Privacy policy

Registry keepers information:
Tickingbot Oy
Visiokatu 4, 33720 Tampere Finland
Business ID: 2757079-1

Person responsible of data protection:
Heikki Mustonen
Visiokatu 4, 33720 Tampere Finland
heikki.mustonen@tickingbot.fi

1 OUR PRINCIPLES FOR PROCESSING DATA

Tickingbot Oy respects your privacy and is committed to complying with EU General Data Protection Regulation (GDPR) and section 10 of the Finnish Personal Data Act (523/1999).

1.1 The following principles guide the processing of your personal data:

1.1.1 Personal data is confidential information

Your personal data is confidential. As a rule, your personal data is only processed by our employees.

1.1.2 Personal data is collected and used according to a plan

We avoid unnecessary collection, processing and storage of personal data.

1.1.3 We only process personal data for your best interests

Our processing of personal data is always based on written agreements or a customer’s decision to provide us with their personal data in conjunction with using our website or signing up for our services. We never process personal data for purposes other than the customer’s interests, and the data is processed in accordance with the instructions provided by the customer.

1.1.4 Key purposes of processing personal data

We primarily use personal data to provide services, manage customer relationships, issue invoices, market and sell services, recruiting. In addition, we use personal data to further develop these operations.

Customer information is only processed within the scope permitted by the GDPR and the Finnish Personal Data Act in Tickingbot Oy’s own personal data files.

2 HOW DO WE USE YOUR PERSONAL DATA?

We only collect, store and process personal data for predetermined purposes.

2.1 The main purposes of use include the following:

2.1.1 Provision and delivery of services and customer relationship management

We process personal data in conjunction with matters related to customer relationship management, such as providing and delivering services, invoicing, collecting debt, processing complaints, providing customer support and measuring customer satisfaction.

2.1.2 Fulfillment of statutory obligations

We may also collect and process personal data to meet our statutory obligations with regard to accounting or the authorities, for example.

2.1.3 Human Resources

As a rule, we only process personal data concerning employees and job applicants for HR administration purposes and to meet our obligations with regard to employment contracts as well as our statutory obligations related to employment relationships, and to assess job applicants and fill open positions.

3 WHAT DATA DO WE COLLECT AND FROM WHICH SOURCES?

We mainly collect personal data from you directly when you contact us. We may also collect personal data about customers from public sources and registers, such as LinkedIn and other social media channels.

We use services provided by Visitor Analytics to collect data about our website visitors in order to analyze and further improve our website.

As a rule, we only process personal data related to our customers (including potential customers), employees and job applicants.

3.1 Typically, we may obtain the following data directly from our customer’s contact person:

  • The name of the customer’s employer company, the first and last names of the contact person, business address, business e-mail address, telephone number and job title
  • Categorization information (e.g., interests) provided by the individuals themselves
  • Information submitted via contact forms and chat
  • Customer feedback information

3.2 We may also process the following personal data when a customer uses our website or services:

  • IP address or other identifier
  • Data collected through the use of our web page
  • From other sources, we may obtain in particular the following information about the customer: data related to the use of social media, such as LinkedIn, Facebook and Twitter

3.3 With regard to our employees and job applicants, we mainly process data provided by the individuals themselves and data generated during employment relationships

  • Basic information about the employee or job applicant
  • The job applicant’s CV and application, as well as reference information received with the consent of the applicant
  • Information necessary for salary payments
  • Information necessary for fulfilling rights and obligations related to the employment relationship
  • Certain sensitive information about the employee (trade union membership and health information), but only to meet our statutory obligations as an employer

With your consent, we may also collect and process other information.

4 ON WHAT GROUNDS DO WE PROCESS YOUR DATA?

We are responsible for ensuring that we always have legal grounds for processing your personal data. We may process personal data on several grounds, but we always ensure that at least one legal reason exists.

With regard to the information stored in our customer data files, we mainly process data to prepare and execute agreements and based on our legitimate interests, which include in particular the provision, delivery and development of our services; customer relationship management; the processing of complaints and customer feedback; and the provision of maintenance and further development services.

With your consent, we may also process other data related to you. If we are only processing your personal data based on your consent, you are entitled to withdraw your consent at any time. We may also process your personal data to meet our statutory obligations.

5 WHO PROCESSES YOUR DATA? IS IT DISCLOSED TO THIRD PARTIES?

As a rule, your personal data is only processed by Tickingbot Oy’s employees as part of their work.

