Customer Register Data Privacy Statement

Last updated August 29, 2023

Controller

Psycon Oy
Mannerheiminaukio 1
00100 Helsinki, Finland

Contact person for register matters

Sinikka Viinikainen
Psycon Oy
Mannerheiminaukio 1
00100 Helsinki, Finland
tel. +358 20 710 1200
firstname.lastname@psycon.com

Description of the data privacy statement

This data privacy statement complies with Articles 13 and 14 of the General Data Protection Regulation (679/2016/EU) and the Data Protection Act (1050/2018). It explains how the controller processes personal data for the purpose of managing its customer relationships.

“Customers” refers to persons or companies that use the services provided by the controller.

Purpose of and the legal basis for processing personal data

The data contained in the register is processed for the purpose of managing customer relationships between Psycon Oy and its customers, providing and developing the controller’s services, and receiving orders for assignments, as well as in customer communication and marketing.

The legal basis for processing personal data is a legitimate interest arising from the management of customer relationships and the implementation of the related contractual relationships.

Data content of the register

Data collected in the register may include:

  • The data subject’s first name and last name, job title, telephone number and email address
  • Data related to the customer relationship, such as the customer’s name and Business ID, mailing and visiting address, customer number, billing information and information related to assignments
  • Other data necessary for the purpose of the register

Storage period of personal data

Personal data will only be stored in the register for as long as it is necessary to fulfill the purposes defined in this data privacy statement.

Regular sources of data

The source of personal data is the data subject themselves or a contact person in the customer company they represent. Personal data may also be collected and maintained from publicly available data sources such as the customer company’s website, the Trade Register and services provided by the authorities regarding personal data.

Regular transfer of data

Data from the register will not be transferred to parties other than those involved in the provision of Psycon Oy’s services and the development of its systems, unless a request is made by a competent authority or other party based on the legislation in force.

Data transfer outside the EU or EEA

Data from the register is not transferred outside the EU or EEA.

Register protection principles

Access rights to the register are only granted to those employees of Psycon Oy whose duties require processing of the data stored in the register. Access to the data in the register is protected by means of personal user IDs and passwords.

Data subjects’ rights

A data subject has the right to ask the controller for access to personal data concerning the subject, and to request rectification, erasure or restriction of processing of such data within the limits of and in accordance with the applicable data protection legislation. Requests for review must be made in writing and sent by email to dataprivacy@psycon.com. Data subjects also have the right to transfer data between systems. Data subjects are also entitled to file a complaint with the supervisory authorities.