privacy policy

Content
1 Description of the file
1.1 Name of the data file
1.2 Purpose of the processing of personal data
1.3 Description
1.4 Regular sources of information
1.5 Data storage
1.6 Disclosure of data
1.7 Disclosure and transfer of data outside the European Union or the European Economic
Area
1.8 Principles for the protection of data files
1.8.1 Manual files
1.8.2 Files stored electronically
1.9 Right of inspection of the data subject
1.10 Right of rectification of the data subject
1.11 Right to prohibit processing of the data subject
1.12 Cookies

1 Description of the file

Description of the file in accordance with section 10 of the Finnish Personal Data Act (523/1999)

Controller
INTO Concept Ltd
Lemuntie 3-5 C
00570 Helsinki
Tel. +358 40 351 8298
E-mail: contact@intoconcept.com

Person in charge of the data file or contact person
Mari Kukkonen
INTO Concept Ltd
Lemuntie 3-5 C
00570 Helsinki
Tel. +358 40 355 1671

1.1 Name of the data file
Data file of INTO Concept Ltd

1.2 Purpose of the processing of personal data
Personal information is used for customer relationship management and customer communication, with the goal of targeting our message so that you can get the message that is right for you. In addition, the information is used for marketing purposes, monitoring marketing measures and documenting. The processing of personal data is based on our legitimate interest in maintaining business relations, marketing, and communicating with you about our products, services, and events. We treat personal data in accordance with applicable law, in particular the General Data Protection Regulation (GDPR).

1.3 Description
The collected information is mainly collected from the person themselves. Registers’ main data is:
– The name of the person
– Email address
– Name of the company
– Marketing activity information, such as a persons’ participation in, for example, competitions and
events.

INTO Concept Ltd never collects their customers’ social security numbers or other personal contact information, such as personal phone numbers or home addresses.

1.4 Regular sources of information
Personal data is mainly collected from the person themselves. The information can be obtained from INTO Concept Ltd’s website (contact and subscription forms, material downloads) and the registration of INTO Concept Ltd events. Other sources of information include various customer contacts such as fairs, seminars, personal sales work, competitions, and various public sources.

The information may also be updated by authorized personnel or other third parties within the limits permitted by applicable law for the purposes described in this registration document.

1.5 Data storage
The information is retained for as long as INTO Concept Ltd is in operation or the user requests to delete their data.

We will discard obsolete and unnecessary data in an appropriate manner. We only retain personal information as long as it is necessary for the purposes of processing personal data as defined in this Privacy Statement. Due to the obligations of the Accounting Act or other applicable law, information may need to be kept for longer than the above-mentioned period.

1.6 Disclosure of data
The information in the register is only available to INTO Concept Ltd.

Information on the register is not disclosed to third parties, except for the obligation to legislate.

Registered personal data will be disposed of at the user’s request unless a law, contract or service provision prevents the data being removed.

1.7 Disclosure and transfer of data outside the European Union or the European Economic Area
Data from the register will not be disclosed outside the EU or the European Economic Area.

1.8 Principles for the protection of the data files
Personal data in electronic form is protected in the industry by generally acceptable and reasonable technical means such as firewalls and passwords. The non-electronic data contained in the register’s personal data are located in locked premises where unauthorized access is denied. Only persons with INTO Concept Ltd who have been identified by the controller or on their behalf and on behalf of the person have access to the personal data processed in the register in accordance with the access rights granted by INTO Concept Ltd. INTO Concept Ltd takes into account the applicable laws and regulations of the authorities and the industry organizations’ instructions for ensuring the confidentiality of personal data.

1.8.1 Manual files

No manual files shall exist.

1.8.2 Files stored electronically
Only employees who have the right to process personal data are entitled to use the personal data system. Each user has their own username and password in the system. Movements in work spaces are controlled by locked premises where unauthorized access is denied. Information is collected in databases protected by firewalls, passwords and other technical means. The registry is located on a server on the machine room where access to unauthorized persons is blocked. The information contained in the register is located in locked and secured spaces. Registries are regularly backed up. The backup is also stored in locked and secured spaces.

1.9 Right of inspection of the data subject
A person has the right, in accordance with applicable data protection law, to have access to the processing of their personal data and to have the right to request their personal information to be displayed on our registers. A person is entitled to claim for incorrect or inaccurate information correction or the removal of personal data from our registers. They also have the right to withdraw consent and to object to the processing of their personal data insofar as the processing of personal data is based on consent and require the processing of personal data to be restricted. Mode of operation: For personal check, correction and / or removal of personal information, please contact the contact person of INTO Concept Ltd in person. The Personal Data Check Request Form will be send to you via mail. Submit the form by personally bringing it to INTO Concept Ltd and be prepared to prove your identity. Set the appointment time for processing. The meeting addresses issues related to the verification request together. We may refuse to execute your claim on the basis of the applicable law.

