EUROPRESS GROUP LTD – PRIVACY POLICY FOR CUSTOMERS

This Privacy Policy (hereinafter “Policy”) describes how Europress Group Ltd collects, processes and discloses personal data in connection with the offered product or service (“Service”) and the website europressgroup.com.

Read this Policy carefully before using the Service or visiting the website.

  1. CONTROLLER

The controller in accordance with the applicable Data Protection Act is Europress Group Ltd (hereinafter “Europress”, “we”, “us” or “our”). Europress is responsible for ensuring that your personal data are processed according to this Policy and the applicable data protection legislation.

Controller’s contact information:

Europress Group Ltd

Business ID: 0889611-2

Address: Huhtimontie 16, FI-04200 Kerava, Finland

  1. COLLECTING PERSONAL DATA

Your personal data can be collected in different ways. As a rule, we collect and process personal data that

  • you have given us when you contact us or do business with us, for example when you buy our Services or register for our Services, subscribe to our newsletter or contact us to request an offer or more information;
  • are created when using the Service or visiting the website, such as when you log in to the Service; and
  • are retrieved from other sources to the extent allowed by applicable law, such as the Finnish Trade Register, Population Information System or Business Information System, or the address information system of the Finnish postal service Posti.

You do not have to give us your personal data, but if you choose not to, we may not be able to provide our Service to you.

We collect and process the following personal data groups, for instance:

  • basic information, such as name, job title and relationship with the company you represent, as well as contact information (email address, postal address and telephone number) and language of communication;
  • information related to the customer relationship, such as information on the Service and the order, payment information, invoicing information, marketing permissions and prohibitions;
  • customer communications and related correspondence as well as entries related to the rights of data subjects;
  • personal data created in connection with using our Service or data gathered in connection with using our website, such as user IDs, passwords, identification information, log information on the use of the Service, information collected from the website using cookies or similar technologies (device ID and type, operating system and application settings); and
  • other information specified on a case-by-case basis based on your consent.
  1. PURPOSE AND LEGAL BASIS OF PROCESSING PERSONAL DATA

We only collect and process personal data necessary for practising our business, managing customer relationships and appropriate commercial purposes.

We process your personal data for the following purposes:

  1. To provide the service and manage customer relationships

We process personal data primarily to provide and deliver a Service to you or the company you represent. In order to do so, we manage and maintain the customer relationship between you or the company you represent and us. In this case, the processing of personal data is based on an agreement between you or the company you represent and us.

  1. Marketing

We can contact you to tell you about the new features of the Service or to market and sell you other services. We can also process your personal data for marketing research and customer surveys. The processing of personal data is based on our justified interest in offering information as a part of the Service in order to market you our other services. You have the right to object to the processing of your personal data for direct marketing purposes at any time (see section 8 of this Policy).

  1. Developing the service, information security and internal reporting

We also process personal data to ensure the information security of the Service and the website, improve the quality of the Service and the website, and develop the Service. We can also use the personal data to compile internal reports for management to assist with the appropriate management of our business. In these cases, the processing of personal data is based on our justified interest in ensuring the appropriate information security of our Service and website and receiving sufficient and appropriate information to develop the Service and manage our business.

  1. Compliance with the law

We can process your personal data to fulfil our statutory duties related to, for example, accounting, or we can fulfil the information requests based on law by other authorities (e.g. the tax authority).

  1. Other purposes to which you have consented

We also process your personal data for other purposes, if you have consented to such processing.

  1. TRANSFERRING AND DISCLOSING PERSONAL INFORMATION

We can disclose personal data to other companies in the Europress Group within the limits of applicable law for the purposes described in this Policy, including the marketing of the products and services of the companies mentioned above. Personal data can also be transferred within the Europress Group companies for internal administrative purposes such as reporting and carrying on our business effectively or, for example, using centralised information and communication systems. The disclosure of personal data within the Europress Group is based on our justified interest in conducting our business, managing our customer relationships effectively and telling the customers about the services of other companies in the Europress Group.

