Hurja Solutions Oy’s marketing and stakeholder register contains and processes personal data of customers, partners, website visitors, newsletter subscribers, and individuals who have contacted Hurja Solutions Oy (including job applicants). Hurja Solutions Oy collects user information when the user uses Hurja Solutions Oy’s website at www.hurja.fi, uses the contact form on the website, uses the chat service, subscribes to the newsletter, sends a contact request to Hurja Solutions Oy via email, or purchases services provided by Hurja Solutions (customer relationship).
When a customer relationship is established, we collect at least the following information: company name (if a corporate customer) and business ID, contact person’s name, address details, email address, phone number, possible marketing permissions and consents. We also collect other information related to the customer relationship, such as the customer’s order history and service usage history. It is also possible to register for Hurja Solutions Oy’s marketing and stakeholder register with just an email address.
Drafting date: April 23, 2018, modified: November 17, 2022, valid indefinitely.
Hurja Solutions Oy
Käsityökatu 43, 70100 Kuopio, Finland
Phone. 0290 031 113
Contact Person for Matters Concerning the Register
044 546 7899
Hurja Solutions Oy’s Marketing and Stakeholder Register
Purpose of Personal Data Processing
The purpose of processing personal data is to manage stakeholder cooperation, handle customer relationships, maintain user accounts, identify users, provide and deliver services, invoicing, recruitment, develop Hurja Solutions Oy’s business, website, and services, planning and analysis, and responding to contact requests. The information may also be used for advertising, direct marketing, and targeting marketing to customers.
Content of the Register
The register contains personal information provided by individuals themselves or compiled from publicly available sources and information relevant to the person’s job responsibilities, such as:
Regular Sources of Information
The register is compiled from:
Regular Disclosures of Data
Hurja Solutions Oy does not disclose the information in the marketing and stakeholder register to third parties. In some cases, your information may be processed by a third party that is a service provider for Hurja Solutions Oy. Hurja Solutions Oy may also share your personal data to the extent required by applicable law, regulation, legal process, or enforceable request.
Transfer of data outside the EU or EEA
Basis of register protection
The register is electronic, and personal data is kept confidential. The data networks and systems used by the register controller and its information system partners are protected by firewalls and sufficient technical data protection solutions. The data stored in the register is securely protected according to industry-standard practices, and only authorized employees of Hurja Solutions Oy, who require access for their work tasks, can view the data.
The use of systems is monitored, and access to the systems is restricted. User identification is carried out, whenever possible, through two-factor authentication using a username and password. The data in the register is processed at Hurja Solutions Oy only by personnel whose job description includes such processing.
Rights related to the processing of personal data
Rights related to the processing of personal data
Updating of information
An individual can request the updating of their information by sending an electronic message to the register controller at any time.
Right to object
An individual has the right to object to the processing of their data for direct marketing and other marketing purposes at any time.
Right of access
A data subject has the right to access the personal data stored in the register concerning them. A written request for access must be made, and proof of identity must be provided with the request. The right of access may be denied based on legal grounds. In principle, exercising the right of access is free of charge.
Right to rectification, erasure, or restriction of processing
To the extent that a data subject can take action themselves, they must without undue delay, after becoming aware of an error or upon discovering an error, rectify, erase, or supplement any personal data in the register that is inaccurate, unnecessary, incomplete, or outdated, and contrary to the purpose of the register. If a data subject is unable to correct the data themselves, a request for correction must be made to the register controller.
A data subject also has the right to request the controller to restrict the processing of their personal data, for example, when the data subject is waiting for the controller’s response to a request for rectification or erasure.
Right to data portability
To the extent that a data subject has provided personal data to the register themselves, which is processed to fulfill an agreement between the register controller and the data subject, the data subject has the right to receive such data in a machine-readable format and the right to transfer this data to another controller.
Right to lodge a complaint with a supervisory authority
A data subject has the right to lodge a complaint with the competent supervisory authority if the register controller has not complied with applicable data
If personal data is processed based on the data subject’s consent, the data subject has the right to withdraw their consent by notifying the data controller in writing.