Privacy Notice, Trailmaker Oy
EU General Data Protection Regulation
This is a privacy notice for the purposes of the EU General Data Protection Regulation (the ”GDPR”). This privacy notice is used for explaining what information is collected by Trailmaker Oy and to explain how this information is stored and protected.
1. Data Controller
Trailmaker Oy - FINLAND - 2400131-5
Puh. +358 10 271 7490
Kaisaniemenkatu 6
00100 Helsinki
trailmaker@trailmaker.com
2. Contact details for issues concerning personal data
E-mail: trailmaker@trailmaker.com, +358 10 271 7490
3. The purpose and legal basis for processing personal data
The purpose of processing personal data in connection hereto is to maintain customer contacts and to market Trailmaker Oy’s products. The legal basis for processing the personal data is the performance of the customer agreement, or the customer’s request to take preparatory steps therefore (Article 6(1)(b) GDPR) and Trailmaker Oy’s legitimate interest to market its products to its contacts (Article 6(1)(f) GDPR).The information is not used for automated decision-making or profiling.
4. Personal data processed
Trailmaker Oy processes such personal data as the data subject may give to Trailmaker Oy. Such information includes name, title, company, billing information both for the data subject and the company, and, e.g., the names of the data subject’s or his/her company’s social media profiles, as well as information given on, e.g., business cards or in email footers. Additionally Trailmaker Oy will process information concerning the customers, orders, order changes and the like.In addition to information obtained directly from the data subject, Trailmaker Oy may also record information, e.g., the IP address used by the data subject, use of the Trailmaker website as well as content, likes and similar from social media accounts.
5. Regular sources of data
Data is mainly obtained from the data subject him- or herself through, e.g., web forms on the Trailmaker website, email, meetings, contacts and similar occasions. Data may also be obtained from public sources such as from company website or social media accounts.
6. Storage periods
The data is stored for the duration of any customer relationship and for two years thereafter. Should Trailmaker Oy during this time have a reasonable belief that the data may be needed longer, e.g., for a potential dispute, the data may be kept until the relevant statute of limitations period has expired.
Marketing data that are not connected to a customer relationship are kept for two years or until the affected party asks that it be removed. To the extent any customer’s or marketing contact’s personal data would be processed based on the consent of the data subject, the data subject may withdraw the consent at any time. Withdrawing consent does not affect the legality of any already undertaken data processing measures, however.
Customer data necessary for accounting and reporting purposes will be kept as specified in Finland’s accounting law Kirjanpitolaki 30.12.1997/1336 10.2.§, six years after end of the fiscal year that the said customer and Trailmaker Oy cooperated.
7. Regular disclosures of personal data; transfers outside the EU/EEA
Personal data may be transferred to data processors such as an external company sending a newsletter of behalf of the company, e.g., MailChimp/The Rocket Science Group LLC. Trailmaker Oy has ensured that the partners have similar type of personal data safety regulations as the GDPR, such as the EU-U.S. Privacy Shield Framework.
8. Information security
Appropriate care will be used in the processing of personal data and any data processed via IT systems adequately protected. When data is stored on Internet servers, the devices’ physical and digital information security is ensured. Trailmaker Oy will ensure that the save data, server access rights, and information critical to the safe storage of the data are dealt with confidentially and only by those members of staff for whose job functions it is necessary.
9. The right to inspect data and have incorrect data rectified
All data subjects have the right to inspect personal data Trailmaker Oy holds about them and to require that incorrect or lacking information be updated. Should the data subject wish to inspect his or her personal data, or ask that they be corrected, a written request can be sent to Trailmaker Oy using the contact details provided above. Trailmaker Oy may ask the requesting person to identify him- or herself, where necessary. Trailmaker Oy will respond to the data subject without undue delay and in any event within a month.
10. Other rights in connection to personal data
The data subject also has the right to object to his or her personal data being processed and to ask that information concerning him or her be removed from the register. The data subject also has all other rights provided for in the EU General Data Protection Regulation, such as the right to have the processing of personal data restricted in certain cases. Requests should be sent to Trailmaker Oy in writing using the contact details provided above. Trailmaker Oy may ask the requesting person to identify him- or herself, where necessary. Trailmaker Oy will respond to the data subject without undue delay an in any event within a month.
Should the data subject consider that Trailmaker Oy has processed his or her data unlawfully, the data subject may file a complaint with the data protection supervisor of his or her place of residence or work. In Finland, the data protection supervisor is the Data Protection Ombudsman (see tietosuoja.fi).