This Privacy Statement is to inform our customers and stakeholders about the processing of their personal data. In order to use Endeas Services, customers and stakeholders must agree to the terms of this Privacy Statement.
2. Registrar and contact information
The registrar of the personal data to be processed is:
Endeas Oy (hereinafter referred to as “Endeas” or “We”)
Business ID: 2674622-2
02330 Espoo, Finland
3. Which data is collected?
Data provided by our customers or stakeholders themselves or their authorised parties:
- Identification information, such as name and title;
- Contact information such as postal address, email address and telephone number;
- Payment information such as invoicing information, contact person, and other information related to invoicing;
- Information concerning service and delivery contracts, such as company information, contact persons and their contact details;
- IP address from visits to the web site.
In order to contact Endeas Oy and to use the services we offer, the provision of the information mentioned above is mandatory. The main source of data is the information provided to us by users. In addition, we may also receive further data from our partners, from publicly available sources of information online, or other available public sources.
4. What the data is used for
Personal data will be used for:
- Sales and partnership management as well as customer relationship management;
- Delivery and production of services and products as per contract;
- The development of Endeas Oy’s own services and products;
- Sales and marketing.
The data is processed as part of the customer relationship between the customer and Endeas Oy, the production and delivery of services and products based on the customer’s explicit consent or legal obligations.
5. How data is protected and stored
All personal data is protected against unauthorized access and accidental or unlawful destruction, modification, disclosure, transfer or other unauthorised processing.
Endeas Oy retains customer data within the EU or the EEA. The technical security of both systems and servers is in line with good security practices. Servers are protected against intrusion attacks and denial-of-service attacks.
In the processing of personal data and in terms of technical solutions, we follow good privacy practices.
All access to personal data is monitored in accordance with good practice.
6. Who processes data?
Customer data can only be accessed by Endeas Oy’s own employees involved in the provision of services or products. Staff are instructed and trained in the secure handling of personal data.
If necessary, we use trusted contract partners, in which case data is released to a third party. All partners abide by the requirements of the EU General Data Protection Regulation (GDPR).
7. Data Retention
We retain your personal data only for the time needed to complete the uses described in this statement. In addition, some data may be retained longer to the extent necessary to fulfil the obligations laid down in law, such as the execution of accounting and the fulfilment of responsibilities of business trade, and to demonstrate that these have been properly implemented.
Customers may request that personal data relating to them be deleted from Endeas Oy’s systems. The deletion operation is irrevocable, and we are unable to recover personal data that has been deleted.
8. Customer Rights
Customers have the right to:
- Receive a copy of their personal data;
- Request that personal data referring to them be corrected or deleted;
- Request, under certain conditions, a restriction on the processing or object to the processing of personal data.
In addition, if the processing is based on a separate consent, the customer has the option of withdrawing consent. However, this does not affect the legality of data processing that has taken place before consent is withdrawn. Contact us if you wish to modify your consent. The request must include sufficient information so that we can verify your identity. We will notify you if, in some respects, we are unable to complete your request, such as the deletion of data for which we have a statutory obligation or right to retain.
9. How to obtain the data stored on the system
You can request a copy of the data stored on Endeas systems by contacting us. Our contact details can be found at: https://www.endeas.fi/contact/
10. Release of information to third parties
We may disclose data to third parties where this is necessary to ensure a proper and high-quality service. If necessary, we also provide data to the authorities. In addition, we will always inform the customer of any request for data if it is permitted under the law.
We provide data to the following third parties:
- Contract and invoicing data for financial management and auditing;
- A debt recovery company, when invoices mature and are passed on to recovery.
When transferring and processing data, Endeas maintains a high level of security and protection in accordance with the EU GDPR.
11. Changes to this Privacy Statement
We reserve the right to modify this Privacy Statement as a result of developments in the services and changes in legislation. Registered customers will be informed of significant changes to the privacy statement when the terms are updated.