Privacy policy

Registry and privacy policy

Prepared on March 10, 2023

1. Controller‍
Business ID: 3328830-3
Rubynet Oy (Ltd)
Riippakoivunkatu 5
04480 Haarajoki
myynti@rubynet.fi

2. Contact person responsible for the register‍
Henry Häkkinen
henry.hakkinen@rubynet.fi
+358 40 046 3507
‍
3. Register name
Company customer register and online service user register

4. Legal basis and purpose of processing personal data
The legal basis for processing personal data under the EU General Data Protection Regulation is
- individual's informed consent
- contract in which the data subject is a party
- legitimate interest of the controller, for example, customer relationship before a contract

The purpose of processing personal data is to maintain communication with customers and maintain the customer relationship.

The data is not used for automated decision-making or profiling.

5. Register information content
The information to be stored in the register includes: person's name, company/organisation, email and the content of the message sent through the contact form. The information is kept indefinitely.

Cookies that are necessary for the website's functions are processed on the basis of legitimate interest, among other things, to ensure security and to collect statistics on website visitors in cases where they can be considered personal data. Consent is requested separately for third-party cookies if necessary.

6. Regular sources of information
The information to be stored in the register is obtained from the customer through messages sent by web forms, email, telephone, contracts, customer meetings, and other situations in which the customer provides their information. Contact information for companies and other organisations may also be collected from public sources such as websites, directory services, and other companies.

7. Regular disclosures of information and transfer of information outside the EU or EEA
Information is not regularly disclosed to other parties. Information may be published to the extent agreed upon with the customer. The controller may also transfer information outside the EU or EEA. Information is not transferred to the United States without the explicit consent of the data subjects. Information may be transferred to our subcontractors as necessary to fulfil any contracts and services.

8. Principles of register protection
Care is taken in the processing of the register and the information processed with the help of information systems is appropriately protected. When register information is stored on Internet servers, the physical and digital security of the hardware is appropriately ensured. The controller ensures that stored information, as well as server access rights and other information critical to the security of personal data, are handled confidentially and only by employees whose job description includes it.

9. Right of inspection and right to request correction of information
Each person in the register has the right to check their information stored in the register and to request the rectification of any incorrect information. Inquiries should be made in writing to the contact person responsible for the register. The data controller may, if necessary, request the requester to prove their identity. The data controller will respond to the customer within the timeframe provided by the EU's data protection regulation.

10. Other rights related to the processing of personal data
The individual in the register has the right to request the removal of their personal data from the register. Similarly, data subjects have other rights under the EU General Data Protection Regulation, such as the right to restrict the processing of personal data in certain situations. Requests must be sent in writing to the data controller. The data controller may request that the requester prove their identity if necessary. The data controller will respond to the customer within the time frame specified in the EU General Data Protection Regulation.