Privacy policy

We are committed to complying with the EU General Data Protection Regulation (2016/679, “GDPR”).

The purpose of the Regulation is to enhance individuals’ rights in managing and processing their personal data. Under the GDPR, the data controller has an obligation to inform data subjects in a clear and transparent manner. This notice fulfils that information obligation.

General

In order to provide you with the best possible service, we need to collect and process certain personal data about you. We value your privacy and are committed to protecting it. This privacy notice explains what personal data we collect, the principles according to which we process it, and what rights and choices you have regarding your data. As the data controller, we mainly process the personal data of the contact persons and other personnel of our customer companies. Personal data refers to any information relating to an identified or identifiable individual, such as a name, email address, phone number, or job title.

We process your personal data in accordance with this privacy notice and applicable legislation, and we ask you to read this notice carefully. We may update this notice as our operations develop or as legislation changes.

By using our services, our website, or by contacting us, you consent to the processing of your personal data as described in this privacy notice.

1. Name of the register

Customer register of Inoxia Oy

2. Controller
Inoxia Oy, Business ID 3170693-8

Inoxia Oy (hereinafter also referred to as “the Company” or “we”) acts as the data controller with respect to the personal data processing described in this privacy notice.

3. Processors

Only those employees of the data controller who need to process customer data as part of their duties are authorised to access systems containing customer information. Each user has their own username and password.

4. Purpose of the register

We collect, store, and process your personal data solely for predefined purposes. The main purposes include:

• Targeting our services to you
• Fulfilling our contractual obligations
• Complying with legal obligations and claims • Customer communication
• Responding to contact requests
• Developing our business

5. Personal data processed

We primarily collect personal data from you directly when you contact us or later in connection with the use of our services. For new customers, we may also collect data regarding prospects from LinkedIn, potential customer companies’ online services, or by using tools intended for sales prospecting (e.g., Leadfeeder).

In addition, we may collect information from public sources and registers, such as the Finnish Business Information System (YTJ). We also collect website visitor information through Google Analytics to analyse and improve the functionality and user-friendliness of our site.

A significant portion of the personal data is collected through our website and the forms found therein. The customer data we process includes information necessary for managing customer relationships, such as name, email address, and phone number. During a customer relationship, additional information may be generated and collected, mostly related to customer companies. We also use tools and software for customer marketing, each of which has its own data protection procedures. The use of customer marketing tools requires user-specific login credentials (access rights).

6. Processing of personal data

We ensure that we always have a lawful basis for processing your personal data. We may process your data for several reasons, including the performance of a contract and compliance with legal obligations. When we use subcontractors or service providers, we ensure through contractual arrangements that confidentiality is maintained and that all processing complies with the law.

We may also process your personal data based on our legitimate interests, which include providing our services and conducting and developing our business. In some cases, we may process certain personal data based on your consent.

7. Disclosure of data

As a rule, your personal data is processed by employees of our company as part of their duties. We may also outsource certain data processing functions, such as the systems used for storing and processing personal personal data. In such cases, we ensure through agreements that confidentiality is maintained and that data is processed lawfully.

We may disclose your data if required by law, a court order, or a competent authority. We may also disclose your data in the event of a corporate or business transaction.

As a general rule, your personal data will not be transferred outside the EU.

8. Data retention

We do not retain your personal data longer than is necessary for their purpose or as required by contract or law. Retention periods may vary depending on the purpose of processing and the circumstances.

9. Data security

Your data is stored on servers provided by our service provider, protected in accordance with industry standards. The personal data we collect and process is kept confidential and is only disclosed to persons who require it for their work or confidentially and in a limited manner to our customers under service agreements. Access to personal data is protected with user-specific credentials, passwords, and access rights.

10. Destruction of data
Documents containing customer data are destroyed appropriately once they are no longer needed.

11. Rights of the data subject

You have the right to inspect the personal data stored about you free of charge. You also have the right to request the deletion of your data. If your data contains errors, you may submit a written request to correct them. You may also restrict the processing of your personal data. Requests must be submitted in writing and signed.

Withdrawal of consent

If your data is processed based on your consent, you may withdraw your consent at any time by notifying us in writing by email.

Right of access

You have the right to obtain confirmation as to whether we are processing personal data concerning you and to know what data we process. You also have the right to receive supplementary information on the grounds for processing your data.

Right to rectification

You have the right to request that we correct inaccurate, outdated, or otherwise incomplete personal data concerning you.

Right to object to direct marketing

You have the right to prohibit the use of your data for direct marketing.

Right to object

You may object to the processing of your personal data if you believe that it has been processed unlawfully.

Right to restriction of processing

In certain situations, you have the right to request that we restrict the processing of your personal data.

Right to data portability

If we process your data based on your consent or for the performance of a contract, you have the right to receive the personal data you have provided to us in a commonly used electronic format so that it can be transferred to another service provider.

Controller
Contact information: Inoxia Oy
Osoitetie 2
08500 Inoxia
Phone: +358 44 507 5534