Privacy policy

Last updated 9.1.2023

This Privacy Policy (hereinafter “Policy”) informs you why Fonzit Oy
collects, uses or shares your personal data in connection with website
www.fonzit.fi and for the Services provided, including consulting,
design, development, care and maintenance of digital tools (“Services”).
Please read this Privacy Policy carefully before you start using the
Service

1. DATA CONTROLLER

The data controller in accordance with the applicable data protection
law is Fonzit Oy (hereinafter together “Fonzit”, “we”, “us” or “our”).
Fonzit is responsible for ensuring that your personal data is processed
in compliance with this Policy and applicable data protection laws.
Contact details of the data controller:
Fonzit Oy
Business ID: 3204618-5
Address: Hitsaajankatu 20-24, 00810 HELSINKI
Email: info@fonzit.fi
Contact details of the privacy manager:
Tommi Kylä-Kaila
Email: info@fonzit.fi

2. COLLECTION OF PERSONAL DATA

We may collect your personal data through different means, which are
explained below. As a rule, the personal data processed by us is
provided by you upon registration and/or when using the Services. The
personal data we collect includes e.g. the following categories of data:

• Name, title and role in the company presented;
• Contact details, such as email address and phone number;
• Information relating to client relationship, such as billing information;
• Social media contact details to services such as Twitter, LinkedIn and Skype; and
• Client interaction, client contacts and replies, including
• requests/queries through ticketing system.
  
  We may also collect technical data on the use of the Services, which
  may be associated with you. The technical data we collect includes e.g.
  the following categories of data:
  
• IP addresses, time stamps and log data relating to the use of the Services; and
• Device ID, device type, operating system used and application settings.

3. PURPOSE AND LEGAL BASIS FOR PROCESSING PERSONAL DATA

We process personal data for the following purposes:

1. Service provision and managing your client relationship
   The primary purpose of collecting personal data is to provide the
   Services and to manage and maintain the client relationship between us
   and you/the company you represent. In this case, our processing of
   personal data is based on the contract between you/the company you
   represent and us.
2. Marketing
   We may send you emails to inform you about new features of the
   Services, ask you for feedback, or provide you other relevant
   information about our services. In this respect, processing of personal
   data is based on our legitimate interest to provide you relevant
   information as part of the Services and to promote the Services to you.
   You may object to marketing communications at any time (please see
   section 8 of this Policy).
3. Service development and information security
   We also process personal data to ensure the security of the Services, to
   improve the quality of the Services and to develop new features to the
   Services. In these cases, the processing of personal data is our
   legitimate interest to ensure that our Services has an adequate level of
   data security, and that we have sufficient and relevant information at
   hand to develop our Services.

4. TRANSFERS AND DISCLOSURES OF PERSONAL DATA

We may disclose personal data to third parties:

• when permitted or required by law, e.g. to comply with requests
  by competent authorities or related to legal proceedings;
• when our trusted services providers provide services to us on
  behalf of us and under our instructions. We will control and be
  responsible for the use of your personal data at all times;
• if we are involved in a merger, acquisition, or sale of all or a
  portion of our assets; and
• when we believe in good faith that disclosure is necessary to
  protect our rights, protect your safety or the safety of others, investigate
  fraud, or respond to a government request.

5. TRANSFERS OF PERSONAL DATA OUTSIDE THE EU/EEA

Some of our services may transfer personal data from EU/EEA to the
United States. In such transfers we only rely on services that comply
with the EU-U.S. Privacy Shield Framework as set forth by the U.S.
Department of Commerce regarding the collection, use, and retention
of personal information transferred from the European Union, European
Economic Area, and Switzerland to the United States. (Learn more
about Privacy Shield at www.privacyshield.gov)

6. COOKIES

We also use cookies and other similar techniques on our website at
www.fonzit.fi and other web based tools. Cookies are small text files
placed on your device to collect and remember useful information, to
increase the functionality of our website and to make it easier to use.
We may also use cookies and other similar techniques for statistical
purposes to compile anonymous, aggregated statistics thereof,
concerning e.g. the use of the website, allowing us to understand how
users use the website and improve user experience.

You can set your web browser not to accept cookies, limit the use of
cookies or remove cookies from the browser. However, as cookies are
an important part of how our website works, limiting the use of cookies
may affect the functionality of the website.

7. RETENTION OF PERSONAL DATA

Your personal data will be retained only for as long as necessary to
fulfill the purposes defined in this Policy.

Most of your personal data will be retained during the course of your
relationship with Fonzit Oy. Some personal data might be retained after
your client relationship with us has ended, if required or allowed by
applicable laws. When your personal data is no longer required by law
or rights or obligations by either party, we will delete your personal
data.

8. YOUR RIGHTS

You have a right to access personal data we process about you. You
may access, correct, update, change or remove your personal data at
any time. However, please note that certain information is strictly
necessary in order to fulfil the purposes defined in this Policy and may
also be required by law. Thus, you may not remove such personal data.
You have a right to object for certain processing. To the extent required
by applicable data protection law, you have a right to restrict data
processing.
You have a right to data portability, i.e. right to receive your personal
data in a structured, commonly used machine-readable format and
transmit your personal data to another data controller, to the extent
required by applicable law.

Please send above-mentioned requests to us at info@fonzit.fi.

If you think there is a problem with the way we are handling your
personal data, you have a right to file in a complaint to your national
data protection authority in the EU/EEA. In Finland, that is
Tietosuojavaltuutetun toimisto. You can find contact details of
Tietosuojavaltuutetun toimisto
here: http://www.tietosuoja.fi/fi/index/yhteystiedot.html.

9. SECURITY

We maintain reasonable security measures (including physical,
electronic, and administrative) to protect personal data from loss,
destruction, misuse, and unauthorized access or disclosure. For
example, we limit access to personal data to authorized employees and
contractors who need to know the information in the course of their
work tasks.
Please be aware that, although we endeavour to provide reasonable
security measures for personal data, no security system can prevent all
potential security breaches.

10. CHANGES TO THIS POLICY

We may change this Policy from time to time. If we make any changes
to this Policy, we will let you know it on our website at www.fonzit.fi,
where you will also find the latest version of this Policy.

11. CONTACT US

If you have any questions regarding this Policy or the personal data we
process about you, please contact us at info@fonzit.fi.