In some cases, your personal data may be disclosed to our subcontractors under a confidentiality obligation. Our subcontractors process personal data based on a written agreement for the assignment. Our subcontractors process personal data in a predetermined manner, in accordance with our written instructions and only for purposes specified in this privacy policy.

Concerning personal data about our customers, we may use subcontractors, particularly with regard to data storage, customer relationship management (cloud storage services, project management and communication, CRM) and technical support.

We may also otherwise disclose data to meet contractual obligations or if required to do so by law or a competent authority.

In addition, we may disclose your data in conjunction with a business acquisition.

6 IS YOUR DATA TRANSFERRED TO NON-EU COUNTRIES?

Under certain circumstances, your personal data may be transferred outside the EU. Some of the cloud services we use are located outside the EU.

If data is transferred outside the EU, we ensure that the destination has an adequate level of data protection as determined by the European Commission, that transferees located in the United States have Privacy Shield certification, or that the transfer takes place under the Model Contract Clauses issued by the European Commission. In other words, we always ensure that any transfers of data are carried out on legal grounds and are subject to sufficient protection mechanisms.

7 HOW LONG DO WE STORE YOUR PERSONAL DATA FOR?

We do not store your personal data for longer than is necessary for its purpose of use or is required by a contract or agreement or by law.

However, the storage periods for personal data may vary depending on the situation and purpose of use. We regularly delete personal data once 24 months has passed since the latest measure carried out with regard to the data.

We also seek to update your data, if necessary. Any unnecessary data is deleted.

If we are required to store customer information or other personal data by law, such as the Accounting Act, we store the personal data until the statutory obligation expires.

8 HOW DO WE PROTECT YOUR DATA?

Your personal data is mainly stored in electronic format on our service provider’s servers, which are protected in accordance with general practices in the field.

The personal data that we collect and process is kept confidential and is only disclosed to people who need it as part of their work or to our contracting partners, such as our subcontractors, confidentially and to a limited extent.

Access to your personal data is limited and protected by means of user-specific identifiers, passwords and access rights. Our facilities are locked and protected.

9 ARE YOU OBLIGATED TO PROVIDE PERSONAL DATA?

If you refuse to provide your personal data or prohibit us from processing your personal data, we will probably not be able to serve you and fully meet the purpose of our operations.

If you do not wish us to process your personal data in accordance with the principles mentioned in this privacy policy, we request that you not provide us with any personal data.

10 WHAT RIGHTS DO YOU HAVE?

10.1 Withdrawing consent

If we are processing your personal data based on your consent, you may withdraw your consent at any time by notifying us by, for example, sending an e-mail to heikki.mustonen@tickingbot.fi

10.2 Access to data

You have the right to receive confirmation from us on whether we process personal data concerning you and to know what personal data we are processing. You also have the right to receive supplementary information about the grounds for processing your personal data.​

10.3 Right to have errors corrected

You have the right to request that we correct any inaccurate, outdated or otherwise incomplete personal data concerning you.​

10.4 Right to object to processing

If we are processing your personal data based on a general interest or our legitimate interest, you have the right to object to the processing of your personal data to the extent that the processing is not based on compelling legitimate grounds that override your rights or to the extent that the processing is not necessary to meet a statutory obligation.

Please note that this may limit our ability to serve you, or even prevent us from serving you.

10.5 Right to restrict processing

Under certain circumstances, you have the right to demand that we restrict the processing of your personal data.

10.6 Right to have data transferred

If we have processed your data based on your consent or to execute an agreement, you have the right to receive in a commonly used format the data that you have submitted to us in electronic format, so that the data can be transferred to another service provider.

11 HOW CAN YOU EXERCISE YOUR RIGHTS?

You can exercise the rights describe above by contacting us by, for example, sending an e-mail to heikki.mustonen@tickingbot.fi

Please include your name, address and telephone number in your message. Later we may ask a copy of your passport, driving license or other form of identification, so that we can confirm your identity.

12 UPDATING THE PRIVACY POLICY

We may update this privacy policy if changes occur to our operations or data protection principles. We may also update this privacy policy if laws are amended. Any changes will come into effect once we have published the updated privacy policy.

For this reason, we request that you study the content of this privacy policy at regular intervals.

13 WHO SHOULD I CONTACT IN MATTERS RELATED TO DATA PROTECTION?

Contact information:

Tickingbot Oy
Visiokatu 4, 33720 Tampere Finland
Business ID: 2757079-1

Heikki Mustonen
heikki.mustonen@tickingbot.fi

This privacy policy was last updated on November 27, 2019.

Tickingbot Oy, Visiokatu 4, 33720 Tampereinfo@tickingbot.fiLinkedIn