Register and privacy policy

This is a register and privacy policy statement of PING Helsinki Oy, and the statement complies by Finnish Personal Data Act (10 and 24 §) and General Data Protection Act (GDPR) of the European Union. Compiled 24th May 2018. Last updated 27th March 2019. 

 

  1. Holder of the register

Name: PING Helsinki Oy (later PING Helsinki)

Address: Sofiankatu 8, 00170 Helsinki

Business ID: 2787024-1

 

  1. Contact person

Inna-Pirjetta Lahti

Mobile number: +358 50 376 0824

Email: inna (at) pinghelsinki.fi

 

  1. Name of the register

Client and influencer register of PING Helsinki

  1. Legal basis and purpose of handling personal data

According to the General Data Protection Act of the European Union, the legal basis for handling personal data is the lawful right of the holder of the register. This is based on the client relationship between the registered and the holder of the register.

 

The purpose for handling personal data is the management or analysis of the client relationship or other appropriate relationship relating to the matter, the production and personalisation of services, development and planning of business activities, marketing, sales, opinion or market research and customer communication, which can be executed digitally and be targeted. 

The data is not used for automatised decision making or profiling.  

 

  1. Data content of the register

The register can handle the following information of all those who have registered:

  • Name 
  • Position
  • Company/organisation/channel
  • Contact details (mobile number, address, email)
  • Website address(es), IP address, usernames/profiles on social media channels
  • Data of social media channels
  • Data on services ordered and changes to them
  • Invoicing information
  • Any other information relating to the client relationship and services ordered

Information is stored for the duration of the client relationship and removed after the client relationship has been terminated if requested by the client. 

In some client groups the register is also used to handle background information given by the client themself. This information is stored indefinitely, unless some of the information has been stated to be stored for a shorter or longer period of time. 

 

  1. Normal sources of information

The stored information is collected for example from messages sent with digital forms, email, phone, social media services, contracts, client meetings and other occasions where the client is releasing information. 

 

  1. Release or transfer of information outside the EU or ETA

Information will not be released to third parties. Information can be published to the extent that has been agreed with the client.

The holder of the register can transfer information also to regions outside the EU or ETA. 

 

  1. Principles for register protection

The register will be handled carefully and data collected with information systems will be protected appropriately. When data is stored on Internet servers, the physical and digital information security of the equipment will be appropriately taken care of. The holder of the register ensures that the stored information, usage rights of the servers, and other critical information relating to the security of personal data will be handled confidentially and only by the employers into whose job description it belongs to. 

  1. Right of inspection and right to demand data correction

Everyone whose data is stored in the register has the right to inspect the information collected of them and demand the correction of faulty information. If the person wants to inspect the collected information or demand correction, the request ought to be sent to the register holder in writing. The register holder can ask the requester to prove their identity if necessary. The register holder replies to the client within the time limit set in the EU Data Protection Act (principally within a month). 

 

  1. Other rights relating to the handling of personal data

Person whose data is stored in the register has the right to request any of their personal data to be removed from the register (“the right to be forgotten”). The person also has all of the rights deriving from the European Union GDPR Act, such as limiting the handling of personal data in certain circumstances. Requests ought to be sent to the register holder in writing. The register holder can ask the requester to prove their identity if necessary. The register holder replies to the client within the time limit set in the EU Data Protection Act (principally within a month). 

 

Changing the Register and Privacy Policy

PING Helsinki is constantly developing their services, and so we reserve all the rights to change this policy statement. We recommend that you read the policy regularly. In case intrinsic changes are made to the policy statement, we inform all those whose data is stored in the register.