Privacy policy

Registry and Privacy policy

This is the Registry and Data Protection Statement following Codetum Oy's Personal Data Act (Sections 10 and 24) and the EU General Data Protection Regulation (GDPR).

Created 7.4.2021. Last modified 7.4.2021.

Registrar

Codetum Oy, VAT: 3124708-1
Tel. +358 40 197 2421

Contact person responsible for the register

Arttu Pesonen
Tel. +358 40 197 2421
arttu (a) codetum.com

Name of the register

Codeutum Oy's customer and marketing register

Legal basis and purpose of the processing of personal data

The legal basis for the processing of personal data under the EU General Data Protection Regulation is:

• Personal consent
• Employment or customer relationship The purpose of the processing of personal data is communication with customers and/or marketing.

Content of the register

The information to be stored in the register is:

• The full name of the person
• Email address
• Website address and analytics collected by Codetum Oy from that website
• IP Address

Regular sources of information

The information stored in the register is obtained from the customer e.g. messages sent using website forms, via email, phone, social media services, contracts, customer meetings, and more situations in which the customer discloses his information.

Regular transfers of data and transfers of data outside the EU or the ETA

The information will not be disclosed to third parties. The information may be published to the extent agreed by the customer. Data may also be transferred by the controller outside the EU or the ETA.

Registry security principles

The register is handled with care, and the information processed by the information systems is protected duly. The registrar takes care of the stored data as well as server access and other information critical to the security of personal data is treated confidentially and only by their employees whose job description it belongs to.

Right of inspection and right to request correction of information

Every person in the register has the right to check the information stored in the register and to request any correcting incorrect information or supplementing incomplete information. If a person wants to check on him stored or to request rectification, the request shall be sent in writing to the controller. Registrar may, if necessary, ask the applicant to prove his or her identity. The registrar is responsible to the customer for the EU within the time limit set in the Data Protection Regulation (within one month).

Other rights related to the processing of personal data

A person in the register has the right to request the removal of his or her data from the register (“right become forgotten”). Data subjects also have other rights under the EU's general data protection regulation, such as restricting the processing of personal data in certain situations. Requests must be sent in writing to the controller. If necessary, the controller may ask the applicant to prove his or her identity. The controller will respond to the customer within the timeframe (within one month) set out in the EU Data Protection Regulation.