1.10 Right of rectification of the data subject
A person is entitled to claim for incorrect or inaccurate information correction or the removal of personal data from our registers. If there is an error in the registered data, the registrar may file a request to the register holder to correct the error.

1.11 Right to prohibit processing of the data subject
The registrar has the right to deny the controller the processing of information about themselves regarding direct mail, distance sales and other direct marketing as well as market and opinion polls. The prohibition must be made in writing and signed to the controller.

1.12 Cookies
INTO Concept Ltd’s website uses cookies, ie cookie functions. A cookie is a small file stored on a user’s device by an internet browser. By using INTO Concept Ltd you agree to the use of cookies. More about cookies can be read from the following link: https://www.viestintavirasto.fi/en/cybersecurity/safeuseofservices/cookies.html. Cookies used on the site of INTO Concept Ltd. do not store personal data from the user. Cookies are only used to provide the user with the most smooth service experience. In addition, purchasing functions require cookies. We are developing services through this user tracking and focusing on marketing. If you are already a customer, we will store the customer information that you provide us. We only process this information ourselves and will not hand it over to third parties. We may also combine cookies, or other similar technologies, with information regarding the use of our services, with respect to privacy law, to other customer information about you. We may use this information to improve our services, products and processes, and to optimize our product offerings. However, we do not save or associate information that you can identify with your customer information about your individual behavior on our website.

REGISTRATION DOCUMENT – INTO Concept Ltd’s Marketing Register

1. The Registrar

INTO Concept Ltd
Lemuntie 3-5 C
00510 Helsinki

2. Contact person for matters relating to the Register

Mari Kukkonen
mari.kukkonen@intoconcept.com

3. The name of the registry

INTO Concept Ltd’s Marketing Register

4. Purpose of processing personal data

Personal information is used for customer relationship management and customer communication with the goal of targeting our message so that you can get the message that is right for you. In addition, the information is used for marketing purposes, monitoring marketing measures and documenting. The processing of personal data is based on our legitimate interest in maintaining business relations, marketing and communicating with you about our products, services and events. We treat personal data in accordance with applicable law, in particular the General Data Protection Regulation (GDPR).

5. Information content of the register

Main data in the register
– The name of the person
– Email address
– Name of the company
– Marketing activity information, such as a person’s participation in, for example, competitions and events.

6. Regular sources of information

Personal data is mainly collected from the person them self. The information can be obtained from INTO Concept Ltd’s website (contact and subscription forms, material downloads) and the registration of INTOConcept Ltd events. Other sources of information include various customer contacts such as fairs, seminars, personal sales work, competitions, and various public sources.

The information may also be updated by authorized personnel or other third parties within the limits permitted by applicable law for the purposes described in this registration document.

7. Ordinary deliveries of information

The information in the register is only available to INTO Concept Ltd. Information on the register is not disclosed to third parties, except for the obligation to legislate.

Registered personal data will be disposed of at the user’s request unless a law, contract or service provision prevents the data being removed.

8. Transfer of data outside the EU or EEA

Data from the register will not be disclosed outside the EU or the European Economic Area.

9. Principles of registry protection and the retention of personal data

Personal data in electronic form is protected in the industry by generally acceptable and reasonable technical means such as firewalls and passwords. The non-electronic data contained in the register’s personal data are located in locked premises where unauthorized access is denied.

Only persons with INTO Concept Ltd who have been identified by the controller or on their behalf and on behalf of the person have access to the personal data processed in the register in accordance with the access rights granted by INTO Concept Ltd. INTO Concept Ltd takes into account the applicable laws and regulations of the authorities and the industry organizations’ instructions for ensuring the confidentiality of personal data.

We will discard obsolete and unnecessary data in an appropriate manner. We only retain personal information as long as it is necessary for the purposes of processing personal data as defined in this Marketing Register File Description. Due to the obligations of the Accounting Act or other applicable law, information may need to be kept for longer than the above-mentioned period.

10. Right to Revision, Correction and Removal of Information.

A person has the right, in accordance with applicable data protection law, to have access to the processing of his / her personal data and to have the right to request his / her personal information to be displayed on our registers. A person is entitled to claim for incorrect or inaccurate information correction or the removal of personal data from our registers. He / she also has the right to withdraw consent and to object to the processing of his / her personal data insofar as the processing of personal data is based on consent and require the processing of personal data to be restricted.

Model of operation:
For personal check, correction and / or removal of personal information, please contact the contact personof INTO Concept Ltd in person.
Personal Data Check Request Form will be send to you via mail.
Submit the form by personally bringing it to INTO Concept Ltd and be prepared to prove your identity.
Set the appointment time for processing.
The meeting addresses issues related to the verification request together.
We may refuse to execute your claim on the basis of the applicable law.