Eurosec Oy (”Eurosec” or ”we”) is committed to protecting and ensuring the confidentiality and privacy of the personal data it possesses in accordance with the General Data Protection Regulation (EU 2016/679, the “GDPR”).
Business ID: 1039419-7
Höyläämötie 11 A, 4th floor
Contact person for matters concerning the register:
Eurosec processes and collects personal data for the following purposes:
The legal basis for the processing of personal data is Eurosec’s legitimate interest where the processing is related to the establishing, managing and developing of customer/supplier/partner relationships (including the entering into a contract with the organisation you represent and the management of such a contract). Eurosec also processes personal data based on its legitimate interest when providing and developing its services and when processing personal data for the purposes of communicating, marketing and invoicing and where the mentioned activities are related to a customer/supplier/partner relationship.
In some cases, we may also process your personal data to perform a contract to which you are a party or to carry out pre-contractual measures at your request.
To the extent permitted by the GDPR you have the following rights. Requests regarding the use of these rights shall be sent to firstname.lastname@example.org.
The contact details of the Data Protection Ombudsman:
Lintulahdenkuja 4, 00530 Helsinki
Phone number: 029 566 6700
Additional information: www.tietosuoja.fi
Personal data is primarily obtained from you by telephone, online, on the website of the company you represent, in meetings or other similar manners and in connection with the entering into agreements and during the course of a contractual or other similar relationships.
Personal data may also be collected and updated from publicly available sources like company websites and the trade register.
In order to provide you with the best possible service, we may disclose data to our partners, who will process your data only to the extent necessary to provide the service in question. These partners are processors in accordance with the GDPR, with whom we have entered into GDPR-compliant data processing agreements.
Eurosec uses service providers to process personal data for the following services:
Eurosec may also disclose personal data to the extent permitted and required by applicable law, for example to authorities.
As a general rule, Eurosec does not transfer personal data outside of the EU or the EEA.
If the purpose of the processing of personal data or the technical implementation of the processing so requires, personal data may be transferred outside the EU and the EEA. In this case Eurosec will comply with the requirements of the GDPR and the primary transfer tool used by Eurosec are the standard contractual clauses of the EU Commission, provided that the EU Commission has not adopted an adequacy decision for the receiving third country.
The personal data processors used by Eurosec are also through data processing agreements committed to using the standard contractual clauses of the EU Commission as the primary transfer mechanism, if personal data is transferred outside the EU/EEA.
As a general rule, personal data is processed as long as your and Eurosec’s relationship is active and the processing of your personal data is necessary for the purposes of processing in accordance with this policy, however taking into account retention periods set forth in mandatory and applicable laws (for example the accounting act).
Personal data processed based on a contractual relationship with a customer/supplier/partner is stored for the duration of the said relationship. After this, we will retain your data in case of any legal claims for a further three years, calculated from the end of the financial year during which the relationship ended.
Eurosec may process your personal data for marketing purposes for one additional year from the end of the financial year during which your relationship with Eurosec has ended. After this we consider your relationship with Eurosec passive.
Data relating to marketing and sales promotion (targeted marketing measures, participation in Eurosec’s marketing events) is stored for a period of three years, calculated from the end of the financial year in which the relationship with Eurosec has ended. If there is no above-mentioned relationship between you and Eurosec, marketing related data is retained for a period of three years, calculated from the performance of the last marketing measure.
After a withdrawal of consent Eurosec no longer processes personal data for purposes requiring consent. You can opt out from Eurosec’s marketing list by clicking on the relevant link in each marketing email sent by Eurosec.
We do not use data for automated decision-making or profiling.
Electronically processed data is protected by firewalls, passwords and other methods generally approved by the information security industry. Access to the register is restricted to those of Eurosec’s employees whose duties require the processing of the data in the register. All employees are bound by a secrecy obligation. We store your data in accordance with the from time-to-time applicable legislation and only for as long as it is necessary to fulfil the purposes described in this policy.
In case you do not provide all of the requested personal data to Eurosec, we might not be able to establish, manage and develop a customer/supplier/partner relationship with you or the legal entity you represent or communicate about our services with you.
Eurosec reserves the right to amend and update this policy. The up-to-date version of the policy is always found on Eurosec’s website. We recommend that you review the contents of the policy on a regular basis.
To the extent any discrepancies between this English version and the Finnish version of the personal data policy exists, the Finnish version will prevail.