General Privacy Policy

Last updated: 01/09/2023

Your privacy is important to us

Protecting your personal data and privacy is of utmost importance to us. We are committed to respecting your privacy and protecting the personal data we process.

This General Privacy Policy applies to:

  1. Communications and marketing
  2. Someturva's online store
  3. Our website, such as someturva.fi and the processing of personal data collected through cookies. The use of cookies itself is described in a separate Cookie Policy.

This General Privacy Policy does not apply to the processing of personal data on our Someturva service. A separate Privacy Policy of the Service applies to the service.

These terms have been translated from their original Finnish version which was updated on 22.3.2023. 

Data controller and contact information

Somis Enterprises Oy (Someturva)
Business ID: 2837159-1
Köydenpunojankatu 2 a D
00180 Helsinki
info@someturva.fi

Someturva is the data controller under data protection legislation. Someturva is responsible for ensuring that personal data is processed in accordance with this Privacy Policy and applicable data protection legislation. If you have any questions about the processing of personal data, we will be happy to help you.

What is personal data?

Personal data means information about a person, such as you, from which the person can be directly or indirectly identified. The concept of personal data is very broad in law. In addition to your name or address, it can basically be any piece of information that makes it, either individually or by combining it with some other piece of information, possible to identify that the information concerns you.

What information do we process?

We process information that is necessary to the purposes specified in this Privacy Policy. The purpose determines what kind of information we process about individuals in different situations.

1. Communication and marketing

We may process personal data related to communications and marketing:

  • Basic information such as name and email address
  • Other information you give us when registering for trainings or events
  • Information on what theme you have ordered newsletter about
  • Information on whether the newsletter, announcement or marketing message has been delivered and opened
  • Your response to our feedback or other enquiries

2. Online shop

If you have used our online store or purchased a service for yourself through Someturva's online store, we may process the following personal data:

  • The basic information you give us, i.e. name and email address
  • Information related to the order and delivery of the order
  • Receipt details
  • Any messages you may send to our customer service and the information necessary to provide the customer service
  • Information about customer groups generated by Someturva

3. Cookies

We may also process personal data related to cookies on our sites. Cookie information may include, for example:

  • IP address
  • electronic communication identification data
  • search and browsing data of our websites, and
  • browser and operating system information

Cookies are not used for identifying individual website users. However, if an individual can be identified from them, the data will be processed in accordance with this Privacy Policy.

How do we use personal data and on what basis?

We use personal data for the purposes listed below. We only process data where there is a legal basis for doing so.

If the processing is based on our legitimate interest, we have ensured that your right to privacy is protected by assessing and weighing the legitimate interest using the balance test in accordance with the Office of the Data Protection Ombudsman’s instructions. If you would like to have more information on the legitimate interest assessment and balancing test, please contact us.

1) Communication and marketing

We process personal data to take care of sales and marketing activities and communication related to our business. The purpose for data processing here is among other things to:

  • provide information about the service
  • send newsletters
  • manage customer relations
  • market the service
  • send invitations to events
  • organise trainings and events
  • collect feedback
  • conduct opinion and market research
  • analyse and develop communication and marketing

Processing is based on your consent, for example when you subscribe to our newsletter, sign up for training, accept marketing or respond to our surveys.

Processing is based on legitimate interest when we communicate with customers or stakeholders to manage customer relationships, when we market our services to businesses and organisations, and when we use data to analyse and improve our operations.

You have the right at any time to withdraw consent or object to the use of your personal data on the basis of legitimate interest (see more under "What are your rights?").

2) Providing the online shop

We process personal data to provide Someturva’s online shop as follows:

  • To process the orders, purchases and possible cancellations
  • To provide customer service and responding to any contact or feedback from the online shop customer

The processing is based on the implementation of a contract between you and us and the legal obligations arising from the contract. We also process data for accounting purposes as required by the accounting legislation. In such cases, the processing is based on a legal obligation.

For the online shop, the payment provider for card payments is Stripe, Inc. Stripe's Privacy Policy can be found here: https://stripe.com/en-fi/privacy.

