Orbis Systems Oy
Visiting Address: Konekuja 2, 90620 Oulu
Postal address: Konekuja 2, 90620 Oulu
2 CONTROLLERS REPRESENTIVES AND CONTACT DETAILS
Data Protection Officer: Ari Jylkkä
Phone: / Central
3 THE NAME OF REGISTER
Orbis Systems customer register
4 PURPOSE AND BASIS FOR PROCESSING OF PERSONAL DATA
The primary basis for the processing of personal data is Orbis Systems customer relationship, assignment, or consent of the customer to the processing of personal data. Personal data may be processed for the following purposes Orbis Systems or by a partner or private practitioner authorized to do so:
- The provision, supply, production and design of services and products of Orbis Systems.
- Management, development and follow-up of customer service and related communications and marketing between Registered and Orbis Systems.
- Personal data may also be processed in connection with other operations related to the account or customer relationship.
- Personal data will also be processed to meet the needs of orders, invoicing, contacts, errands, reporting, and Orbis Systems business development.
- Processing tasks may be outsourced to outside service providers or professionals in accordance with the information law and within the limits set by the data.
5 DATA CONTENT OF THE REGISTER
The categories of persons whose data can be processed are current or previous customers, or those who have been in contact with Orbis Systems. The following information may be stored in the register:
- Basic information, such as name, personal identification number, gender, language and contact information (address, e-mail address, telephone number) of the person who is the customer or previously has been customer or has been in contact with Orbis Systems.
- Information related to the customer relationship between the data subjects and Orbis Systems, such as order details, customer history (e.g. service usage data including the professional group of the treating person, e.g. Purchase processor, salesperson), any direct marketing authorizations and prohibitions, and other communications between the parties, including information on the contact details incl. call recording and other information related to the production of the service.
- Any other information provided by the Registered itself and any content produced by Registered (e.g. a request for contact via a website)
- Information relating to data transfers and the reasons for the disclosures.
- Other information related to an account, such as information on how to use a registered aggregated Web site, such as a user's browser, IP address, time of visit, pages visited, web address from which the user is entered the Web page and the server from which the user entered the Web page.
- Information necessary for the use of the identification and certification tools and services.
- Data processing, such as date of storage and data source.
- The profiling purposes described in section 11 of this Privacy notice.
- Data handling tasks can be outsourced Orbis Systems Group companies and/or third-party service providers in accordance with and within the limits of data protection law.
6 PERSONAL DATA RETENTION PERIODS
Orbis Systems Retain personal data in the register until the grounds for the preservation of personal data are terminated. The time of storage is governed by the legislation in force.
7 REGULAR SOURCES OF INFORMATION
Information is obtained primarily from the following sources:
Registered account, the use of the services, communications, and transactions relating to the data subject.
Parties providing identification, verification, address, update, credit, or other similar services.
Population information System of the Population Register Centre, and other known systems.
The register may also include information provided by partners of Orbis Systems, such as an insurance company etc.
8 REGULAR TRANSFERS OF DATA AND TRANSFER OF DATA OUTSIDE THE EUROPEAN UNION OR THE EUROPEAN ECONOMIC AREA
Personal data are disclosed Orbis Systems Marketing register and possible other Orbis Systems Personal registers, but always in accordance with data protection law and within the limits set by it. Personal data will not be disclosed outside the parties (Orbis Systems and partners) involved in the production, development or maintenance of services and communications other than the contract, separate consent and/or explicit acts. In principle, customer data are not transferred outside the European Union or the European Economic Area, but, where may be transferred outside the European Union or the European Economic Area, including the United States in accordance with and within the limits of data protection law.
9 PRINCIPLES OF THE PROTECTION OF THE REGISTER
Any manual material will be kept in a locked space that is only accessible to individuals who are entitled to access. The use of a system or digital material containing personal data is only eligible for the Orbis Systems Employees of the non-disclosure agreement or those who are a partner who have the right to process personal data and who are bound by a separate data protection requirement. The movement of the work rooms is controlled by access permits. The data is collected in databases that are protected by firewalls, passwords and other technical means. Controlled licensing and control of access, use of cryptographic techniques, guidance of personnel involved in the processing of personal data, and careful selection of subcontractors.
10 DATA SUBJECTS RIGHTS RELATING TO THE PROCESSING OF PERSONAL DATA
10.1 Right to oppose the processing of personal data and direct marketing
The data subject shall be entitled, in relation to his/her situation, to oppose the processing operations which Orbis Systems will allocate to the data subject in respect of which it is based on Orbis Between systems and the data subject. The data subject may submit its claim for objection in accordance with section 11 of this Privacy notice. The data subject must, in the context of the claim, identify the specific situation on which he opposes treatment. Orbis Systems may refuse to execute a request for objection based on the law.
10.2 Right of Access to Information by data subject
The data subject has the right to inspect the information relating to him deposited in the employee register of Orbis Systems. The request for verification should be made in accordance with section 11 of this Privacy notice. The right of scrutiny may be refused on the grounds laid down by law.
10.3 The right to require rectification, erasure or restriction of processing.
The request for repair of incorrect, unnecessary, incomplete or outdated information is made in accordance with section 11 of this Privacy notice.
The data subject also has the right to require Orbis Systems to limit the processing of personal data, for example in the event of a registered expectation of Orbis Systems ' response to a request for rectification or deletion of their data.
10.4 Right of the data subject to transfer data from one system to another
The data subject shall have the right to receive the personal data concerning him or her, which he or she has provided to a controller, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided.
10.5 Right of the data subject to complain to the supervisory authority
The data subject has the right to complain to the competent supervisory authority if Orbis Systems has not complied with the applicable data protection regulation.
As part of the processing of personal data stored in the customer register Orbis Systems can also use data for profiling purposes. Profiling is implemented by creating a data-subject client identifier that allows you to combine information about the registered data that is created with the use of the service. For example, you can then compare the previously created profile with other registered profiles. The purpose of profiling is to investigate the demand for services and customer behavior.
We may collect information about your terminal equipment using cookies ("cookies") and other similar technologies, such as your local browser repository. A cookie is a small text file that is stored on a user's device by a browser. Cookies often contain an anonymous, unique identifier that allows us to identify and calculate web browsers that visit our site.
11.2 Data collection by third parties
Third parties shall mean Orbis Systems Third parties, such as advertisers, ad networks and providers of measurement and tracking services. These so-called Third parties may place cookies on a user's terminal device when a user visits our services, for example to provide a user with targeted advertising or to statistics on the number of visitors to different sites. Because the user's browser requests third-party ads Orbis Systems From an outside server, these third parties may view, edit, or set their own cookies as if the user were on those sites. We will endeavor to ensure that these third parties comply with current legislation as well as the industry self-regulatory guidelines.
In all matters relating to this privacy notice and in connection with the exercise of the rights of the data subject, contact must be with the person mentioned in section 2. Orbis Systems may, if necessary, request the Registered to clarify its request in writing and the identity of the data subject may, if necessary, be verified before any other action is taken. If Orbis Systems finds that information requests are used in an unclear and abusive manner, the applicant shall be required to pay reasonable expenses for the execution of an information request, or Orbis Systems May refuse to request an information claim.
13 CHANGES IN PRIVACY NOTICE
We continually develop our services and reserve the right to change this privacy notice by notifying about it on our services. Changes can also be based on the changing of legislation. We recommend that you review the contents of this privacy statement regularly.