This page has all the important stuff.

Privacy Policy

 

Version 2.3
Updated 20. October 2018

General

Our work requires that we collect, control, and process some personal data about you. We want to respect your privacy; and we are committed to protect your privacy. This privacy policy includes information about what personal data we collect, how do we use the data, how do we collect the data, what is the legal basis for processing the data, who controls and processes the data, how do we protect the data, and what rights you have regarding your data.

Koskinen Family Business Oy collects, controls, and processes your personal data according to this privacy policy and an applicable legislation.

How do we use personal data we collect?

We may collect your personal data to:

  1. create or maintain collaboration or customer relationships;

  2. recommend your services, products, or other legitimate interests to third parties;

  3. offer services, products, or other legitimate interests;

  4. develop our services, products, or other legitimate interests;

  5. fulfil requirements of a contract to which you are a party, or to take steps to create such a contract;

  6. fulfil requirements of any legal obligations that we are a subject for; and/or

  7. pursue any other legitimate interests that do not override your interests or fundamental rights and freedoms that require protection of your personal data.

What personal data do we collect?

We may collect your:

  1. contact details (such as name, email address and phone number);

  2. current and past company details (such as name, industry and website);

  3. work details (such as assignment and job title);

  4. industry or industry knowledge details;

  5. networks that we share;

  6. interaction details (such as details about your messaging with us, chat transcripts, memos of those events, and other similar details); and/or

  7. customer relationship details (such as lifecycle stage, lead status and contacting tasks).

We may also collect details about offers, deals, projects and contracts that you are a party or other personal data that accumulates during a collaboration or customer relationship.

How do we collect personal data?

We collect personal data about you from publicly available sources (such as your company website or LinkedIn); from yourself as part of our communication or as you use our products or services; from shared partners, shared service providers, or other shared third parties; and/or from your representative.

What is the legal basis for collecting personal data?

There is always a legal basis to collect and process your personal data. The legal basis for processing your data may be freely given consent, performance of a contract, or fulfilment of our or a third party’s legitimate interest. These interests may be, for example, offering our services or products. However, these interests cannot override your interests or fundamental rights and freedoms that require protection of your personal data.

Who is able to access, control and process personal data?

The primary and sole controller for your personal data is Matias Koskinen. The CEO and Board Member of Koskinen Family Business Oy. In the event of his death, trusteeship or other force majeure, your personal data will be accessible by the business’ board.

Some parts of the data processing process has been outsourced to third parties. We make sure that the chosen data processors have appropriate security measures to protect your privacy and to comply with any applicable legislation. These security measures include the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks in minimum.

Your data may be processed by any number of the following third parties:

  1. Hubspot, Inc. Privacy Policy. Data Processing Agreement.

  2. Squarespace Ireland Ltd. Privacy Policy. Data Processing Addendum.

  3. Google, Llc. Security. Privacy Policy. Security and Compliance.

  4. WhatsApp Ireland Ltd. WhatsApp Legal Info.

  5. Apple Inc. Privacy Policy.

  6. Dropbox International Unlimited Company. Privacy Policy. GDPR.

  7. Tawk.to. Privacy Policy. Data Protection.

Your personal data is not transferred elsewhere, unless the performance of a contract that you are a party, other legal obligations that we are a subject, or a public authority demands otherwise.

How is personal data protected?

Your personal data is protected with appropriate security measures. The computers that are used to control your personal data have been encrypted. The access to the data processing services have been protected with two factor authentications where applicable and with very secure passwords. Also, a VPN connection is always used to connect to these services.

Is personal data transferred internationally?

Your data may be transferred outside of the EU or ETA by the third parties described above. It is likely that some parts of their data processing processes do transfer the data internationally. However, it is ensured that these third parties have either data servers within the EU or ETA, or appropriate security measures for the transfer of your personal data.

Does the website use cookies and what are they?

We use cookies to develop our business, products, services or other legitimate interests, and to ensure the functionality of our website. Cookies are small data files that are stored to your device. Cookies enable us to receive anonymous information about how our website is used.

If you do not accept the use of cookies, you can disable them from your browser settings. However, it may cause the website to behave undesirably

What are your rights to access and control your data?

You have the following rights regarding your personal data:

  1. You have a right of access—you have a right to know whether we collect, control, and process your personal data or to know what personal data we collect, control, and process about you.

  2. You have a right to rectification—you have a right, without undue delay, to rectify inaccurate, expired, or incomplete data about you.

  3. You have a right to restriction of processing—you have a right to restrict what personal data we process about you, how long we are consent to process it, and in what ways we are consent to process it.

  4. You have a right to data portability—you have a right to receive your personal data in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller.

  5. You have a right of erasure—you have a right, without undue delay, to ask for erasure of you personal data unless the processing is necessary for any legal obligations that we are a subject for, or for the performance of a contract to which you are a party.

  6. You have a right to object—you have a right to object to processing of your personal data unless we have a compelling legitimate ground for processing data which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.

  7. You have a right to appeal to an Data Protection Authority—you have a right to appeal to the Office of the Data Protection Ombudsman.

You can exercise these rights by contacting us with the steps below.

Who and how may update this privacy policy?

We may have to update the privacy policy if our work or the legislation changes. The changes come into effect when the updated privacy policy is published. As a result, we recommend that you get acquainted with this privacy policy occasionally.

However, if the changes result in expiration of the legal basis for collecting, controlling and processing your data, your personal data will be either deleted according to all privacy laws and regulations, or we make sure that the legal basis for collecting, controlling and processing your data is updated before the changes.

How can you contact us about your privacy?

You may contact us by using the form below or by contacting Matias Koskinen (CEO, acting DPO) whose contact details are available in the contact page.