Cart
0
0.00 €

Register and Privacy Policy

This is the Register and Privacy Policy of the company For2@Us Oy, in accordance with Sections 10 and 24 of the Finnish Personal Data Act and the EU General Data Protection Regulation (GDPR).
Prepared: 07.04.2021.
Updated: 07.04.2021.

1. Data Controller

For2@Us Oy
Rauhankatu 10 C 620
15110 Lahti, Finland

Phone: +358 50 432 6103
Email: info@dnsdob.com
Website: www.dnsdob.com
VAT number: FI31430927

2. Name of the Register

Customer Register of For2@Us Oy

3. Legal Basis and Purpose of Processing Personal Data

The legal basis for processing personal data under the EU General Data Protection Regulation is:

  • The data subject's consent (documented, voluntary, specific, informed, and unambiguous)

  • A contract in which the data subject is a party

  • The Finnish Personal Data Act (Sections 10 and 24)

  • The controller's legitimate interest (e.g., customer relationship, employment, membership)

The purpose of processing personal data is communication with customers, maintaining customer relationships, marketing, etc.

Personal data is not used for automated decision-making or profiling.

4. Data Content of the Register

The following data may be stored in the register:

  • Name

  • Position

  • Company/organization

  • Contact information (phone number, email address, postal address)

  • Website addresses

  • IP address of the internet connection

  • Social media profiles/usernames

  • Details of ordered services and any changes to them

  • Billing information

  • Other information related to the customer relationship and ordered services

Personal data is stored with the customer's consent for as long as it is relevant and necessary. Longer retention may be required by applicable laws (e.g., accounting laws). In such cases, the retention period follows the legal requirements.

Content such as product reviews or other posts on social media may remain visible even after the retention period has ended.

5. Regular Sources of Information

Data stored in the register is obtained from the customer through:

  • Website forms

  • Email

  • Phone

  • Social media services

  • Contracts

  • Customer meetings

  • Other situations where the customer voluntarily provides their information

6. Regular Disclosure of Data and Transfers Outside the EU or EEA

Personal data is not regularly disclosed to third parties.
Data is not transferred outside the EU or EEA.

7. Principles of Register Protection

Care is taken in the processing of the register, and data processed via information systems is properly protected.

When data is stored on internet servers, both the physical and digital security of the hardware is appropriately managed.

The data controller ensures that the stored data, server access credentials, and other information critical to personal data security are handled confidentially and only by employees whose job description includes such duties.

8. Right of Access and Right to Rectification

Each person in the register has the right to inspect the personal data stored about them and request the correction of any inaccurate or incomplete information.

If a person wishes to inspect their data or request a correction, a written request must be sent to the data controller. The controller may ask the requester to prove their identity.

The data controller will respond within the time frame set by the GDPR (generally within one month).

9. Other Rights Related to Personal Data Processing

A data subject has the right to request the erasure of their personal data from the register.
They also have other rights under the GDPR, such as the right to restrict processing in certain situations.

Requests must be submitted in writing to the data controller. The controller may ask the requester to prove their identity.

The data controller will respond within the time frame set by the GDPR (generally within one month).