Privacy notice 1.10.2020

1. General 

This privacy notice contains information on how WeAre Solutions Oy (“we”) collects, stores and processes your personal data.

2. Controller

WeAre Solutions Oy
Address: Äyritie 12, 01530 Vantaa

Business ID: 2750784-8

3. Representative of controller

Tuija Kohonen
e-mail: dataprotectionofficer@weare.fi
Tel. 0407703900

4. Personal data we collect and store

What kind of data we collect? 

We mainly collect data obtained from you as a client, business partner or other stakeholder. You may provide us personal data, e.g., through emails or our website and platform services. We may also in some cases obtain personal data from our customers.

The processed personal data includes following types:

• basic information, such as name, address, email address, phone number, position in the organization and name of the organization,
• other information you provide us in our communications

The collected personal data are stored as long as it is necessary for the processing for the purposes mentioned in this notice. We regularly review the collected personal data and take reasonable actions to ensure that no incompatible, outdated or inaccurate personal data are stored with us.

Purpose of and legal basis for processing personal data

The data are processed for the purpose of

• performing and developing our applications, identity management and service center services and cloud infra services
• contacting and communicating with our clients and other stakeholders

The data are not used for profiling, and no automated decision-making is performed on the data.

5. Data security

We take appropriate technical and organizational measures against unlawful processing of your personal data. All collected personal data are stored in databases protected by encryption, firewalls, passwords and other technical measures. Only the personnel who need to process your personal data for the purposes mentioned in this notice have access to it.

Security has been added to our daily work processes. Every of our employees have participated to security trainings and we use software to keep our devices hardened against harmful code.

6. Disclosure of personal data to third parties

We do not sell or otherwise make your personal data available to any third parties. We don’t use sub-contractors (e.g. IT service providers) that process personal data for us.

7. Transfer of personal data to countries outside the EU or the EEA

No data is transferred to countries outside the EU or the EEA or to international organizations.

8. Right of access to personal data and right to rectification of data

You have the right to check what details about you have been processed by us. You also have the right to request the rectification of any incorrect or inaccurate data concerning you.

Submit your request for access or rectification to email stated above in Section 3.

9. Right to forbid processing and deletion of data

You have the right to forbid the use of your details. Further, you have the right to withdraw your consent to the processing of your data. We will delete your data without undue delay. We may need to ask you to verify your identity.

Submit your request to email stated above in Section 3.

10. Right to lodge complaint with supervisory authority

You have the right to lodge a complaint with the supervisory authority (the Data Protection Ombudsman).

11. Changes to the Privacy Notice  

We are continuously developing our data protection policies and, therefore, may update this Privacy Notice from time to time. Updates may also be necessary due to changes in applicable laws and regulations.