Privacy policy

This document is Respect Project Oy’s privacy policy, which is in accordance with Data Protection Act (1050/2018). Updated on 14th of September 2021.

This document specifies what types of personal data we may collect on you when you order our services or contact us through Respect Project Oy’s website, and the purposes we may use such data for. By using our website, you agree to the processing of your personal data in accordance with this privacy policy.

We may occasionally make changes to this privacy policy by publishing a new version of it on our website, so please check it regularly. By continuing to use the website and the related services after the publication of a new version, you are deemed to have accepted the modified terms and conditions.

 

1. Data controller

Respect Project Oy

Terästie 11

04220 Kerava

 

2. Contact person responsible for register matters

CBDO Mikko Hirvonen, mikko.hirvonen@respectproject.fi, +358 (0)10 311 3102

 

3. Register Name

Respect Project Oy / customer and marketing register

 

4. Legal basis and purpose of the processing of personal data

Personal data is used for the purposes intended by the Personal Data Act, such as

  • Customer relationship management and maintenance.
  • Customer newsletters and bulletins.
  • Customer enquiries and gathering customer information.
  • The execution, sales, management, invoicing, and development of services and the marketing of products or services provided by Respect Project Oy or its partners.
  • Respect Project Oy has the right to use and disclose any data in the register for reasonable purposes (e.g. opinion and marketing polls) in accordance with the Personal Data Act and other applicable legislation.

 

5. Data content of the register

  • Classification data provided by data subjects themselves (e.g. objects of interest)
  • IP addresses or other identifiers
  • Customer feedback information
  • Ordering, invoicing and delivery data
  • Data collected through cookies
  • Information gathered via social media channels
  • Other information gathered with the consent of customers
  • Data gathered from our online services
  • Name of the company, given name and surname of the data subject, address, e-mail address, telephone number, publicly available classification data, and information concerning permissions and bans for marketing purposes.

 

6. Regular data sources

Data stored in the register are received from the customers via messages sent through online forms, e-mail, telephone, social media services, contracts, customer meetings and other situations where the customers give their personal data. The data are automatically stored to the register when users give information to Respect Project Oy when using the www.respectproject.fi service.

 

7. Data storage

We do not store personal data longer than necessary for its purpose of use or than is required by the agreement or legislation. The retention time of personal data may vary depending on the purpose of use or situation. The retention time of personal data may also be based on legislation such as the Accounting Act. We aim to update your data when needed. Unnecessary data will be removed.

 

8. Regular disclosure of data

For purposes of direct marketing in accordance with section 19 of the Personal Data Act. For opinion polls, market research or similar surveys.

 

9. Disclosure of data

To provide you the Service in the best way possible, we may disclose data to companies in the same corporation or to our partners, who may process your data solely within the limits demanded for delivery of the Service. Our partners do not use data for any other purposes or disclose data to third parties. Respect Project Oy may, however, disclose data within the limits permitted and required by active legislation. Data can also be disclosed outside the EU or EEA, for purposes including technical maintenance and processing of data by our subcontractors.

 

10. Principles of register protection

The processing of personal data in the register is carried out with due care, and appropriate measures are taken to protect the data that is processed through data systems. If personal data is stored on online servers, appropriate measures are taken to ensure the physical and digital data security of such equipment. The data controller ensures that the stored data, server user rights and other data that is critical for the security of personal data are processed in confidence and only by employees whose work duties require them to do so.

 

11. Cookies

Cookies are small text files that are automatically stored on the user’s computer or device as they visit different websites. Our online service utilises cookies so that we can provide as user-friendly and high-quality a service as possible.

The cookies we use on our website are associated with Google Analytics and the social media services we use, which include the services of LinkedIn and Facebook.

These cookies are used to gather information such as which pages you visit, how long you stay on our website, where you came from to our website and what links you click on. We may utilize cookies to improve our services and our website, to analyse how our website is used, and to optimize and target advertising. With visitor analytics we develop our website, so it can be better and provide a better user experience.

We use Leadoo’s tracking service to follow what users are doing on the site and combine this behavioral data with other data we can gather from e.g. chat interactions. Leadoo uses etag tracking in order to hook together the same users behavior over several sessions – in practice this works similarly to cookie based tracking. Please check out Leadoo Marketing Technologies Ltd’s Privacy Policy (https://leadoo.com/privacy-policy/) for more information on what is tracked and what your rights are. Leadoo works as the Processor and we work as the Controller for the data in terms of GDPR. You can stop the tracking by emptying your browser’s cache after the visit. For more on how Leadoo works as a GDPR compliant processor, see https://leadoo.com/privacy-policy-processor/

If you do not want the online service to receive data through cookies, you may prohibit them. Note that in this case the online service may not function optimally.

Open cookie settings to control cookies

 

12. Right to the inspection and correction of data

Each data subject in the register has the right to inspect their data stored in the register as well as demand the correction of any erroneous data or supplementing of incomplete data. The right to inspection is free of charge once per year. If data subjects want to inspect their personal data stored in the data register or demand the data be corrected, they must submit a request to the data controller in writing. If necessary, the data controller may ask the data subject submitting a request to prove their identity. The data controller must respond to the data subject’s request within the time period specified in the EU General Data Protection Regulation (as a general rule, within one month).

The data controller may on their own initiative or upon request remove, correct or complete any data that is erroneous, unnecessary, incomplete or outdated. Requests for correction shall be made in writing.

 

13. Other rights related to the processing of personal data

Data subjects have the right to request the deletion of their personal data from the register (‘the right to be forgotten’). Data subjects also have other rights, as set out in the EU’s General Data Protection Regulation, including restrictions on the processing of personal data in certain circumstances. Requests shall be submitted to the data controller in writing. If necessary, the data controller may ask the data subject submitting a request to prove their identity. The data controller must respond to the data subject’s request within the time period specified in the EU General Data Protection Regulation (as a general rule, within one month).