Privacy policy

This is the reg­u­latory privacy policy defined by EU General Data Pro­tection Reg­u­lation (GDPR).

 

Name of the register

Exceo Oy cus­tomer registry

 

Data con­troller

Exceo Oy, Company ID: FI29954756

 

Person responsible for the registry

Mika Parikka

 

Purpose of the registry

The purpose of the pro­cessing of per­sonal data is the man­agement of client relations.

The inform­ation col­lected can be used to fol­lowing purposes:

  • Cus­tomer rela­tionship management

 

Regular data sources

We mainly obtain per­sonal inform­ation about users from users them­selves. Inform­ation may also be obtained from public regis­tries and common partners.

 

Data content of the register

Registry con­tains data col­lected from the data sub­jects themselves.

The registry can contain fol­lowing information:

  • Name
  • Email address
  • Other inform­ation provided by the data subject

 

Regular disclosure of data

We may dis­close (with per­mission from the client) per­sonal data to client’s and Exceo Oy’s trusted partners to ensure

  • the delivery of products and services.
  • invoicing (billing and payment service providers).

Inform­ation is not dis­closed to other third parties inside or outside of EU, except to the author­ities to the extent per­mitted and bound by existing legislation.

 

Prin­ciples of registry protection

Physical copies

Data is not stored in physical form, excluding data required for fin­ancial or accounting pur­poses. The access to this material is restricted to named Exceo Oy’s and accounting service pro­vider, who are covered by con­fid­en­ti­ality agreement. 

Data stored in elec­tronic format

Data is trans­ferred over SSL pro­tected connection.

Systems are secured by a firewall. Only named Exceo Oy’s per­sonnel have access to the registry and are iden­tified by indi­vidual user accounts and pass­words. All inform­ation is handled as con­fid­ential and is dis­closed con­fid­en­tially to per­sonnel on a need-to-know basis only.

 

The rights of data subjects

The data subject has the right to inspect what data con­cerning them has been recorded in the per­sonal data register and to receive a copy of the data. The data subject must send a written inspection request to the person responsible for the registry.

This right is free of cost, if exer­cised only once a year.

 

Retention period

Per­sonal data shall be retained for as long as it is necessary to retain it in order to meet the purpose for which it has been col­lected in accordance with this privacy policy.

 

Cookies

We use cookies and other similar tech­niques to provide the Service. Cookies are small text files placed on the User’s device to collect standard internet log inform­ation. Certain func­tion­al­ities of the Service require use of cookies. We use cookies to increase func­tion­ality of Service and to make it easier to use.

The User can set the User’s browser not to accept cookies. The User can also limit the use of cookies or remove cookies from the browser. However, as cookies are part of how our Service works, lim­iting the use of cookies may affect the func­tion­ality of the Service.

 

Soita 000 000 0000