Privacy policy | U2 Online

This is the register and privacy policy statement of U2Online Oy in accordance with the Personal Data Act ( 10 and 24§) and the EU’s General Data Protection Regulation (GDPR). Prepared on May 7, 2024.

1. Company and contact information

U2Online Oy
Sakarintie 90
92400 Ruukki

+358 50 3633 299

antti.hintikka@u2online.fi

2. Contact person

Antti Hintikka

+358 50 3633 299

antti.hintikka@u2online.fi

3. Register name

U2Online Oy Customer and Marketing Register

4. Legal Basis and purpose of personal data processing

The legal basis for the processing of personal data under the EU’s General Data Protection Regulation (GDPR) is the individual’s consent given in connection with the contact form.

The purpose of using personal data is to maintain communication with customers and potential customers.

We only store data for as long as is necessary to fulfill the aforementioned purposes.

Data is not used for automated decision-making or profiling.

5. Data content of the register

The data stored in the register includes: Name, Company name, Phone number, Email address, IP address of the internet connection and Website addresses.

IP addresses of website visitors and cookies necessary for the functioning of the service are processed on the basis of legitimate interest, e.g. to ensure information security and to collect visitor statistics for the website in cases where they can be considered personal data. Consent is requested separately for third-party cookies, if necessary.

6. Data Sources

The data to be stored in the register is obtained from the customer, e.g., from U2Online’s website contact form, by email or by phone.

We collect the following information on the contact form on our website: Name, email address, phone number, company name.

Contact information for employees of companies and other organizations may also be collected from public sources such as websites, directories, and other companies.

7. Data Protection Principles

Care is taken in the processing of the register and the data processed by means of information systems is protected appropriately. When register data is stored on Internet servers, their physical and digital information security is taken care of appropriately. The data controller ensures that the stored data and server access rights and other information critical to the security of personal data are treated confidentially and only by those employees whose job description includes this.

Data is not regularly disclosed to third parties.

8. Right of Access and Right to Rectify Data

Every person in the register has the right to inspect the data stored about them in the register and to demand the correction of any possible incorrect data or the completion of incomplete data. If a person wishes to inspect the data stored about them or to request a correction, the request must be sent in writing to the data controller. The data controller may, if necessary, request the requester to prove their identity. The data controller will respond to the customer within the time limit specified in the EU’s General Data Protection Regulation (usually within one month).

9. Other Rights Related to the Processing of Personal Data

A person in the register has the right to request the deletion of personal data concerning him or her from the register (“right to be forgotten”). Registered persons also have other rights under the EU’s General Data Protection Regulation, such as restricting the processing of personal data in certain situations. Requests must be sent in writing to the data controller. The data controller may, if necessary, request the requester to prove their identity. The data controller will respond to the customer within the time limit specified in the EU’s General Data Protection Regulation (usually within one month).