FI   |   EN

Privacy policy

This is the privacy policy of Kuullas Finland Oy in accordance with the General Data Protection Regulation (GDPR) of the EU. Compiled on November 7, 2022.

1. Data Controller

Kuullas Finland Oy

Business ID: 3279331-6

Tapanilankatu 20 A, 15900, Lahti

2. Contact Person Responsible for the Register

Irina Krohn

+358 50 516 0298

irina.krohn@kuullas.com

3. Register Name

Kuullas customer register

4. Legal Basis and Purpose of Processing Personal Data

The legal basis for processing personal data is the individual's consent in accordance with the General Data Protection Regulation of the EU. The purpose of processing personal data is new customer acquisition and maintaining customer relationships.

5. Data Content of the Register

The register may include names, contact information, website addresses, IP addresses for internet connections, usernames/profiles on social media services, information about ordered services and their changes, billing information, and other information related to customer relationships and ordered services.

The IP addresses of website visitors and cookies necessary for the functioning of the service are processed based on legitimate interest, for example, to ensure security and collect statistics about website visitors when they can be considered personal data. Consent is requested separately for third-party cookies.

6. Regular Data Sources

The data to be stored in the register is obtained from the customer through messages sent via website forms, email, phone, social media services, contracts, customer meetings, and other situations where the customer provides their information.

Information about contacts at companies and other organizations may also be collected from public sources such as websites, directory services, and other companies.

7. Regular Disclosures of Data and Transfer of Data Outside the EU or EEA

Data is not routinely disclosed to other parties.

8. Principles of Register Protection

In processing the register, due diligence is observed, and data processed by information systems is properly secured. When register data is stored on internet servers, their physical and digital security is appropriately ensured. The data controller ensures that stored data and server access rights and other critical data related to the security of personal data are handled confidentially and only by employees whose job description requires it.

9. Right to Inspect and Request Correction of Data

Every person in the register has the right to inspect their data stored in the register and request the correction of any inaccurate information or the completion of incomplete information. If a person wishes to check the data stored about them or request corrections, the request must be made in writing to the data controller. The data controller may request the requester to prove their identity if necessary. The data controller will respond to the customer within one month.

10. Other Rights Related to the Processing of Personal Data

A person in the register has the right to request the deletion of their personal data from the register. Requests must be made in writing to the data controller. The data controller may request the requester to prove their identity if necessary. The data controller will respond to the customer within one month.