Privacy Policy

We are committed to complying with the EU General Data Protection Regulation (2016/679 “GDPR”)

The purpose of the regulation is to increase individual rights in the management and processing of their personal data. According to the data protection regulation, the data controller has the obligation to inform the registered in a clear manner. This statement fulfills the obligation to inform.

General

In order to serve you as best as we can, it requires that we collect and process some information about you. We value your privacy and are committed to protecting it. This privacy statement contains information about what personal data we collect, on what principles we process it, and what rights and opportunities to influence you have regarding your data. As data controllers, we specifically process the contact and other personnel data of our client companies. Personal data is all information related to an identified or identifiable person, such as name, email address, phone number, or job title.

We process your personal data in accordance with this privacy statement and applicable legislation, so we ask you to read this privacy statement carefully. We may also update the privacy statement as our operations evolve or legislation changes.

By using our services, our website, or contacting us, you agree that we process your personal data in accordance with this privacy statement.

1 Register name

Optolevel Ltd’s customer register

2 Register controller

Optolevel Ltd, business ID 0978342-7

The controller in relation to the processing of personal data described in this privacy statement is Optolevel Ltd (hereinafter also “Company” or “we”).

3 Register processors

Only those employees of the controller who have the right to process customer data due to their work are entitled to use the systems containing customer information. Each user has their own username and password.

4 Purpose of the register

We collect, store, and process your personal data only for predefined purposes. The main purposes of use are:

  • Targeting our services to you;
  • Fulfilling our contractual obligations;
  • Compliance with legal obligations and claims;
  • Customer communication;
  • Responding to contact requests; and
  • Developing our business.

5 Personal data stored in the register

We mainly collect personal data about you from yourself during contacts or later when using our services. For new customers, we may also collect information about prospects from LinkedIn, from the web services of potential client companies, or using tools intended for new customer acquisition (e.g., Leadfeeder).

In addition, we may collect information from public sources and registers, such as the YTJ information service. We also collect visitor information on our website using the Google Analytics service, so we can analyze and improve our site to make it even better and more user-friendly.

Personal data is significantly collected through our website and the forms located there. The customer data in use consists of customer data collected for the purpose of handling customers’ matters, which in all cases includes the customer’s name, email, and phone number. Information is also generated and collected during the customer relationship, mainly related, however, to client companies. We also use customer relationship marketing tools, into which data is collected. Different tools, software, each with privacy policies, are used for producing customer marketing in the company. Usernames and passwords (access rights) are always required for the use of customer marketing programs.

6 Processing of personal data

We ensure that we always have a legal basis for processing your personal data. We may process your personal data on several different bases. We process your data to fulfill a contract and comply with legal obligations. When using subcontractors and service providers, we ensure that the confidentiality of personal data is maintained and that data is otherwise processed lawfully.

We also process your personal data based on our legitimate interest, which is to provide our services and conduct and develop our business. We may also process some personal data based on your consent.

7 Disclosure of information

As a rule, your personal data is processed by our staff as part of their duties. We may also outsource some processing of personal data, such as the storage and processing systems used for personal data. In such cases, we ensure through contracts, among other measures, that the confidentiality of your data is maintained and that data is also otherwise processed lawfully.

We may disclose information as required by law, a court, or a competent authority. We may also disclose your information if we are involved in a corporate or business transaction.

Your personal data is not, as a rule, transferred outside the EU.

8 Storage of the register

We do not store your personal data for longer than is necessary for its purpose of use or as required by contract or law. However, the retention periods for personal data may vary depending on the purpose of use and the situation.

9 Protection of the register

Your data is stored on our service provider’s servers, which are protected according to industry general practices. The personal data we collect and process is kept confidential and is not disclosed to anyone other than those who need it in their work or confidentially and limitedly based on service contracts to our clients. Access to your personal data is protected with user-specific IDs, passwords, and access rights.

10 Destruction of the register

Customer documents containing customer information are properly destroyed after processing.

11 Rights of the data subject

The data subject has the right to check their data stored in the register free of charge. The data subject also has the right to demand the deletion of their personal data from the register (see also “storage of the register”). If there are errors in the data, the data subject can request the correction of the error from the register controller in writing. The data subject can also limit the use of their data. Requests for deletion, correction, rectification, and limitation must be made in writing and signed to the register controllers.

Withdrawal of consent
If we process your data based on your consent, you can withdraw your consent at any time by notifying us in writing by email.

Access to information
The data subject has the right to receive confirmation from us as to whether we are processing personal data concerning you in the register and to know what personal data concerning you we are processing. Additionally, you have the right to receive supplementary information about the grounds for processing your personal data.

Right to have inaccuracies corrected
The data subject has the right to request that we correct any inaccurate, outdated, or otherwise incomplete personal data concerning you.

Direct marketing prohibition
The data subject has the right to prohibit the use of their data for direct marketing.

Right to object
The data subject can object to the processing of personal data if they feel that personal data has been processed unlawfully.

Right to restrict processing
In certain situations, you have the right to demand that we restrict the processing of your personal data.

Right to data portability
If we have processed your data based on your consent or to fulfill a contract, you have the right to receive the data you have provided to us electronically in a commonly used format so that the data can be transferred to another service provider.

The data subject has the right to prohibit the controller from processing their data for direct marketing, distance selling, and other direct marketing as well as market and opinion research. For prohibition matters, contact the register controllers.

12 Additional information on data protection

The controller complies with the regulations and standards given for the retention of personal data and continuously checks and improves practices related to the above-mentioned matters.

Obligation to provide data and consequences of not providing data
Providing data is voluntary, especially for potential customers. We usually ask for the name, phone number, email address, and a brief description of the need from potential customers on our website. Providing and processing personal data is to some extent mandatory, as we may need information to the extent that we can determine whether we are disqualified from accepting a new assignment.

Do we use cookies on the website and what are they?
We use cookies on our website to provide the best possible user experience for the site visitor. Cookies are short text files that a web server stores on the user’s terminal device. Cookies give us information about how users use our website. We may use cookies to develop our services and website, analyze the use of the website, and target and optimize marketing. The website user can consent to or deny the use of cookies from their web browser settings. Most web browsers automatically allow cookies. Please note that blocking cookies may limit the functionality of our website.

Controller

Contact information:

Optolevel Ltd
Puomikatu 3
37150 Nokia
+358 40 033 1000
rauli.tuominen@optolevel.fi