We can disclose personal data to third parties:

  • within the scope permitted or required by law, such as fulfilling an information request by a competent authority or in connection with legal proceedings;
  • when our partners process personal data on our behalf and in accordance with our instructions. We always ensure that your personal data is handled appropriately;
  • if we are involved in a merger, a reorganisation of the business or a sale of the business or part thereof;
  • when we consider disclosure to be necessary to realise our rights or protect your safety or the safety of other people, investigate malfeasance or respond to the request of an authority; and
  • with your consent, to the parties to which the consent applies.
  1. TRANSFERS OF PERSONAL DATA OUTSIDE THE EU OR EEA

We can transfer personal data outside the EU or the European Economic Area when our partner managing the assignment is located outside these areas. In these cases, we take care of the appropriate safeguards for the rights and freedoms of the data subject in accordance with the applicable data protection legislation, such as the General Data Protection Regulation of the EU (GDPR) (679/2016).

For example, a service provider that conducts marketing for us can transfer personal data to the United States in connection with providing the service. In this case, the appropriate safeguards on personal data are implemented so that the service provider is committed to the Privacy Shield arrangement between the EU and the United States, or we use the standard data protection clauses approved by the European Commission.

Read more about the Privacy Shield arrangements here: https://www.privacyshield.gov/welcome.

  1. COOKIES

We also use cookies and other similar technologies at the website europressgroup.com. Cookies are small text files placed on your device to collect and remember useful information in order to improve the functionality and usability of our website. We can also use cookies and other similar technologies for statistical purposes, such as compiling statistics on website usage in order to understand how the visitors use the website and to improve the user experience.

You can block or restrict the use of cookies or remove cookies from your browser. Because cookies make it possible for our website to function, restricting the use of cookies may affect the usability of the website.

You can read more about cookies here: europressgroup.com.

  1. STORING PERSONAL DATA

Personal data are stored only as long as necessary to implement the purposes of use specified in this Policy.

The personal data are stored for the duration of the customer relationship. With regard to essential information, personal data can also be stored after the end of the customer relationship to the extent permitted or required by the applicable law. For example, we typically store personal data that are needed to respond to claims or legal action after the end of the customer relationship in accordance with the currently valid regulations on the period of limitation. We can also store the necessary parts of personal data in order to comply with the prohibition of direct marketing you have issued, for instance.

The personal data are removed once storing them is no longer required by law or to realise the rights and obligations of either party.

  1. YOUR RIGHTS

You have the right to access your personal data. You can also request the rectification, update or erasure of your personal data at any point. Note, however, that personal data required to implement the purposes of use mentioned in this Policy, or data that must be stored as required by law, cannot be erased.

You have the right to object to or to restrict the processing of your personal data to the extent of the applicable law.

In certain cases, you have the right in accordance with the applicable law to transfer the personal data you have submitted to us from one system to another, i.e. the right to receive your personal data in a structured, commonly used and machine-readable format and transfer your personal data to another controller.

When we are processing your personal data based on consent, you have the right to withdraw the consent you have given at any time. After that, we will not process the personal data unless there is another legal basis for the processing.

You can exercise your rights by sending us a request at the address europress@europress.fi.

If you feel that your personal data have not been processed appropriately, you have the right to contact the Data Protection Ombudsman concerning the issue. You can find the Ombudsman’s contact information on the website of the Data Protection Ombudsman: http://www.tietosuoja.fi/fi/index.html.

  1. INFORMATION SECURITY

We implement the appropriate measures (including physical, digital and administrative actions) in order to protect personal data from loss, destruction, misuse and unauthorised access or disclosure. For example, only the persons who need personal data to carry out their duties have access to the data.

Note that even the most appropriate measures cannot prevent all potential personal data breaches. In case of a personal data breach, we will notify you about the issue in accordance with the applicable law.

  1. CHANGING THE POLICY

We have the right to change this Policy. We will notify you about the changes on our website europressgroup.com, where you can also find the latest version of this Policy.

11.CONTACT US

You can ask for more information about this Policy or more detailed information on the processing of your personal data by contacting us by email at the address: europress@europress.fi.