The statement was prepared on 23.05.2018. Updated 18.8.2021.
Risk Control Services Finland Oy, Keilaranta 1, 02150 Espoo, Finland.
tel +358 45 319 7219
Risk Control Services Finland Oy's auxiliary business names are RCS Training, Conflict Control and Kehokoodi.
2. Name of the register
Risk Control Services Finland Oy customer and marketing register
3. Legal basis and purpose of processing personal data
The purpose of this statement is to inform visitors to the websites of Risk Control Services Finland Oy and its auxiliary business names, as well as users of Risk Control Services Finland Oy's services, about the collection, use and storage of personal data.
The legal basis for the processing of personal data in accordance with the EU General Data Protection Regulation is the management of the customer relationship, the implementation of the rights and obligations of the customer and Risk Control Services Finland Oy, and the processing of personal data in accordance with the Personal Data Act for purposes related to online services, risk control services Finland Oy and/or its
directing the partners' advertising and/or direct marketing based on customer data through Risk Control Services Finland Oy's media and services without disclosing personal data to a third party.
4. Data content of the register
The information stored in the register may include:
– First and last name
–Mobile phone number
– Company and position
– Address information
By ordering or using the services of Risk Control Services Finland Oy, you agree that we collect information related to you in accordance with this register and data protection policy.
The service provider of Risk Control Services Finland Oy's online trainings and courses is Kajabi LLC. Read about Kajab's data protection here: https://kajabi.com/policies. The first name, last name and email address of the participants in the online trainings are stored. Purchases of online courses take place in an online store, where Stripe acts as a payment intermediary. Read about Stripe's privacy practices here: https://stripe.com/en-fi/privacy.
Customer relationship management and newsletters
Anyone has the opportunity to subscribe to the newsletter of Risk Control Services Finland Oy and/or its auxiliary services through the order form on the samisallinen.fi website. The name and email address are stored by the newsletter service provider Kajabi LLC. You can log off the list at any time. Read more about Kajabi's data protection here: https://kajabi.com/policies.
Data retention period
Risk Control Services Finland Oy stores personal data for at least the time required by law or regulations. The retention period of customer data may be longer in order to achieve normal and legal business objectives. In the case of terminated customer relationships, all stored data is reviewed from time to time and unnecessary personal data is deleted.
Cookies are used, among other things, for measurement and research purposes to determine the use and usage volume of the website. Cookies are also used to target advertising. With the help of cookies, advertising can be targeted based on browser behavior, and with the help of cookies, the system also recognizes whether the user has seen the advertisement before, in which case the same advertisements are not shown to the same user all the time.
Advertising targeted by third parties based on cookies
The following parties collect cookie information on our website, which is used to target advertising:
- Facebook Inc. Read more about Facebook's privacy practices here: https://www.facebook.com/policy.php
- Google Ads. Learn more about Google's privacy practices here: https://policies.google.com/technologies/ads?hl=en-US
The following entities collect cookie information on our sites, which is used to develop the website:
- Google Analytics. Learn more about Google's privacy practices here: https://policies.google.com/technologies/ads?hl=en-US
Possible other data usage
Mandatory and legally required disclosures of data: Due to the requirements of the authorities and the law, it is possible that we are obliged to disclose information related to individuals. The disclosure or processing of data may also be considered if Risk Control Services Finland Oy needs to defend its rights in civil, corporate or criminal law.
Acquisitions: We may disclose or transfer the data we collect in connection with the sale of a company, the sale of shares, a merger with another company, any other corporate reorganization or bankruptcy.
6. Regular sources of information
The information stored in the customer and marketing register is obtained from the customer information system or through the person's own request.
7. Regular disclosure of data and transfer of data outside the EU or the EEA
The controller does not disclose data outside the EU or EEA. The aforementioned third parties can transfer data, but they comply with the regulations required by the EU. Learn more about their privacy for each entity.
8. Principles of register protection
The register is handled with care and the data processed in the information systems is protected appropriately. The data security of the servers storing register data is taken care of appropriately.
Stored data, server access rights and other information critical to the security of personal data are treated confidentially. They are handled only by those employees whose job description it belongs to.
9. Rights of the data subject
Every person in the register has the right to check the information stored in the register and to demand the correction of any incorrect information or the completion of incomplete information. If a person wants to check the data stored about him or her or request a correction, the request must be sent in writing to the controller.
A person in the register has the right to request the removal of his or her personal data from the register ("the right to be forgotten"). They also have other rights under the EU's General Data Protection Regulation, such as restricting the processing of personal data in certain situations.
If necessary, the controller may ask the applicant to prove his or her identity. The controller will respond to the customer within the time limit set in the EU Data Protection Regulation, usually within one month.
10. Changes to this statement