Hae sivustolta

Customer and customer register privacy policy

This is Onrego Oy’s privacy policy in accordance with the Personal Data Act (Sections 10 and 24) the EU General Data Protection Regulation (GDPR). Created on December 19, 2018. Last updated on May 2, 2018.

1.1 Controller

Onrego Oy Business ID: 2487158-0 Keilaranta 1, 9th floor, 02150 Espoo, Finland

1.2 Contact person in register-related matters

Pekka Onnela, pekka.onnela@onrego.fi

1.3 Name of register and data subjects

This is Onrego Oy’s customer and marketing register.

In this register, we process personal data for our customers, potential customers, and their representatives.

1.4 Purpose of use for personal data

The purpose of processing personal data is communication with customers, customer relationship maintenance and marketing, and improving user experience for the onrego.fi online service.

As to marketing, our basis for processing is a justified interest, and for customer relationship maintenance, it is the execution of an agreement between you and our company. Based on your consent, we will also send you electronic direct marketing messages.

This information shall not be used for automated decision-making or profiling.

1.5 Data content of the register

We collect information you have provided, related to name(s), phone number(s), email address(es), postal address(es), and other forms of information. By using cookies, we collect measurable data from our visitors and utilize this data to, for example, plan our marketing activities. This enables us to target our communications as accurately as possible.

The following data can be recorded for the data subject, that is, you:

* Person’s name, position, email address, telephone number, and title/area of responsibility

* Company name, contact information, and field of business

* Data related to customership management and communications (such as order information related to expert services, feedback, data related to ordered services, invoicing information)

* Data related to online behavior on the Onrego Web site and in online services

* Data related to marketing and sales promotion, such as marketing activities targeted at data subject and the data subject’s participation in these (such as taking part in competitions, webinars, and events)

* Technical data and cookies sent to data subject’s browser, as well as cookie-related data

1.6 Register’s data sources

We receive the data we record in the register from customers via, among others, messages sent over online forms, email, telephone, social media services, agreements, customer meetings, and other instances of data transfer. We mainly collect personal data from yourself. We may also receive personal data from your employer or another party that names you their contact person.

We also track cookies and all your visits to the Onrego Web site leave a trace, an IP address. Personal data can also be purchased for one-time marketing purposes from registers that are independent of Onrego. We may also collect personal data from public sources.

1.7. Cookies

Cookies are small text files that are used to store small pieces of information. They are stored on your device when the website is loaded on your browser. These cookies help us make the website function properly, make it more secure, provide better user experience, and understand how the website performs and to analyze what works and where it needs improvement.

As most of the online services, our website uses first-party and third-party cookies for several purposes. First-party cookies are mostly necessary for the website to function the right way, and they do not collect any of your personally identifiable data.

The third-party cookies used on our website are mainly for understanding how the website performs, how you interact with our website, keeping our services secure, providing advertisements that are relevant to you, and all in all providing you with a better and improved user experience and help speed up your future interactions with our website.

Essential: Some cookies are essential for you to be able to experience the full functionality of our site. They allow us to maintain user sessions and prevent any security threats. They do not collect or store any personal information. For example, these cookies allow you to log-in to your account and add products to your basket, and checkout securely.

Statistics: These cookies store information like the number of visitors to the website, the number of unique visitors, which pages of the website have been visited, the source of the visit, etc. These data help us understand and analyze how well the website performs and where it needs improvement.

Marketing: Our website displays advertisements. These cookies are used to personalize the advertisements that we show to you so that they are meaningful to you. These cookies also help us keep track of the efficiency of these ad campaigns.

Functional: These are the cookies that help certain non-essential functionalities on our website. These functionalities include embedding content like videos or sharing content of the website on social media platforms.

These are the cookies we use on our website:

CookieDurationDescription

1.7 Disclosure of data

Upon Controller’s decision, data can be transferred within the limits allowed and obligated by the currently valid legislation to our partners, unless data subject has denied said data transfer. Transferring data to our partners shall occur only for purposes that support the register’s operational concept.

Information will not be disclosed to third parties for marketing purposes.

1.8 Data transfer to outside the EU or ETA

In processing your personal data, we may utilize service providers who may have access to your personal data from outside the EU/ETA areas, such as from the United States. We shall ensure appropriate and lawful execution of data transfer in accordance with the applicable legislation concerning the processing of personal data.

In all circumstances, we shall transfer your personal data to outside the EU/ETA areas solely based on one of the legal justifications listed below:

* the European Commission has decided that a required level of data security has been established in the recipient country;

* we have taken all the appropriate security measures to transfer your personal data by using the standard data protection -related clauses approved by the European Commission. In these cases, you have the right to receive a copy of said standard clauses by contacting us, or

* you have given explicit consent to data transfer, or there exists some other lawful basis for transferring your personal data to outside the EU/ETA areas, such as a Privacy Shield agreement pertaining to the United States and approved by the European Commission.

1.9 Securing the register and retaining period for personal data

All electronically handled data included in the register’s database are protected by firewalls, passwords, and other generally approved technical means in the current field of data security. Only persons authorized by Onrego have access to this database. All manually maintained materials are stored in premises with strict access control.

We shall destroy all outdated and unnecessary data using appropriate means. We retain personal data only for as long as is required to carry out the purpose of processing as defined in

this privacy policy. Due to obligations in the law on accounting or some other applicable legislation, we may have to retain data for a period longer than stated above.

1.10 Data subject’s rights

You have, at any time, the right to object to the processing of your personal data for direct marketing purposes. Every direct email message sent by Onrego includes a statutory link with which you can unsubscribe from further direct email marketing.

In addition, in accordance with applicable data protection legislation, you can at any time exercise your:

* right to verify your own personal data

* right to data rectification

* right to restrict processing (such as unsubscribing from further marketing)

* right to object to the processing of your personal data

* right to withdraw consent (such as withdrawing your consent to marketing)

* right to make a complaint to a supervisory authority

* right to access information regarding the processing of your personal data

* right to data rectification

* right to request the removal of your personal data

* right to withdraw your consent and object to the processing of your personal data with regard to the processing of personal data based on your consent

* right to receive your personal data in a machine-readable format and the right to transfer this data to another controller, provided that you have personally released this data to us

* right to request restricting the processing of your personal data

* right to make a complaint to a supervisory authority

We may ask you to specify your request and to verify your identity before processing your request. We may deny your request based on reason(s) found in applicable legislation.

You must submit all requests related to your rights in writing or by email using the following contact information:

Onrego Oy Request to verify / other personal data -related request /

Pekka Onnela

Keilaranta 1
02150 Espoo, Finland

pekka.onnela@onrego.fi

Onrego Oy shall address all requests within the timeframe defined in the EU GDPR (in general, within one month), unless compelling reasons require a longer processing period.

1.11 Changes to this privacy policy

We may occasionally make changes to this privacy policy by publishing a new version online, and thus we reserve the right to make changes to this policy by notifying of the fact on this site.