Personal data controller is:
Atria Suomi Oy (Business ID: 1800395-5)
For more information about data protection policy and how we handle personal data you can contact us at email@example.com.
What personal information do we collect?
We collect information about our customers contact persons: name, title, role, address for work, phone numbers and email address. We also collect log notes regarding meetings with our clients into our CRM.
We also collect information regarding persons that participate events arranged by Atria Finland Ltd.
We mainly collect the personal information directly from the person or his/her employee.
How do we use personal information?
We use your personal information for:
- Maintaining and developing customer relations
- Managing custom orders and product sample deliveries
- Arranging events and trainings
- Informing and marketing
Personal information is not being used for automatic decision making or profiling.
This information is being handled based on customer relationship with our client.
How do we handle, preserve and protect personal information?
Personal information is only being accessed by employees who need it based on the employment relationship and his/her tasks. Personal information can also be processed by our system provider when testing and developing our information systems.
Personal information may also be used by our selected partners when doing research, consultancy, marketing and event arrangements. We agree with all our partners about the policies regarding GDPR and legislation.
Data protection is a process for securing reliability, consistency and availability of information. This process is handled according to Atria group data protection policy. All personal information is protected from unauthorized or illegal access and processing.
Data protection covers all information and processes controlled and handled by Atria. This also covers the data processing regarding the personnel, partners and clients. The information systems and processes at Atria are protected with high level security systems against security breaches and DoS (denial-of-service) attacks.
We comply with the regulation of GDPR stated by European Union Data protection policy as of 25th May 2018. Access to personal information is being controlled by good practices and policies.
Personal information is not being transferred outside European Union or European Economic Area.
How long do we keep personal information?
We maintain personal information according to the customer relation and the use cases described. We will remove personal information at latest after one year since the customer relation has ended.
Your rights as data subject
You have a right to request:
- Have access to your personal information and acquire a copy of it
- Rectification of your personal information and erasure under some preconditions
- Restrict or object processing of your personal data under some preconditions
- Have your personal information transferred to another information system under some preconditions
You may use your aforementioned rights by contacting firstname.lastname@example.org.
In case you consider that your rights under the data protection laws are infringed, you may lodge a complaint with a supervisory authority email@example.com.