Integrity policy
According to the General Data Protection Regulation, the personal data controller of a register is obligated to inform the register’s data subjects in a clear manner. This statement fulfils this informing obligation.
Updated: 15.02.2022
1. Personal data controller
yri.fi / LLS Data Ab Oy, Y-tunnus 1993086-5
Address: Hitsaajankatu 6, 00810 Helsinki, Suomi
Phone: +358451252500
E-mail: support@llsdata.fi
Data protection officer: Håkan Lövdahl
2. Data subjects
In our registers are:
• Potential customers
• Customers
3. Purpose of use of personal data
Grounds for keeping the register:
• Personal data is being processed based on an existing customer relationship
• Personal data is being processed based on consent
Purpose for the register and the processing of personal data
Personal data is only being processed for predetermined purposes, which are:
• customer relationship management
• informing about services
• the data subject's use of our services
4. Personal data recorded in the register
The customer register contains the following information:
Contact information
• Name
• Address
• E-mail
• Phone number
• Possibly a profile picture
Customer information
• Information on products/services bought
5. The data subject’s rights
The data subject has the following rights, and requests for their use should be sent to support@llsdata.fi
Right to access data
The data subject may check the data we have recorded.
Right to rectification
The data subject may request the rectification of inaccurate or incomplete personal data.
Right to object
The data subject may object to the processing of personal data if the data subject feels that personal data has been processed unlawfully.
Right to forbid direct marketing
The data subject has the right to forbid the use of personal data for direct marketing.
Right to deletion
The data subject has the right to request the deletion of data if personal data processing is not necessary. We will handle the request for deletion and proceed to either delete the data or state a justified reason for not being able to delete the data.
It should be noted that the controller may have legal or other rights to not delete the requested data. The controller is obligated to preserve accounting materials for the duration (10 years) set out in the Accounting Act (Chapter 2, Section 10). For this reason, materials related to accounting cannot be deleted before that term has expired.
Withdrawing consent
If the processing of personal data is only based on the data subject’s consent and not for instance on a customer relationship or membership, the data subject may withdraw consent.
The data subject may complain of the decision to the Data Protection Supervisor
The data subject has the right to demand us to restrict the processing of controversial data until the matter is solved.
Right to complain
The data subject has the right to complain to the Data Protection Supervisor if the data subject feels that we are violating the effective data protection regulation when processing personal data.
Contact information of the data protection supervisor: https://tietosuoja.fi/en/contact-information
6. Regular information sources
Customer information is regularly obtained from:
- from the customer as the customer relationship is born
- from the customer through an online form
- Kauppalehti information services
- Public registers of the Finnish Patent and Registration Office
7. Regular disclosure of data
The data is not generally disclosed for marketing purposes outside LLS Data Ab Oy. Use of the services we provide with the assistance of third parties requires the disclosure of information, such as the sending of e-invoices and the like.
8. Duration of processing
Personal data is usually processed for as long as the customer relationship exists.
9. Personal data processors
The controller and its employees process personal data. We may also outsource the processing of personal data partly to a third party, in which case we will guarantee with contractual arrangements that personal data is processed in compliance with valid data protection legislation and also otherwise appropriately.
10. Transferring data outside the EU
Personal data is not transferred outside the EU or the EEA.
11. Automatic decision-making and profiling
We are not using the data for automatic decision-making or profiling.