Contact us

Privacy policy

This document is Respect Project Oy’s privacy policy, which is in accordance with sections 10 and 24 of the Personal Data Act and the EU General Data Protection Regulation (GDPR). Drafted 2 April 2020.

This document specifies what types of personal data we may collect on you when you order our services or contact us through Respect Project Oy’s website, and the purposes we may use such data for. By using our website, you agree to the processing of your personal data in accordance with this privacy policy.

We may occasionally make changes to this privacy policy by publishing a new version of it on our website, so please check it regularly. By continuing to use the website and the related services after the publication of a new version, you are deemed to have accepted the modified terms and conditions.

 

1. Data controller

Respect Project Oy

Terästie 11

04220 Kerava

 

2. Contact person responsible for register matters

CBDO Mikko Hirvonen, [email protected], +358 (0)10 311 3102

 

3. Register Name

Respect Project Oy / customer and marketing register

 

4. Legal basis and purpose of the processing of personal data

Personal data is used for the purposes intended by the Personal Data Act, such as

  • Customer relationship management and maintenance.
  • Customer newsletters and bulletins.
  • Customer enquiries and gathering customer information.
  • The execution, sales, management, invoicing, and development of services and the marketing of products or services provided by Respect Project Oy or its partners.
  • Respect Project Oy has the right to use and disclose any data in the register for reasonable purposes (e.g. opinion and marketing polls) in accordance with the Personal Data Act and other applicable legislation.

 

5. Data content of the register

  • Classification data provided by data subjects themselves (e.g. objects of interest)
  • IP addresses or other identifiers
  • Customer feedback information
  • Ordering, invoicing and delivery data
  • Data collected through cookies
  • Information gathered via social media channels
  • Other information gathered with the consent of customers
  • Data gathered from our online services
  • Name of the company, given name and surname of the data subject, address, e-mail address, telephone number, publicly available classification data, and information concerning permissions and bans for marketing purposes.

 

6. Regular data sources

Data stored in the register are received from the customers via messages sent through online forms, e-mail, telephone, social media services, contracts, customer meetings and other situations where the customers give their personal data. The data are automatically stored to the register when users give information to Respect Project Oy when using the www.respectproject.fi service.

 

7. Data storage

We do not store personal data longer than necessary for its purpose of use or than is required by the agreement or legislation. The retention time of personal data may vary depending on the purpose of use or situation. The retention time of personal data may also be based on legislation such as the Accounting Act. We aim to update your data when needed. Unnecessary data will be removed.

 

8. Regular disclosure of data

For purposes of direct marketing in accordance with section 19 of the Personal Data Act. For opinion polls, market research or similar surveys.

 

9. Disclosure of data

To provide you the Service in the best way possible, we may disclose data to companies in the same corporation or to our partners, who may process your data solely within the limits demanded for delivery of the Service. Our partners do not use data for any other purposes or disclose data to third parties. Respect Project Oy may, however, disclose data within the limits permitted and required by active legislation. Data can also be disclosed outside the EU or EEA, for purposes including technical maintenance and processing of data by our subcontractors.

 

10. Principles of register protection

The processing of personal data in the register is carried out with due care, and appropriate measures are taken to protect the data that is processed through data systems. If personal data is stored on online servers, appropriate measures are taken to ensure the physical and digital data security of such equipment. The data controller ensures that the stored data, server user rights and other data that is critical for the security of personal data are processed in confidence and only by employees whose work duties require them to do so.

 

11. Cookies

Cookies are small text files that are automatically stored on the user’s computer or device as they visit different websites. Our online service utilises cookies so that we can provide as user-friendly and high-quality a service as possible.

Our website utilises Google Tag Manager and Google Analytics software (‘Software’) to collect statistics on the website users to improve the quality of the online service. The Software stores data on what web pages you visit, how much time you spend on the site, from where you navigated to the site and what links you click on.

If you do not want the online service to receive data through cookies, you may prohibit them (most browsers allow for the disabling of cookies). Note that in this case the online service may not function optimally.

 

12. Right to the inspection and correction of data

Each data subject in the register has the right to inspect their data stored in the register as well as demand the correction of any erroneous data or supplementing of incomplete data. The right to inspection is free of charge once per year. If data subjects want to inspect their personal data stored in the data register or demand the data be corrected, they must submit a request to the data controller in writing. If necessary, the data controller may ask the data subject submitting a request to prove their identity. The data controller must respond to the data subject’s request within the time period specified in the EU General Data Protection Regulation (as a general rule, within one month).

The data controller may on their own initiative or upon request remove, correct or complete any data that is erroneous, unnecessary, incomplete or outdated. Requests for correction shall be made in writing.

 

13. Other rights related to the processing of personal data

Data subjects have the right to request the deletion of their personal data from the register (‘the right to be forgotten’). Data subjects also have other rights, as set out in the EU’s General Data Protection Regulation, including restrictions on the processing of personal data in certain circumstances. Requests shall be submitted to the data controller in writing. If necessary, the data controller may ask the data subject submitting a request to prove their identity. The data controller must respond to the data subject’s request within the time period specified in the EU General Data Protection Regulation (as a general rule, within one month).