Customer Service & Marketing Privacy Statement

This privacy statement describes how Environics Oy collects and processes personal information about customers, potential customers, subcontractors and other business partners, as well as their representatives, with whom Environics Oy has a customer or business relationship or aims to establish one.

1 Register and contact details

Environics Oy Sammonkatu 12 50130 Mikkeli Finland

2 For what purposes and on what basis do we process your personal data?

The processing of personal data is based on a customer or cooperation agreement or the legitimate interest of Environics Oy (such as direct marketing, debt collection, investigation of misconduct). The purpose of personal data is:

• Managing, maintaining, developing, billing, analyzing and compiling the relationship between customers and partners
• Customer communication
• Organizing sales and marketing events and representative events
• Conducting opinion and marketing surveys
• Direct marketing, targeting of advertising
• Planning and developing business and services
• Detection, prevention and detection of abuse, fraud and other crimes.

3 What kind of personal information do we process and where do we collect the information?

We process the following personal information about customers (including newsletter subscribers, those who have made a request for quotation, a request for contact or feedback, participants in events), partners and potential customers. The purpose determines what kind of information about you is collected in any situation.

• First and last name
• The company or entity you represent and your professional title
• Contact information (eg e-mail address, telephone number)

Customer and marketing information
• Customer history (eg attending and registering for events)
• Information related to the use of the Partner Login service (such as user IDs)
• Contact information (eg electronic transaction forms)
• Marketing measures, their use and information provided in connection with them
• Marketing authorizations and prohibitions
• Any other information you provide.

The information in the register is collected from you by telephone, online, through electronic forms, at appointments or in any other similar manner. The information also consists of information obtained in connection with the conclusion of the tender and / or contract and during the contractual relationship. Personal information can also be collected and updated from public and private registers.

4 To whom do we disclose or transfer data and do we transfer data outside the EU or the EEA?

We may disclose your information to the extent permitted and required by applicable law, including to selected partners, to provide the Service, unless you refuse to disclose your information.
We use the services of external service providers, for example, to maintain newsletter mailing lists and to process information about participants in events. In accordance with the data protection agreement, each service provider processes personal data only to the extent necessary. to provide the service.
The newsletter mailing list maintenance and delivery service provider transfers data to the United States. MailChimp is EU-U.S certified. The Privacy Shield program, which ensures an adequate level of data protection for data transfers outside the EEA. More information about the arrangement can be found at: Otherwise, personal data will not be transferred outside the EU or the EEA.

5 How do we protect data and how long do we keep it?

Data is protected by administrative, physical, personnel and information security functions. Access to the information in the register is restricted to certain persons to the extent required by their duties.

We retain personal information for as long as it is necessary based on a customer or partnership relationship, or until the data subject requests the deletion of the information. In this case, however, the register retains the information required by the law of the person concerned (such as accounting law) or the contractual relationship, as well as information on the deletion of the information. We will take reasonable steps to ensure that we do not store personal information about data subjects that is incompatible, out of date or inaccurate for the purposes of processing in the register.

6 Your rights as a registered data processing authority

Requests for data subjects’ rights must be sent to the address mentioned in point 1. Once registered, you have the following rights:

The right to inspect and the right to request rectification and deletion of data
You have the right to check the personal data stored about you and the right to request the correction and deletion of incorrect data.

The right to prohibit direct marketing
You have the right to refuse the processing of your data for market and opinion research or related profiling. In addition, you may prohibit direct marketing at any time or revoke your electronic direct marketing authorization by notifying the prohibition at the address listed in Section 1 or by using the link in the direct marketing message to make the prohibition.

The right to object and the right to restrict processing
You have the right to object to or request the restriction and transfer of the processing of your data.

The right to complain to the supervisory authority
You have the right to lodge a complaint with the supervisory authority, especially in the EU Member State where you have your habitual residence or place of work or where the alleged breach has taken place, if you consider that the processing of personal data concerning you violates the EU Data Protection Regulation.