to external service providers that manage and store personal data on a protected server. With our subcontractors we have taken care of your privacy by drafting processing agreements for the processing of personal data. In some cases, personal data may be disclosed outside the EU/EEA, such as the United States and Russia. The disclosure of the information depends on the service purchased by the customer, which in the contract refers more closely to the type of transfer and to which it is disclosed. We have taken appropriate measures to protect the transfer. We use standard contract clauses approved by the EU or other transfer procedures approved by the EU Commission.

7. How we protect the data and how long do we keep it?

Only employees who have the right to process personal data for their work are entitled to use the personal data system. Each user has their own username and password for the system. Data is collected in databases that are protected by firewalls, passwords and other technical means. Databases and their backups are located in locked spaces and access to data is restricted to certain pre-designated persons.

We keep personal information for 12 months from the date of termination of the customer relationship / employment relationship and, in accordance with accounting legislation, billing data for 6 years after the invoice date.

We evaluate the need for data retention on a regular basis, taking into account the applicable legislation. In addition, we take reasonable measures to ensure that the data does not contain any incompatible, outdated or inaccurate personal data in the register for purposes of processing. We will correct or destroy such information promptly.

8. Registered rights / What are your rights as registered?

Once registered, you have the right to verify the personal data stored in your personal register and to request the correction or deletion of incorrect information. You also have the right to withdraw or change your consent.

As a registered user, you have the right to oppose or request limitation of the processing of your information under the Privacy Act (as of May 25, 2018) and to file a complaint with the Supervisory Authority.

For specific personal reasons, you also have the right to oppose your own profiling and other processing activities when the processing of the information is based on our customer relationship. In connection with your requirement, you must identify the specific situation on which you oppose the processing. We may only refuse to make a request for objection on the grounds provided by law.

Once registered, you also have the right to oppose the processing at any time, free of charge, including profiling as far as direct marketing is concerned.

9. Who can I contact?

All contacts and requests for this report must be made in writing or in person to the contact person named in (1).

Vision Hunters Ltd Oy reserves the right to change the contents of the register without notice to the individual.

It is the responsibility of the data subject to review the contents of the register file regularly.