The customer register of Mtech Digital Solutions Oy and other joint controllers as described below
Mtech Digital Solutions Oy is responsible for the data-technical maintenance of the data file described herein and also acts as a central point of contact for data protection inquiries.
Customer service will respond no later than within 2 business days to questions concerning the customer register.
Customer service can be contacted at email@example.com, tel. +358 (0)9 85665959, option 5 (service in Finnish), tel. +358 (0)9 85 665 969, option 5 (service in Swedish).
Postal address; Mtech Digital Solutions Oy, Customer Service, PO Box 25, FI-01301 Vantaa.
Mtech’s data protection officer is directly responsible for matters relating to data protection.
The data protection officer can be contacted at firstname.lastname@example.org
The customer register of Mtech Digital Solutions Oy and other joint controllers listed above.
Joint controllers will only process your personal data for predetermined purposes. The primary common purposes are:
Customer identification and user management. Identification, authentication and authorization of customers with regard to service provision. The data security of services, as well as user rights and access management.
Customer service and operative care, management and development of customer relations. Management of customer data, customer history and customer contact history. Organization of support and advisory services for the customer and the management of service procedures, as well as quality assurance and provision of various training services. Ensuring operational quality and safety. Development of joint controllers’ operations and related reporting.
Prevention of and investigation into misuse and problem situations. Ensuring customers’ and Mtech’s legal protection and taking care of legal obligations and obligations set by official regulations. Customer call recordings are used to verify service events, ensure customers’ and Mtech’s legal protection, for training purposes, to develop service quality, to prevent misuse, and for security reasons.
Marketing and communications. We may also process personal data for marketing and communications, direct marketing purposes, and to send customer letters, to the extent permitted by law. This may involve the processing and analysis of personal data for targeted marketing.
Fulfilling contractual and legal obligations. Your data may also be collected and processed in order to meet contractual or legal obligations.
We make sure that we always have a lawful basis for processing your personal data. We may process your data on several different bases, but we ensure that we always have at least one requirement for processing your personal data as defined by law.
We primarily process customer and marketing register data to fulfil and prepare contracts and on the basis of our legitimate interests, which are, in particular, the production and provision of our services, customer management, direct marketing, customer feedback processing, and training services.
If applicable legislation so requires, we may process some of your personal data on the basis of your consent. If we process your data based only on consent, you can withdraw your consent at any time.
We may also process your personal data in order to fulfil legal obligations. Personal ID numbers are processed to a limited extent in certain systems to e.g. identify a user. Personal ID numbers are stored on systems in an encrypted format.
Mtech’s customer register primarily contains the following personal data:
Data which has become unnecessary or obsolete, or for which there is no longer a basis for processing, will be anonymized or destroyed in a data-secure manner.
Data relating to the customer is collected from the customer themselves when a contract is made, from the online service’s “my data” section, from the use of products and services, when the customer contacts customer service, and if the customer participates in product and service development projects and pilot projects.
Data relating to the customer can also be obtained and updated from other external sources of data in cases made possible by legislation for purposes of which the customer is informed.
Data (only name and address data) may be disclosed in the manner permitted by the GDPR and Personal Data Act to joint controllers’ partners who are commissioned by the joint controllers and act on their behalf.
Data is disclosed to authorities in cases where the law so requires, such as when investigating and preventing misuse.
Your data will not be transferred outside of the European Union or the European Economic Area.
We do not store your personal data for any longer than is necessary for their purpose or longer than an agreement or law dictates. The period of time for which we store personal data may vary according to their purpose and the situation, however. The storage times for personal data may be based on legal requirements. We will update your data if necessary.
The data security of Mtech’s customer data file and the confidentiality, integrity and availability of personal data is ensured using appropriate technical and administrative procedures in accordance with general industry standards. Data is primarily stored in an electronic format. Data and services are protected using, among other things, a firewall, physical protection in the equipment space, access control, user access rights and restrictions, as well as encryption technology and the active monitoring of the aforementioned. Personal data is protected from unauthorized access and illegal or accidental processing.
Personal data is processed by named persons employed by the controller. These persons identify themselves to the systems using a personal user ID and password.
Right to inspect
The customer has the right to receive confirmation that their data will be processed and to check what personal data about them has been saved on the data file. In addition, you also have the right to receive supplementary information concerning the bases for the processing of personal data. The customer can check some of their basic data when logged in to Mtech’s online service.
An inspection request can be made by submitting a written and signed request to the address: Mtech Digital Solutions Oy, Data protection officer, PO Box 25, FI-01301 Vantaa. The request to inspect must specify a name, personal ID number, postal address and telephone number. A response to the request to inspect will be sent to the customer’s address shown in the population information system.
Updating customer information
A customer can update and change their own data when logged in to Mtech’s online system, or by contacting customer service.
If a customer’s personal data is processed on the basis of consent, the customer has the right to withdraw consent at any time without affecting the legality of the processes that took place on the basis of consent before the consent was withdrawn. Consent can be withdrawn by sending an e-mail to email@example.com
Right to rectify
The customer has the right to request that the controller rectifies any inaccurate or erroneous personal data on the data file without undue delay. Considering the purposes for which the data is processed, the data subject has the right to have incomplete data supplemented, by e.g. providing additional clarification.
Restriction of processing
In certain situations the customer has the right to request that the processing of their personal data be restricted.
Right to object
If we process a customer’s personal data in accordance with a public task or our legitimate interest, the customer has the right to object to the processing of their personal data where there is no compelling reason that would sideline the customer’s rights, or if there is no need for the processing in order to take care of a legal claim.
Right to restrict
In certain situations, the customer has the right to request that we restrict the processing of their personal data.
Right to data portability
If a customer’s personal data is processed on the basis of consent or in order to fulfil a contract, the customer has the right to receive the data that they have submitted electronically in a generally usable format in order for their data to be transferred to another service provider.
The right to refuse direct marketing
The customer has the right to stop their personal data from being used for direct marketing purposes. This can be done by e.g. sending an e-mail to firstname.lastname@example.org.
The customer can update their consent or objection to direct marketing when logged in to the online service or by contacting customer service. Consent to marketing can be given either electronically or by telephone to customer services.
Customers can give their consent to direct marketing by email, mobile telephone or post.
A customer can also object to direct marketing.
Once a customer has objected to direct marketing, Mtech’s direct marketing and sales will no longer be directed at them by telephone, post or e-mail. The customer will, however, always receive the necessary customer communications required to manage the customer relationship and to provide services.
We may disclose data on our website’s users to e.g. our marketing partners in order for them to be able to better target the content of the website.
Cookies can be managed and cleared freely. More information about cookies, clearing and managing them can be found at the address http://www.aboutcookies.org or from the Help section in your browser’s menu.