×

Privacy Policy Statement

This is the Privacy Policy of LOUD & Clear Communications, in accordance with the Personal Data Act (art. 10 and 24) and EU's General Data Protection Regulation. Drafted on March 24, 2018. Last updated on March 25, 2018.

1. Data Controller

LOUD & Clear Communications
Rautokannantie 17 B 3
70840 Kuopio
Business ID: 2778323-6
Email: tuomas@loudclear.fi

2. Liaison for Client Register

Tuomas Puumalainen, tuomas@loudclear.fi

3. Register Name

Client Register

4. Purpose of and Justification for Personal Data Processing

In accordance with the GDPR, personal data is processed in connection with

• consent given by the data subject,
• an agreement in which the data subject is one of the parties,
• the data controller's legitimate interest (providing a service).

The purpose of personal data processing: to provide mutually agreed services, to maintain the client relationship, marketing, invoicing, and bookkeeping. The data shall not be used for automated decision-making or profiling.

5. The Register's Data Content

The register contains the following information: subject's name, position, organization, contact information (phone number, email, address), web address, services purchased and any changes to them, information needed for billing, and other information regarding the client relationship and purchased services.

6. Gathering of Personal Data

The data stored in the register is gathered from the client/subject, for example, through web forms, written communications, email, phone conversations, social media, agreements, client meetings, and other situations in which the data subject voluntarily provides their personal information.

7. Data Sharing and Data Transfer Outside the EU or ETA Zones

Data shall not be delivered to third parties.

8. Principles for Protecting the Registry

The registry is maintained with due diligence, and the data systems are appropriately protected. When registry data is stored on web servers, the hardware and software are appropriately secured. The Data Controller ensures that access rights to the register are handed to personnel in restricted capacity and in line with the requirements set by their work duties. All persons with access to the register are bound by professional confidentiality.

9. The Right to Access Data and to Request the Rectification or Erasure of Data

Data subjects have the right to access their personal data stored in the register and to request the rectification or erasure of erroneous information. Such requests shall be delivered in person or in writing to the liaison. The Data Controller may require that the person making the request provides identification. The Data Controller shall reply to inquiries within the timeframe set in the GDPR (usually within one month).

10. Other Rights of the Data Subject

In certain cases, the Data Subject has the right to have the controller erase data concerning him or her without undue delay. This right is also known as the right to be forgotten. The Data Subject also maintains all other rights granted in the GDPR, such as the right to restrict the processing of their data. Requests shall be sent in writing to the Data Controller. The Data Controller may require that the person making the request provides identification. The Data Controller shall reply to inquiries within the timeframe set in the GDPR (usually within one month).