Fluent Progress RT Oy’s description of the personal data file and data protection in accordance with the Personal Data Act (523/1999, sections 10 and 24) and the EU General Data Protection Regulation (GDPR).
Fluent Progress RT Oy
Torikatu 29, FI-80100 Joensuu
+358 29 1700 860
Contact person responsible for the register
Fluent Progress RT Oy
Torikatu 29, 80100 Joensuu
+358 50 590 5643
Name of the register
Fluent Progress RT Oy’s customer, user, and marketing register
The legal basis for personal data processing in accordance with the EU General Data Protection Regulation (GDPR) is:
- Consent given by the data subject (documented, voluntary, personal, conscious, and unambiguous)
- Contract that the data subject is a party of
- A legitimate interest of the controller (e.g. customer relationship, employment, membership)
Purpose of personal data processing
The purpose of personal data processing is keeping in contact with customers, maintaining customer relationships, and marketing. Personal data is processed for customer communications and other customer relationship management, control and development purposes, and for analytical and statistical purposes. Customer data contained in the register can be used by the controller, other companies in the same group, and their partners for direct advertising, remote sales or other direct marketing, for opinion and market research, and for sending other similar addressed post. Data is not used for automated decision-making or profiling.
Information contained in the register
Information saved in the register include: Name of the data subject, telephone number, email address, street address, workplace, and position in the company. Details of the workplace and/or community of the data subject including contact details, the unit, work tasks, interests, marketing bans, job descriptions, and roles of the data subject within the organisation, and the use history of the customer. Information of discussions with the data subject, customer feedback information, filling of forms, registration and participation in events, and newsletter subscriptions. The register can also include the IP address of the network connection used by the data subject, usernames/profiles on social media services, information of ordered services and modifications, invoicing information, and other information relating to the customer relationship and ordered services. Data relating to a customer relationship will be stored for the duration of the customer relationship, however observing the minimum storage period required by law e.g. in case of contracts.
Regular sources of information
Data saved in the register are provided by the customer e.g. on online forms, by email, on telephone, through social media services, in contracts, at customer meetings, and in other situations where the customer conveys personal data. Personal data is collected from the data subject and from information provided during registration and use of the services.
Regular transfers of data and transfer of data outside the EU or the EEA
No regular transfers of data are made to third parties. Data can be published to the extent that has been agreed with the customer in advance.
Data can be transferred by the controller outside the EU or the EEA e.g. in connection to customer communications.
Data security principles
Care will be exercised in handling the register, and data processed in information systems will be appropriately protected. When data contained in the register are stored on internet servers, the physical and digital security of the equipment is ensured in an appropriate manner. The controller ensures that the stored data and data that is critical for the security of the personal data, such as server access rights, are processed confidentially and that such data is only processed by persons whose work tasks include such processing.
Right to inspect, prohibit, modify, and delete information
All data subjects have the right to inspect the data concerning themselves that has saved in the register and to demand that any incorrect data be corrected or any incomplete information complemented. If a person wants to use their inspection right or to demand that data concerning themselves be corrected, the request must be submitted in writing to the controller. Where required, the controller has the right to ask the data subject to prove his or her identity. The controller must react to any such requests that are made by the customer within the time period specified in the GDPR (in most cases, within one month).
Other rights relating to the processing of the personal data
Data subjects have the right to request that any information concerning themselves be removed from the register (the right to be forgotten). The data subjects also have all other rights specified in the GDPR, such as restricting the processing of personal data in certain situations. Requests must be submitted in writing to the controller. Where required, the controller has the right to ask the data subject to prove his or her identity. The controller must react to any such requests made by the customer within the time period specified in the GDPR (in most cases, within one month).
Purpose of cookies
We can use the data collected of the use of our website for producing advertising or content targeted at certain browsers. We can create customer segments based on websites that have been visited using certain browsers during a certain period of time. Advertising relating to our service will be shown to these customer segments. We can use our partners in creating these customer segments, in which case we ensure through contracts that our partners only use the data on behalf of Fluent Progress RT Oy and will not use the data in the partner’s own operations or will not convey the data to third parties. We can use behavioural data collected from external websites in creating customer segments and in targeting advertising.
For more information of browser-based advertising and on online privacy, please click here.