We treat personal information in accordance with the Finnish Personal Data Act and we respect the requirements of confidentiality and privacy in all our activities.
1. What personal data we collect
The personal data we collect can be grouped into the following categories:
Personal data collection
We collect information you provide directly to us. For example, when becoming a new client, we collect personal data, such as name, e-mail address and phone number. We also collect information which you provide to us via messages you have sent us, e.g. feedback or a request. For security purposes, we may have cameras in our offices.
2. How we may use your personal data and the lawful basis for doing so
We use your personal data to comply with legal and contractual obligations as well as to provide you with offers, advice and services.
The main purpose of processing personal data is to provision our services and manage our business contract or business relationship.
3. Who we may disclose your personal data to
Providing services and compliance with contracts may require the sharing of personal data.
We may share your personal data with others such as suppliers, payment service providers and business partners. We have entered into agreements with selected suppliers, which include processing of personal data on our behalf. Examples thereof are suppliers of IT development, email, maintenance, hosting and support.
Third country transfers
In some cases, we may also transfer personal data to organisations in so-called third countries (countries outside of the European Economic Area). Such transfers can be made if any of the following conditions apply: the EU Commission has decided that there is an adequate level of protection in the country in question, other appropriate safeguards have been taken, for example the use of the standard contractual clauses (EU model-clauses) approved by the EU Commission or the data processor has valid Binding Corporate Rules (BCR) in place, or that there are exceptions in special situations, such as to fulfill a contract with you or your consent to the specific transfer.
4. How we protect your personal data
Keeping your personal data safe and secure is at the center of how we do business. We use appropriate technical, organizational and administrative security measures to protect any information we hold from loss, misuse, and unauthorized access, disclosure, alteration and destruction.
5. Your privacy rights
You as a data subject have rights in respect of personal data we hold on you. You can:
• confirm if we process any personal data related to you and to deliver an electronic copy of such data,
• correct any inaccurate personal data related to you,
• erase any personal data related to you,
• restrict our processing of any personal data related to you, and
• stop processing any personal data related to you due to personal reasons.
You can always deny us from using any personal data related to you for direct marketing purposes. You can also at any time withdraw your consent for processing your personal data.
Sisua Digital collect, process and analyse data regarding the use of our webpages. Traffic data is data connected to visitors on the webpage and data handled in communication fields for sending, distributing or making messages available.
You can set or amend your web browser controls to accept or reject cookies. If you choose to reject cookies, you may still use our websites and some services, however your access to some functionality and areas of our website or services may be restricted substantially.
7. How long we process your personal data
If you or your company is a client of Sisua Digital, we may process your data as long as the client relationship is in force and for a maximum of 5 years thereafter. If you receive marketing communication from us, we may process your data until you inform us that you do not want to be in our marketing list anymore. If you visit our website, we may process your data for a maximum of 2 years after your visit.
To develop our services, we reserve the right to make changes to the Privacy Statement from time to time.
If the changes are significant, we will provide a more prominent notice, when we are required to do so by applicable law.
9. Contacting us or the data protection authority