Siirry suoraan sisältöön

Privacy Policy

1. Data Controller

Medipracticum Oy
Särkiniementie 19 B 33
00210 Helsinki

Business ID: 2039885-3

2. Data Protection Officer

Antti Lauerma
firstname . lastname at gmail com

3. Name of Register

Medipracticum Oy’s customer register.

4. Legal Basis and Purpose of Personal Data Processing

The processing of personal information is based on the law or the consent of the customer.
We collect and process customer information in accordance with the providing and facilitating services.
The purpose of processing personal information is contact with customers and administration of customer relationship.

Automated decision-making or profiling based on this data is not performed.

5. Content of the Register

Data stored in the register includes: individual’s name, email address and other data related to the customer relationships and ordered services.

We store the personal information only as long as necessary with the purpose of the information.

6. Regular Sources of Information

Data to be stored in the register is obtained from customers through means such as messages sent via web forms, emails, phone calls, social media services, contracts, customer meetings, and other situations where customers provide their information.

Contact information of individuals in companies and other organizations can also be collected from public sources like websites, directories, and other companies.

7. Regular Disclosures of Data and Transfer of Data Outside the EU or EEA

Data is not regularly disclosed to other parties. Information may be published as agreed with the customer.

Data will not be transferred by the data controller outside the EU or EEA.

8. Principles of Register Protection

Data processing is carried out with due care, and information processed through information systems is appropriately protected. When register data is stored on internet servers, their physical and digital security is ensured adequately. The data controller ensures that stored data, server access rights, and other information critical for data security are treated confidentially and only by employees whose job description includes it.

9. Right of Inspection and Right to Request Correction of Information

Each individual in the register has the right to review the data stored about them and to request correction of any erroneous information or completion of incomplete information. If a person wants to review the information stored about them or request its correction, the request must be sent in writing to the data controller. The data controller may request the requester to prove their identity if necessary. The data controller will respond to the customer within the time set out in the EU General Data Protection Regulation (usually within a month).

10. Other Rights Related to the Processing of Personal Data

Individuals in the register have the right to request the erasure of their personal data from the register (”right to be forgotten”). Similarly, data subjects have other rights according to the EU General Data Protection Regulation, such as restricting the processing of personal data in certain situations. Requests must be sent in writing to the data controller. The data controller may request the requester to prove their identity if necessary. The data controller will respond to the customer within the time set out in the EU General Data Protection Regulation (usually within a month).