Privacy policy

Personal and business customer representatives,
24 Center Oy, 25.5.2018

Controller

24 Center Oy

Robert Huber road 3

01510 VANTAA

Person responsible for data protection

Joose Pinomaa (Managing Director)

tel. +358401966396

[email protected]

Personal data processed

Registered groups: personal customers of 24 Center Ltd and personal representatives of corporate customers

The following personal data are always collected from a one-off customer:

If necessary, the following personal data will also be collected from a one-off customer:

The information collected from a contract customer is the same as for a one-off customer, plus the following:

Purpose and ground for processing

24 Center Ltd processes personal data in order to perform the contracts it has entered into with its customers. With the consent of the data subject, 24 Center Ltd also uses the personal data it collects for marketing purposes.

The processing grounds under the GDPR are as follows:

Recipient groups

The roles within the company are described in the Information Accounts.

Accountant: (Faktucon Oy) information necessary for accounting purposes For partners

In addition, software or web services from Accountor Finago, Domainhotelli Oy

In addition, the data is disclosed to LINK Mobility Oy, whose SMS interface transmits SMS messages from the 24 Center's Monitoring system to the network of operators and partners/customers.

Contract amendments required by the GDPR will be made with the above-mentioned third-party processors of personal data.

Retention period of personal data

Personal data is stored for the time necessary for the performance of the contractual service and for the duration of the customer relationship. The customer relationship begins with a one-time customer when the customer orders a service from 24 Center Ltd and ends at the request of the customer or 24 Center Ltd. The customer relationship with a contract customer lasts while the contract is in force. In addition, retention will continue for up to 10 years after receipt of the data if the data subject has consented to the use of their data for marketing purposes, unless the data subject withdraws their consent sooner.

When the data becomes redundant or obsolete, it may be archived in an archive accessible to the CEO of 24 Center Ltd, unless the exercise of the data subject's rights requires the complete deletion of the data. In such cases, appropriate safeguards will be put in place.

An annual review is also carried out to check whether there is a legal basis for the retention of all personal data and to delete any redundant data.

Rights of the data subject

The data subject has the following rights:

In all matters relating to their rights, the data subject should contact the Managing Director of 24 Center Oy, whose contact details are set out above.

Right to object

According to Article 21 of Chapter 3 of the GDPR, the data subject has the right to object to the processing of personal data concerning him or her in such a way that the controller may not process them when certain conditions are met. For example, the processing of personal data for direct marketing purposes can be objected to. In order to exercise the right to object, the data subject is requested to contact the CEO of 24 Center Ltd.

Withdrawal of consent

The data subject may withdraw his or her consent to the use of his or her data for marketing purposes at any time. This can be done by contacting the CEO of 24 Center Ltd.

Right to complain

According to Article 77 of the GDPR, data subjects have the right to lodge a complaint with a supervisory authority if they consider that personal data are being processed in breach of the Regulation.

Obligation to provide information

Only the data necessary for the above-mentioned processing criteria are collected and therefore the provision of the data is compulsory and necessary for the conclusion of the contract. In the case of personal data processed on the basis of consent, the provision of the data is of course voluntary.

Data breaches

The company's CEO is responsible for the data breach notifications to the authority and the data subject required by the GDPR.

Risk to the rights and freedoms of the data subject

The risk to the rights and freedoms of the data subject is assessed to be moderate. It is managed through appropriate and compliant data protection governance. The risk assessment has been implemented in the company's information accounting.

👋 Wait! Before you go...

Thank you for your feedback!
Sincerely, 24 Center Team