Privacy Policy
Basis for maintaining the register
The retention of information in the register is based either on a contractual relationship with our company or on the person’s consent to the retention of information.
We collect and store information about potential new customers based on customer relationships or business. The collection of information from new potential customers is based on business and we collect the information ourselves.
Purpose of using personal data
We process personal data in connection with customer relationships or other relevant connections for processing, analysis and marketing purposes.
Our operations are based on legitimate business, so we also comply with EU legislation on the retention of personal data:
* The information we store about individuals is legal, reasonable and transparent for processing. This means that you can access your information at any time.
* There is a purpose limitation on the information – for example, the information we collect about individuals is limited to a specific purpose. We do not disclose your information to third parties unless there is a valid reason to do so.
* We minimize the information we store – we only store the necessary information
* We strive to keep our information accurate
* We limit the retention of information – the information is defined by a lifetime, after which it is automatically or routinely deleted unless there is a legal reason to retain it.
Contents of the register
The information stored in the register includes: the person’s name or nickname, contact information (phone, email), pictures, and a description of the apartment and situation.
In connection with customer relationships, we store minimum information, which typically includes the person’s unique name, possibly the company, and contact information such as email address and phone number.
The information is deleted when the matter has been processed.
Sources of information
The information stored in the register is obtained from the customer, for example, through online forms, email, phone, messages sent through social media services, contracts, customer meetings, and other situations where the customer provides information.
In addition, in connection with our business, we may use names picked from the media, for example, to contact them for business purposes.
Disclosure and transfer of information
Information is not disclosed to third parties.
Transfer of information outside the EU or EEA
Information is not disclosed to third parties.
Security of the register
The register is handled carefully and the information processing systems are appropriately protected. When registering information on internet servers, their physical and digital protection is appropriately taken into account.
The responsible party ensures that the stored information and access rights related to personal data critical to the security of servers and other information are handled confidentially and only by employees whose job it is. Manually maintained material is located in premises to which unauthorized access is prevented.
Right to inspect
Everyone in the register has the right to check their information in the register and request correction of incorrect information or supplementation of incomplete information. If a person wants to check or request correction of information stored about him/her, the request must be sent in writing to the register holder. If necessary, the register holder may ask the applicant to prove his/her identity. The register holder will respond to the customer within the time limit set by the EU Data Protection Regulation (usually within one month).
The person in the register has the right to request the deletion of his/her personal data from the register (“the right to be forgotten”). Registered persons also have other rights under the EU General Data Protection Regulation, such as restricting the processing of personal data in certain situations. The request must be sent in writing to the register holder. If necessary, the register holder may ask the applicant to prove his/her identity. The register holder will respond to the customer within the time limit set by the EU Data Protection Regulation (usually within one month).