Personal Data Act (523/99) Sections 10 and 24
Last updated on Jan 4, 2021.
Oy Raisoft Ltd
FI-67100 Kokkola, Finland
Tel. +358 207 789 567
Email [email protected]
Business ID FI16159825
2. Person(s) responsible for register-related matters and/or contact person(s)
Data Protection Officer Marica Sundström, tel. +358 40 481 4004
Co-Founder Johan Boholm, tel. +358 20 778 9566
3. Name of the register
A register of Smart Break software’s customers and potential customers, as well as their personnel.
4. The purpose of processing personal data and the purpose of the register
We collect personal data on Smart Break software’s customers and potential customers and their personnel to establish and maintain customer relationships, to develop products and services and related advertisement, and for business planning and marketing purposes.
5. Content of the register
The register contains information that is relevant for managing customer relationships and potential customer relationships. Such information may include, for example, the customer’s name, contact information, preferred choice of language, preferred method of communication and marketing information. In addition, the register may contain the customer’s registration information, including the user ID and date of registration. The register may contain information regarding the customer’s health and well-being collected upon registration and during the use of Smart Break Premium (the information is obtained from the software’s standard inquiry form filled out by the customer). The register may also contain information about the interaction between the customer or potential customer and Raisoft regarding Smart Break software or other materials related to the software. The register may also contain information about the customer’s occupation, responsibilities and interests, feedback and complaints as well as any other information deemed necessary for successful customer relationship management.
6. Regular sources of data
The information stored in the register is mainly obtained from a company’s contact person or directly from the data subject when the customer relationship is established.
7. Regular disclosure and transfer of data outside the EU or EEA
The Controller will not disclose any personal data to third parties, except when required to do so by law. The Controller may transfer data contained within the register to its own direct marketing registers.
8. Data protection principles
The data in the Controller’s user register is stored in the Controller’s system that is protected by the operating system’s protection software. Personal data stored in the register is collected in a database that is protected by firewalls and other appropriate technical means. The servers are stored in locked facilities, which can only be accessed by authorized personnel. Access to the register is restricted to persons who have been granted access by Oy Raisoft Ltd. Access rights are removed when work tasks change or terminate. Third party service providers involved in maintaining the system are required to implement adequate data protection measures. Such third-party service providers are also obliged to protect the personal data contained in the register and are restricted from using the data in any way.
9. Data retention
We will retain your personal data in accordance with current legislation for as long as necessary for the purposes defined above. After this, your personal data will be deleted.
10. The right to object to processing
The data subject has the right to prohibit the Controller from processing their personal data for the purposes of direct marketing and/or market research and polls, public registers and/or genealogical research. Any such prohibition must be made in writing and addressed to the person responsible for register-related matters.
11. The right to access and inspect data
The data subject has the right to inspect their personal data contained in the register and obtain copies of them. The inspection request must be made in writing and addressed to the person responsible for register-related matters.
12. Data rectification
The Controller will rectify, remove or supplement any personal data that is obsolete, unnecessary, defective or outdated in the registry, either on their own initiative or at the request of the data subject. The data subject should contact the person responsible for register-related matters in order to correct the information.
13. The right to lodge a complaint
A “cookie” is a commonly used small text file that your Internet browser installs on your computer when you visit a website. Your browser sends information about your visit to a website when you visit the website again.
Each cookie is separately installed on each device you use and cookies can be read only by the server that installed the cookie. Because the cookie is bound to the browser, your choices relating to the management of cookies are applicable only to each separate browser. A cookie cannot collect information from your computer, and it cannot contain viruses or other malware, nor harm your device or files. Individual users cannot be identified solely by using cookies or similar technologies.
If you wish to disable Google Analytics, download and install the Opt-out Browser Add-on using this link. Please note that disabling Google Analytics will affect the functionality of our website.