Privacy policy
This is the regulatory privacy policy defined by EU General Data Protection Regulation (GDPR).
Name of the register
Exceo Oy customer registry
Data controller
Exceo Oy, Company ID: FI29954756
Person responsible for the registry
Mika Parikka
Purpose of the registry
The purpose of the processing of personal data is the management of client relations.
The information collected can be used to following purposes:
Customer relationship management
Regular data sources
We mainly obtain personal information about users from users themselves. Information may also be obtained from public registries and common partners.
Data content of the register
Registry contains data collected from the data subjects themselves.
The registry can contain following information:
- Name
- Email address
- Other information provided by the data subject
Regular disclosure of data
We may disclose (with permission from the client) personal data to client’s and Exceo Oy’s trusted partners to ensure
- the delivery of products and services.
- invoicing (billing and payment service providers).
Information is not disclosed to other third parties inside or outside of EU, except to the authorities to the extent permitted and bound by existing legislation.
Principles of registry protection
Physical copies
Data is not stored in physical form, excluding data required for financial or accounting purposes. The access to this material is restricted to named Exceo Oy’s and accounting service provider, who are covered by confidentiality agreement.
Data stored in electronic format
Data is transferred over SSL protected connection.
Systems are secured by a firewall. Only named Exceo Oy’s personnel have access to the registry and are identified by individual user accounts and passwords. All information is handled as confidential and is disclosed confidentially to personnel on a need-to-know basis only.
The rights of data subjects
The data subject has the right to inspect what data concerning them has been recorded in the personal data register and to receive a copy of the data. The data subject must send a written inspection request to the person responsible for the registry.
This right is free of cost, if exercised only once a year.
Retention period
Personal data shall be retained for as long as it is necessary to retain it in order to meet the purpose for which it has been collected in accordance with this privacy policy.
Cookies
We use cookies and other similar techniques to provide the Service. Cookies are small text files placed on the User’s device to collect standard internet log information. Certain functionalities of the Service require use of cookies. We use cookies to increase functionality of Service and to make it easier to use.
The User can set the User’s browser not to accept cookies. The User can also limit the use of cookies or remove cookies from the browser. However, as cookies are part of how our Service works, limiting the use of cookies may affect the functionality of the Service.