Cookie settings
Privacy policy
General
The privacy policy provides customers and other stakeholders with information on how the Data Controller processes their personal data and how it is protected. We comply with the Finnish Personal Data Act and the EU General Data Protection Regulation (GDPR).
1. Data Controller
Herea Oy
Business ID: 2696141-6
Kauppatie 9, C-Entrance
65610 Mustasaari
FINLAND
Contact person responsible for the register:
Chief Executive Officer Eliina Puijola, eliina.puijola@herea.fi, tel. +358 40 504 1198
2. Name of the Register
The customer and marketing register of Herea Oy
3. Purpose of Personal Data Processing
The purpose of the register is to maintain customer relationships, customer communication, and communication and marketing to current and potential customers and stakeholders. We use personal data only for the aforementioned purposes.
4. Registered Data
Company:
- Company name
- Company email address
- Company phone number
- Company postal address
- Company business ID
- Company industry
- Information about the services ordered by the company, their delivery, and billing
- Information related to customer acquisition, including contact details
Individual:
- Person's name and title
- Person's email address
- Person's phone number
- Person's address details
- Direct marketing consents and prohibitions
Personal data is generally processed as long as the contract, on which the processing of the person's data is based, is in effect. The information is entered into the register as it is received from the Data Subject and is updated according to what the Data Subject reports to the Data Controller.
5. Regular Sources of Information
We collect personal data during the customer relationship and while working to establish a potential customer relationship. Information is also gathered via email, an electronic contact form, and a newsletter subscription form on the Data Controller's website. Additionally, data may be collected from the Population Information System and other third-party registers, such as the Business Information System (YTJ) and The Finnish E-invoice Address Service (TIEKE). Data can also be collected during events like trade fairs and networking and marketing events.
6. Regular Disclosures of Data
Personal data may be selectively disclosed, for example, for the Data Controller's targeted marketing campaigns. The ownership of the data remains with the Data Controller, and third parties are not permitted to use the data for purposes outside the assignment. Information is disclosed to authorities as required by law, such as for investigating and preventing misuse. In order to fulfill a customer’s assignment or with the customer’s consent, data may also be transferred or disclosed to temporary registers, such as event, raffle, or research registers. We disclose personal data to a collection agency if necessary to monitor payments.
The following service providers used by Herea Oy may selectively process the personal data of the Data Subjects:
- Adobe Systems Incorporated (https://www.adobe.com/privacy/policy.html)
- Canva (https://www.canva.com/policies/privacy-policy/)
- Fennoa (https://fennoa.com/tietosuojaseloste-fennoapalvelu/)
- Google (https://policies.google.com/privacy?hl=fi)
- HubSpot (https://legal.hubspot.com/privacy-policy)
- LinkedIn Corporation (https://www.linkedin.com/legal/privacy-policy)
- Meta Platforms Inc (https://www.facebook.com/privacy/policy)
- Microsoft Corporation (https://privacy.microsoft.com/fi-fi/privacystatement)
7. Transfer of Data Outside the EU or EEA
The data in the Data Controller's customer register is generally not transferred outside the EU or EEA. However, data may be transferred or disclosed outside the European Union or European Economic Area, if necessary, by the aforementioned service providers. Please refer to the companies' privacy policies through the above links.
8. Principles of Register Protection
The Data Controller stores the customer register information in digital information systems, which are protected by usernames, passwords, and access rights. The network and hardware containing the register are secured by a firewall and other technical measures. Access rights required for logging into the information system are granted only to members of the data controller. A contact person oversees disclosures. Individuals handling customer data are always bound by confidentiality.
9. Right to Inspect and Correct Information
The Data Controller's customers and partners have the right to inspect their personal data and request the correction of incorrect information. Data will be inspected and corrected upon the person's signed written request, either by mail or by email. The request should be addressed to the contact person at the Data Controller's address:
Herea Oy / Eliina Puijola
Business ID: 2696141-6
Kauppatie 9, C-entrance
65610 Mustasaari, FINLAND
herea@herea.fi
10. Other Rights Related to the Processing of Personal Data
The Data Subject has the right to object to the processing of data and the right to request the restriction of data processing. The Data Subject has the right to receive their personal data, which they have provided to the Data Controller, in a structured, commonly used, and machine-readable format, and the right to transfer this data to another data controller. Additionally, the Data Subject has the right to object to automated decision-making and profiling. The Data Subject also has the right to prohibit the use of their data for marketing and advertising purposes and to secure other rights mentioned in the data protection law.
11. Data Deletion and Retention Period
Personal data is retained as long as there is a justifiable business-related reason for processing it. When there is no longer a basis for processing, the data is anonymized or deleted. The Data Subject may also request the deletion of data based on the law (the right to be forgotten). However, data will not be deleted if there is a legal requirement to retain it, if a competent authority has initiated a process requiring the Data Controller to retain the data, or if another party has applied for a protective order from a Finnish court for the data. The Data Subject can unsubscribe from the email marketing list via the unsubscribe link found in each marketing email.
12. Use of Cookies
We use so-called cookies on our website. Cookies are small text files that websites can use to make the user experience more efficient. According to the law, we can store cookies on your device if they are absolutely necessary for the operation of the site. We need your consent for the use of other types of cookies. You can find more information about our cookie practices in the summary below.
13. Updating the Privacy Policy
Based on business development and legal changes, the Data Controller reserves the right to update the content of the privacy policy without separate notice. We recommend reviewing the content of the policy regularly.
Updated 15.8.2024