Privacy policy

Updated: 8.7.2020

Turvanasta is committed to protecting personal data. This privacy statement explain why and how we connect and use personal data and provide information about individuals rights in relation to personal data. Unless otherwise expressly stated herein, the terms used in this Privacy Statement shall have the meaning set forth in the General Data Protection Regulation (EU) 2016/679 (the “GDPR”)

We act as a controller with respect to the information we process in connection with our business relationships. For example, we are the controller in relation to Data Subjects contact details and other commercial Personal Data (On the other hand, we may also act as a processor of Data Subjects’ Personal Data when our customer and business partners engage us to process Personal Data on their behalf.).

Processing of personal data

We process Personal Data of Data Subjects to offer Services to our clients and to manage customer relationship. We will process the Data Subjects personal data for the above specified, explicit and legitimate purposes, and will not further process the personal data in a way that is incompatible with those purposes.

For example, Personal Data may be used for invoicing and to send important information to the Data Subject e.g. regarding changes of applicable fees, price list and conditions, or to contact the Data Subject and provide information customized Services according to the interests of the Data Subject.

We may ask for Data Subjects consent for the processing of certain type of Personal Data. When collecting such consents, we inform the Data Subject of the respective purposes of processing and such processing is conducted only when appropriate consent is received.

Personal data we collect and use

Personal Data processed by us is mainly obtained directly from the Data Subject. Provision of such Personal Data is necessary to use and purchase our Services, to accommodate Data Subject’s request for information relating to our Services and to organize communication in relation to our business. We may not provide the Services to a Data Subject that refuses the processing of his/her Personal Data. We process also Personal Data accumulating from the use of our Services (including data collected under our Cookie Policy), and obtained from third party sources related to the Services. Personal Data may be updated and supplemented by collecting data from private and public registers.

We may collect the following information in conjunction with the Data Subject's

  1. Use of our Services

  2. Name and contact information, such as email, phone number, name, address and position / job title.

  3. Other information necessary for maintaining the Business relationship

  4. Personal Data accumulating from the use of our Services, such as information on the webpages the user accessed on our websites, the device type used, individual cookie identifier, the referal through which the website is accessed (e.g. if access through a websearch, browsing session time and duration. The use and collection of information by using cookies is described in our cookie policy page.

  5. We do not collect or process sensitive personal data (Personal Data of special categories).

Disclosure of personal data

For the purposes stated in this Privacy Policy, Personal Data may be disclosed, when necessary, to authorities, other companies within the same group of companies as us, companies which we cooperate and to other third parties, such as third-party service providers we use in connection with our Services.

Retention Period

We retain Data Subject’s Personal Data as long as it is needed to fulfillment our business obligations. Personal Data may be, wholly or in part, retained for longer or shorter term if required by applicable law or if there is other justified reason to retain or delete them. In such a case, Data Subject’s Personal Data shall be erased with no further delay after there is no longer any need for such a retention.We evaluate the necessity and accuracy of the Personal Data on a regular basis.

Data Subjects Rights

Data Subjects have the following data protection rights:

  1. Access copies of your personal data

  2. Rectify inaccurate personal data and to complete incomplete personal data

  3. Erase your personal data

  4. Restrict the processing of your personal data

  5. Object to the processing of your personal data

Data Subjects may exercise the above-stated rights by sending a written request to us. If a Data Subject considers that its personal data is processed unlawfully, the Data Subject may lodge a complaint with local supervisor authority in the EU.

If the processing of personal data is based on consent, the Data Subject has a right to withdraw such consent at any time. Please note that this will not affect the lawfulness of any processing we conducted prior to the withdrawal.

Security safeguards

We have taken adequate technical and organisational measures in order to keep Personal Data safe and secure against unauthorized access, loss, misuse or alteration by third parties using appropriate technical or organizational measures to achieve this (Articles 25(1) and 32 of the GDPR).

Contact

Turvanasta Oy
Tengströminkatu 6
20360 Turku
Finland

Business ID: FI1638307-7

All contacts and inquiries related to this Privacy Policy should be addressed to office@turvanasta.fi