3) Website maintenance and development

The purposes for which cookies are used are set out in our Cookie Policy. If you could be identified from cookie data, the basis for processing your personal data is your consent to the use of cookies. You can control or refuse the use of cookies in accordance with our Cookie Policy.

From where do we collect the information?

You will mainly provide us with the personal data yourself, for example when you register for a training, subscribe to our newsletter, use our online shop or fill in our survey form.

In addition, we may collect names and contact information from public sources, such as organisations' websites, for marketing to businesses and communities and for communicating with stakeholders.

How long do we keep your information?

We will only store your personal data for as long as it is necessary to fulfil the purposes specified in this Privacy Policy.

1) Communication and marketing

We will keep personal data necessary for the newsletter, information or marketing purposes until further notice, unless you have unsubscribed from the newsletter or withdrawn your consent.

The information of customer and stakeholder representatives and recipients of marketing communications from companies and organisations will be stored as long as they are up-to-date and necessary for the processing.

2) Online shop

If you have made a purchase in our online shop, we will keep the information about your purchase and order for a period of two years as a general rule.

Information relating to purchase transactions and any cancellations will be stored as part of our company’s accounting records for the period defined in the Finnish Accounting Act, which is six years from the end of the calendar year in which the financial year ends.

The information necessary to handle feedback and complaints is kept for the time required to process the matter, which typically does not exceed two years.

3) Cookies

If personal data is stored through cookies, we will keep the data for a maximum of two years.

Who handles your personal data?

At Someturva, your personal data will be handled only by persons who have a work-related need and the right to do so.

We may use subcontractors and service providers, for example, for technical maintenance, managing and analysing customer data or implementing various campaigns. The subcontractors and service providers act on our behalf and do not have independent access to personal data. They may not use your information for any purposes other than the ones we have specified to carry out the purposes described above.

Do we transfer your data internationally?

We process personal data primarily through operators and services located in EU or EEA countries. In some cases, service providers acting on our behalf may process personal data outside the European Economic Area, such as in the United States.

Where we use such services to process your data, we use accepted standard safeguards, such as the standard contractual clauses (SCC) adopted by the European Commission, whereby our service provider commits to appropriate data protection measures to safeguard your personal data.

Do we share personal data to third parties?

We will not disclose your personal data to third parties. The only exceptions are:

  • If it is required by law, for example, to respond to a summons or in connection with legal proceedings; or
  • If we are involved in a merger, acquisition or other business transaction.

How do we protect your information?

We have appropriate technical, administrative and physical security measures in place to protect your personal data from destruction, loss, misuse and unauthorised access.

We restrict access to personal data only to the appointed employees and persons contracted to us who have an essential work-related need and the right to handle the personal data in question and to the service providers who can process the data only in accordance with our instructions. We require our subcontractors to process personal data with confidentiality and to ensure the adequate level of security to protect personal data. All persons who have access to personal data are bound by confidentiality obligations.

We continuously implement data protection and information security, for example by training our staff and regularly reviewing our compliance with data protection legislation and good data security practices.

What are your rights?

You have the right to:

  • Request access to your personal data
  • Withdraw consent to the processing of your personal data
  • Object to the data processing based on our legitimate interest
  • Request correction of inaccurate or incorrect personal data
  • Request restriction of processing of your data
  • Request the erasure of your personal data
  • Receive your personal data in a machine-readable format and transfer the data to another controller, provided that you have provided us with the personal data in question
  • File a complaint with the competent supervisory authority (in Finland, the Office of the Data Protection Ombudsman)

You can withdraw your consent or opt-out of the use of your data by clicking the "unsubscribe" button in newsletters and marketing communications.

Other requests mentioned above should be sent to customer service by email to: info@someturva.fi.

Changes and updates

We are constantly developing our services. As a result, we may need to change and update this General Privacy Policy. Changes may also be based on changes in legislation. If we make changes to this General Privacy Policy, we will update the new version of it on our website with the date of the update.