(Last updated June 26th, 2019)
Platform of Trust Oy (business ID 2980005-2)
c/o Suomen Tilaajavastuu Oy
Tarvonsalmenkatu 17 B
02600 Espoo
Finland
Data Processing Officer’s contact details:
email: dpo@tilaajavastuu.fi
mail: Platform of Trust Oy
Data Protection Officer
c/o Suomen Tilaajavastuu Oy
Tarvonsalmenkatu 17 B
02600 Espoo
Finland
Data subjects are contact persons of Platform of Trust Oy’s (“We” or ”Supplier”) customers and potential customers, users of Supplier’s services, and users of Supplier’s website. Customers are companies, entrepreneurs, or consumers.
The legal basis for personal data processing is your consent, the legitimate interest of the controller or fulfilling a contract made with the controller.
We use personal data in the marketing and sale of our services and for customer relationship management, invoicing, provision of customer support services, user rights monitoring, and service development. Personal data processing also includes processing and analysing the data concerned for targeted marketing and service production. For example, we can show you targeted messages or content on our website, or channels based on your previous interests.
We will principally collect personal data from you directly when they contact us and use our services. We also collect data on our customers and their contact persons from public sources and registers.
We use web analytics services to collect visitor data on our website in order to analyse and develop our web resources, as well as target relevant marketing and customer communications to visitors.
We collect and process in the customer and marketing communication register mainly our customers and potential customer’s representatives and contact persons’ personal data. The register contains the following data on the contact persons for our customers and potential customers:
We typically receive the following information directly from the contact persons of our customers:
We will process, for example, the following personal data of the user in connection with the use of services and websites:
The following data on the user in particular is received from other sources:
We may use subcontractors for personal data processing. We may convey personal data to its partners for direct marketing purposes within the limits of applicable legislation.
Personal data is not principally conveyed outside the European Union (EU) or the European Economic Area (EEA), unless necessary for the technical implementation of data processing, e.g. when the data subject sends or receives messages by email or other online-based transmission service.
Supplier may use in customer and marketing communications and in customer support ticket management third-party data systems and cloud services, the personal data processing of which can be partly implemented outside the EEA. To the extent that Supplier’s subcontractors implement data processing outside the EEA, Supplier will ensure that the transfer of personal data outside the EEA is completed in accordance with the applicable legislation.
Personal data contained in the customer and marketing communication register is stored for as long as Supplier will need it for the above purposes.
As a data subject, you have the right to inspect the personal data concerning yourself and demand that any incorrect data be corrected or deleted. However, we can, within the limits of law, restrict your right to access data that contains the personal data of others, is a business secret of ours or our customer, or is related to the safety features of the service.
You have the right to request that your personal data be deleted in situations specified in the General Data Protection Regulation (“GDPR”), if:
In situations specified in the GDPR, you have the right to object to the processing of your data or to request that the processing of your data is restricted. If you consider the processing of your personal data to be illegal, you can submit a complaint on the processing to a competent authority.
The right to use the customer and marketing communication register is restricted to appointed persons only, who need the information concerned in their work tasks. Each user has his/her own user name and password. Personal data is principally stored in databases and data systems located within the European Economic Area that have the appropriate technical and organisational measures in place, to protect the personal data against misuse and disclosure.
We may make changes to this privacy statement from time to time without a separate notice. Any changes made are listed in the “last update” section at the beginning of this privacy notice.