Controller
Prevas Oy (Business ID 1978796-6)
Yliopistonkatu 60 A
FI-33100 Tampere, Finland
Contact person for data protection matters
Data Protection Officer
tietosuoja@enmac.fi
Yliopistonkatu 60 A
FI-33100 Tampere, Finland
2.1. Prevas Oy’s customer data register
3.1. The data subjects are the contact persons of the controller’s customers and potential customers.
4.1. The grounds of the processing of personal data are:
4.2. The purpose of the processing of personal data is:
5.1. The following types of data are processed with regard to the data subject, for example:
6.1. Personal data are primarily collected from the data subject or from the data subject’s organisation when the controller’s customer purchases products and services from the controller, as well as during the customer relationship between the customer and the controller.
7.1. Personal data are not regularly disclosed to third parties. However, the controller may disclose personal data to third parties in an individual case, such as when the authorities or applicable legislation so require.
7.2. The controller may use subcontractors and third party service providers to process personal data. In such a case, the controller shall ensure that the subcontractor processes the personal data in accordance with applicable legislation and this privacy policy.
8.1. As a rule, the data controller does not transfer data outside the European Union (EU) or the European Economic Area (EEA).
9.1. The personal data in the register are stored for as long as the controller needs the data for the purposes described in this privacy policy.
9.2. As a rule, personal data will be stored for as long as the data subject is a customer of the controller or in an employment or service relationship with the controller’s customer. The customer relationship is considered expired when two (2) years have passed since the last contact.
10.1. The personal data are stored in databases and information systems with appropriate technical and organisational measures in place to protect personal data from misuse and disclosure. The database where personal data are stored is protected by a firewall and other technical means.
10.2. The right to use the register is limited to designated persons who need the information in their work duties. Each user has their own username and password. The electronically processed data included in the register are protected by firewalls, passwords and other technical means generally accepted in the field of information security. The register is regularly backed up.
11.1. The data subject has the right to inspect their personal data in the register and to request the rectification of any inaccurate personal data.
11.2. In the situations specified in the General Data Protection Regulation, the data subject has the right to request the deletion of their personal data, to object to the processing of their personal data or to request the restriction of the processing of their personal data, as well as to transfer the data to another controller.
11.3. If the processing is based on the consent of the data subject, the data subject may withdraw their consent by notifying the data controller. The data subject may give the controller consents or prohibitions concerning direct marketing.
11.4. The data subject may exercise their rights by contacting the controller using the contact details referred to in section 1 above.
12.1. If the data subject considers the processing of their personal data to be unlawful, a complaint about the processing may be submitted to a competent authority, which in Finland is the Data Protection Ombudsman. The website of the Data Protection Ombudsman can be found at www.tietosuoja.fi.
The know-how obtained by our professionals over the years is at your disposal. We are ready, so do not hesitate.