Privacy Policy

This is a register and privacy statement in accordance with Wuudis Solutions Oy's Personal Data Act (Sections 10 and 24) and the EU General Data Protection Regulation (GDPR). Created May 3, 2018 Last modified 3/26/2020.

1. Copyright and contact information

Wuudis Solutions Ltd

Business ID FI: 1962609-7

Kiillekuja 1, FI-50130 Mikkeli

2 Person responsible for the register

Seppo Huurinainen

Kiillekuja 1, FI-50130 Mikkeli

Phone +358 4458149 50

3 Register name

User, customer, marketing and forest information register for the Wuudis service

4 Purpose of personal data processing and purpose of the register

The processing of personal data is essential for the provision of the Wuudis Service. Personal data stored in the User Register shall be used for the following purposes:

  1. For the identification, identification and service provision of registered users
  2. Customer, user relationship management, information and marketing
  3. Service development

Processing tasks may be outsourced to external service providers within the framework of data protection law.

5 Information content of the register

The data content of the register shall consist of the type of information that can be stored about the data subject:

    • Firstname
    • Surname
    • Email
    • Phone number
    • Social security number (if the function requires strong authentication)
    • Contact information such as mailing address
    • Forest details
    • Information relating to enterprise resource planning (sites, warehouses, etc.)
    • Billing and ordering information
    • Company or other community information
    • Access information and user password
    • Log information related to the use of the service
    • Other free optional information provided by the user
    • The IP address of the network connection

6 Retention Period of Personal Data

Personal data will be retained from the moment you register for the service. Personal data will be retained for as long as is necessary to fulfill the purposes for which the personal data are specified in this Privacy Policy. In addition, the data may need to be retained for a longer period, for example due to legal reasons or other obligations.

7 Regular sources of information

We will only store information about a Wuudis Service user that you provide when you register and provide it when you use the Service. Service log information is also self-generated information. Wuudis Solutions Oy may also store customer and user information for public use from public sources.

8 Regular disclosures and recipient groups

Personal information is not routinely disclosed to third parties without the user's explicit permission. The exception is where the law requires, in a specific case, the regular disclosure of information. Personal information may be disclosed to the extent agreed with the customer.

9 Transfer of data outside the EU or the EEA

We use third-party services that may store content outside the EU. Such an external service is, for example, the SendGrid service used for sending emails. We only use the data safe third-party services, and these services are not transferred as the information necessary for the production of the service (e-mail address, name, and possibly the name of the company).

10 Registry Security Principles

There are several steps to ensure the security and integrity of the data collected in the Registry. The information in the user register is stored in the electronic database of the controller. When registry information is digitally stored on servers, the physical and digital security of their hardware is properly addressed. The data controller shall ensure that the stored information, as well as server access and other information critical to the security of personal data, is treated confidentially and only by the employees whose job description it is part of. When transferring data over a network, it is always protected by TLS technology.

11 Automatic decision making

Personal data shall not be used for automatic decision-making that has legal or similar effects on data subjects.

12 Right of access and the right to rectify information

Every person in the register has the right to verify their data stored in the register and to request the correction of any inaccurate information or the correction of incomplete information. If a person wishes to check or rectify the information stored about him / her, the request must be sent in writing to the controller. If necessary, the controller may ask the applicant to prove his identity. The controller will respond to the client within the time limit set by the EU Data Protection Regulation (as a rule within one month).

13 Other rights related to the processing of personal data

A person on the register has the right to request that personal data relating to him / her be removed from the register ("the right to be forgotten"). Data subjects also have other rights under the EU General Data Protection Regulation, such as restricting the processing of personal data in certain situations. Requests should be sent in writing to the controller. If necessary, the controller may ask the applicant to prove his identity. The controller will respond to the client within the time limit set by the EU Data Protection Regulation (as a rule within one month).

15 Contacting

In all matters concerning the processing of personal data and the exercise of one's rights, the data subject should contact the controller. The registrant can exercise his / her rights by contacting the registrar's contact person via email.

16 Validity

This Privacy Statement is effective as of May 3, 2018.