Moilas | Confidentiality caption / Moilas Oy

Privacy policy / Moilas Oy

1. Controller

Moilas Oy
Paakarinpolku 1, 76850 Naarajärvi, Finland
Business ID: 1974649-4
Contact details: info@moilas.fi tel. +358 15 785 1200

Person responsible for data protection:
Sami Mustonen
sami.mustonen@moilas.com

2. Name of the register

Moilas Oy customer and communications register

3. General

In this privacy policy, we aim to explain as openly and transparently as possible how we process the personal data of the data subjects. We also describe the requirements and scope for processing personal data in order to ensure that the legal requirements for the protection of personal data and the privacy of data subjects are met and the rights of data subjects are not infringed. In this privacy policy, the data subjects refer to the following groups of persons:

  • Customers and the contact persons of our customer companies
  • Potential customers and the contact persons of our potential customers
  • Persons visiting the website of our organisation

4. Appropriate processing of personal data

The methods of appropriate data processing ensure that our procedures in the processing of personal data and measures to protect personal data are appropriate. The methods of appropriate processing of data at Moilas Oy are carried out in the following way:

  • There is a certain purpose of use and legal justification for the processing of data. The processing is transparent from the data subject’s point of view.
  • Only information that is necessary is processed with regard to the data subjects and only for the purpose for which the data was originally collected.
  • The data can only be processed in the organisation by the persons who are required to do so in order to fulfil their duties. The data is shared with third parties only in an appropriate way.
  • The data is stored taking account of appropriate security and only for as long as it is necessary.
  • The data is accurate and up-to-date.

5. Legal basis and the purpose of using the register

The processing of personal data is based on one or several of the following legal grounds:

  • An agreement signed between us
  • Legislation binding on the company
  • Consent given by the data subject
  • Legitimate interest of the controller

In situations where the processing is based on a legitimate interest, we have carried out a balance test and assessed that the interests of the person requiring the protection of personal data or their fundamental rights and freedoms do not override our legitimate interest.

The collected data is used at Moilas Oy for managing customer and consumer relations; gaining customers; administration and development; developing customer service and improving customer experience; offering better customer service; administering marketing campaigns; sending the newsletter; processing complaints; developing the business and services; analytics and statistical purposes; and for planning and developing the business operations.

6. Collection of personal data

We collect and process data, e.g. when

  • you provide us your data when dealing with us as a corporate customer or as a contact person of another stakeholder of ours
  • we need information about our partners from other sources within the scope permitted by applicable legislation (e.g. the Finnish Trade Register)
  • you send us consumer feedback, request information or submit a contact request
  • you take part in our marketing campaign or survey

7. Personal data that we process

We collect and process the following categories of personal data:

  • basic information about a corporate customer, such as your name, job title, your position in the company you represent, contact details (email, address and telephone) and language of communication
  • information related to the customer relationship, such as order, payment and invoicing data, and messages
  • entries regarding the rights of data subjects
  • personal data related to consumer feedback and contact data related to the delivery of prizes awarded in marketing campaigns (e.g. name, address and telephone)
  • data generated in connection with using our website, e.g. data gathered by cookies (equipment identity and type, operating system and application settings).

8. How long we store personal data

We store personal data in accordance with applicable legislation only for as long as it is necessary to achieve the purposes of processing the personal data. Personal data will be deleted when its storage is no longer necessary in order to fulfil the requirements of law or the rights or obligations of either party. In terms of customer accounts, personal data is retained for the duration of the customer relationship. Where necessary, data can also be stored after the end of a customer relationship to the extent permitted or required by the applicable law (e.g. personal data that is necessary in order to respond to claims in accordance with effective regulations concerning the period of limitation).

In terms of some of the data, there are legal requirements to store the data for a longer period, for example, for the following purposes:

  • The Accounting Act specifies longer retention times for data regardless of whether or not the material contains personal data
  • Meeting the requirements related to consumer trade responsibilities

You can opt out of our email marketing list via the unsubscribe link enclosed in all our marketing emails.

The cookie consent will automatically remain on the browser for 12 months, after which the visitor to the website will be asked for their consent again unless the visitor clears or deletes cookies from their browser or unless we amend our cookie policy. In these cases, we will insist that the visitor to the website updates their consent status to correspond with our current cookie policy. In such an event, the consent status of the visitor to the website will be reset to necessary cookies only until the visitor has accepted/rejected the cookies.

9. Transfer and disclosure of personal data

The personal data of consumers is processed outside Moilas Oy only if it is necessary (e.g. implementation of a marketing campaign and the delivery of prizes by a partner). We use trusted contracting parties, and the requirements of the EU data protection regulation and other legislation have been taken into account in the contracts we have signed with them. We also use customer data with third parties for analytics and personalisation purposes.

We may also share your data with the authorities if it is required by law for us to disclose the data if it is necessary, for example, to prevent or investigate fraud or other unlawful action. We may also share your personal data with other bodies by the order of a court of jurisdiction. Moreover, we may share your data with a buyer of a business or another relevant party related to a corporate transaction in connection with a potential sale of business or other corporate transaction.

When transferring and processing data, Moilas Oy ensures a high level of data security and data protection in accordance with the EU General Data Protection Regulation. We do not transfer personal data outside the EU or the EEA.

10. Principles of protecting the register

The confidentiality of personal data is important to us. We have implemented appropriate technical and organisational measures in order to protect personal data against accidental or unlawful loss, disclosure, misuse, editing or destruction, or unauthorised access. We use the following protection measures to ensure the safety of personal data:

  • The equipment and information systems used in the processing of personal data are technically protected to a sufficient extent, and access to them is protected with appropriate methods, including personal user IDs and changing passwords, firewalls and other technical means.
  • The employees have had extensive training and received instructions on appropriate processing of personal data, and all those processing personal data are bound by a confidentiality obligation in relation to all personal data.
  • Regular backup copies are made of electronic files.
  • Files in paper format are stored in a locked facility.
  • Destruction of materials containing personal data is carried out securely.
  • If despite security measures there is a data breach that is likely to have a negative impact on the data protection of data subjects, we will report the breach to the competent authorities and to the data subject in question as soon as possible if required by the applicable data protection legislation.

11. Rights of the data subject

You have the right to inspect your personal data. You can also request to rectify or erase you data at any time; the rectification request must be made on an individual basis so that we can easily rectify the error. However, please note that personal data that is necessary, for example, due to the requirements of applicable law, cannot be erased. You have the right to object to or restrict the processing of your personal data within the scope of the applicable law. If the processing has been based on consent, the data subject is always entitled to withdraw the consent they have received. Moreover, the data subject may also have the right to receive the data we are holding with respect to themselves and to transfer this data to another controller.

You can exercise your rights by sending a request to us at info@moilas.fi. If after that you find that the processing of your personal data is not appropriate, you have the right to consult the data protection authority, the contact details of which are available on tietosuoja.fi.

12. Cookies

We use cookies and corresponding technologies on the website www.moilas.fi. A cookie is a text file that is sent from the server of Moilas Oy and saved to your web browser or unit. We can use cookies for statistical purposes, such as monitoring the use of the website in order to improve user experience.