Privacy policy

General Data Protection Regulation – GDPR

Controller

Siipotec Oy
Ketolankuja 2
FI-85100 Kalajoki
VAT 3251960-8

Contact Details

Virpi Siipo, virpi.siipo(at)siipotec.fi

Data Subjects

The contact persons of current and potential customers, subcontractors, suppliers and other partners. The personnel of Siipotec Oy.

Purpose of Use of Personal Data

The processing of personal data is based on a customer relationship, consent, an assignment, or another relevant relationship. Personal data is processed only for specified purposes, including the maintenance and development of customer relationships, communication, and other related activities.

Categories of Personal Data

The register contains information on company contact persons, including name, title or role, workplace address, telephone number, postal address, email address, and business sector.

Labour law obligations are complied with when processing employees’ personal data at Siipotec Oy.

Sources of Personal Data

The information is primarily obtained from the data subjects themselves or from their employer.

Data transfer

Personal data will not be disclosed to third parties. Data may only be disclosed to authorities in accordance with Finnish law.

Personal data will not be transferred or disclosed outside the EU or EEA.

Data Security

Access to personal data at Siipotec Oy is limited to employees whose duties require it, such as those in sales and marketing. The controller may outsource the processing of personal data and ensures, through contractual arrangements, that all personal data is processed in accordance with applicable data protection legislation.

Access to the data system requires user authentication. Only personnel who need the information to perform their duties have access to the system.

Correction and Deletion of Personal Data

Data subjects have the right to access their personal data held by the controller.

Data subjects may object to the processing of their personal data if they believe that their data has been processed unlawfully.

Data subjects have the right to request the correction or deletion of inaccurate personal data.

Data subjects have the right to withdraw their consent to the processing of personal data at any time, where processing is based on consent. The above requests must be submitted in writing to the controller’s contact person.

The controller may be legally required or otherwise entitled to retain personal data despite a request for deletion. For example, accounting records must be retained for the period specified in the Finnish Accounting Act and cannot be deleted before the retention period has expired.

Data Retention

Personal data is retained for as long as necessary to fulfill the purposes outlined in this notice and for the duration of the customer, partnership, or supplier relationship with Siipotec Oy.

Personal data is regularly deleted when it is no longer necessary.