1. GENERAL
GoodLife Technology Oy takes care of the privacy and data protection of personal data in its operations
and complies with the EU General Data Protection Regulation (2016/679) and other applicable data protection legislation and good data processing practices in the processing of personal data.
The purpose of this Privacy Policy is to describe how we collect and process personal data of our current and potential customers and suppliers' contacts. We may update this Privacy Policy from time to time, for example, as legislation changes.
2. DATA CONTROLLER
Name: GoodLife Technology Oy
Business ID: 2536679-7
Address: Juha Vainion katu 2, 48100 Kotka
Contact person: Janne Niittymäki
Email: [email protected]
3. WHAT PERSONAL DATA IS COLLECTED AND HOW?
We may collect and process personal data received on the basis of a customer or contractual relationship or obtained from publicly available information or from third parties in accordance with the law. The information we collect and process may include contact and identification information (such as name, language, function, company, email address, telephone number and address), information provided to us and information generated by communications, technical information and customer and contract information.
4. GROUNDS FOR AND PURPOSES OF THE PROCESSING OF PERSONAL DATA
The basis for the processing of personal data is our legitimate interest based on our purposes of use as
set out below.
We process personal data for purposes related to our business in order to:
• Deliver and develop our products and services,
• obtain and order the services and products necessary to run our business,
• to fulfil our contractual obligations,
• manage our customer relationships,
• fulfil our legal obligations, including our obligations to know our customers, suppliers and service
providers,
• analyse and profile the behaviour of our customers and other data subjects; and
• properly target direct marketing and other marketing communications.
We may send electronic direct marketing messages to our customer contacts.
We do not process personal data for any other purposes than those described in this Privacy Policy.
5. REGULAR DISCLOSURES AND TRANSFERS OF PERSONAL DATA TO THIRD PARTIES
We may disclose personal data to our partners and subcontractors working for us for the purposes
described in this Privacy Policy. We will ensure that our partners process personal data only for the
purposes set out in this Privacy Policy.
Otherwise, we will not disclose personal data to third parties unless we are required to do so by law or
governmental authority.
6. TRANSFERS OF PERSONAL DATA OUTSIDE THE EU OR THE EUROPEAN ECONOMIC AREA
Some of the service or software providers used by the company store data outside the EU or the European Economic Area. For example, if you contact GoodLife using the contact form on these web pages, your data and messages will be stored on a Webflow server located in the United States. Webflow, does not pass on this information and Webflow employees do not generally have access to it. Webflow has a Privacy Shield policy.
7. PRINCIPLES FOR THE RETENTION OF PERSONAL DATA
We will retain personal data for the period of time required for the purposes of processing in accordance with this Privacy Policy and will delete personal data when the complaint period relating to the customer or contractual relationship has expired. This period is typically ten (10) years.
8. DATA SUBJECT'S RIGHTS IN RELATION TO THE PROCESSING OF PERSONAL DATA
Data subjects have the right to object at any time to the processing of their personal data for direct marketing purposes.
In addition, the data subject has the right, in accordance with the applicable data protection legislation,
at any time:
• To be informed of the processing of their personal data,
• to have access to his or her personal data and to check the personal data concerning him or her,
• request that inaccurate or incorrect personal data be corrected or supplemented,
• in certain circumstances, obtain personal data in a machine-readable form and transfer such data
to another controller,
• object to the processing of personal data on grounds relating to your particular situation; and
• request the restriction of the processing of personal data.
The data subject must submit a request to exercise the above right to us in accordance with section 10 of this Privacy Policy. We may ask the data subject to specify the request in writing and to verify his or her identity before processing the request. We may refuse to execute the request on the grounds provided by applicable law. The data subject also always has the right to lodge a complaint with the supervisory authority concerned or with the supervisory authority of the EU Member State where he or she resides or works if he or she considers that we have not processed the personal data in accordance with the applicable data protection legislation.
9. PRINCIPLES FOR THE PROTECTION OF THE REGISTER
Personal data processed digitally is protected and stored in our information system, to which access is
restricted to those persons who need to know the data in order to carry out their work. These persons
have personal usernames and passwords.
10. CONTACTS
All requests to exercise the above rights, questions regarding this Privacy Policy and other
communications should be sent by e-mail to [email protected].