Privacy policy

This is a register and privacy statement in accordance with the EU General Data Protection Regulation (GDPR).

Name of the register

DropGear Oy Ab’s customer register

Data controller

DropGear Oy Ab, Business ID: 3501756-6

Person responsible for register matters

Kari Salmu, CEO

Purpose of the register

The purpose of the register is to serve as DropGear Oy Ab’s customer register.

Data may be used for the following purposes

  • Managing the customer relationship

Regular sources of data

The primary source of data is the customer themselves. Data may also be obtained from official and company registers as well as from mutual partners.

Contents of the register

The register mainly contains information provided by customers themselves to DropGear Oy Ab.

The register may include, among others, the following customer data

  • Person’s name
  • Email address
  • And other information provided by the user

Regular disclosures of data

With the customer’s consent, data may be disclosed to partners shared by the customer and DropGear Oy Ab in order to deliver the products and services ordered by the customer.

Information related to invoicing may be disclosed to parties that process payment transactions.

Data is not disclosed to other third parties within or outside the EU.

Data may be disclosed to authorities if they submit a request based on Finnish law.

Principles of register protection

Manual material

Data is not stored in physical form, except for accounting records, which can only be accessed by designated DropGear Oy Ab employees and the accountant, who are bound by confidentiality obligations.

Data stored in information management systems

Data is transferred over an SSL-secured connection.

Electronic data is protected by a firewall. Only specifically designated DropGear Oy Ab employees have access to the register data. Employees are identified with a username and password. The data is treated confidentially and may not be disclosed to anyone other than those who need it in their work and who are bound by confidentiality obligations.

Right of access and right to object

The data subject has the right to access the data concerning them that has been stored in the personal data register. A written access request must be signed and sent to the person responsible for register matters.

The right of access is free of charge when exercised no more than once per year.

Data retention period

We retain personal data only for as long as necessary, depending on the type of personal data and the purpose of its processing. We retain form submissions for a maximum of 6 months, after which they are automatically deleted from the website database.

Cookies

This website uses cookies. Cookies are small text files generated by our online service that, with your browser’s consent, are stored in your browser device’s memory. Cookies allow us to analyze the service requests you make to our online service through your browser, identify the choices and settings you make while using the website, and provide personalized services based on them.

You can refuse or delete cookies using your web browser’s settings. However, this may affect our ability to provide personalized, high-quality online services.