Data Privacy

Updated 25/5/2018

This is an informing document in accordance with EU General Data Protection Regulation (679/2016) for customers of Typing Master Finland Oy (consumer users of Typing Quest), data subjects in our marketing register and users of TypingQuest.com website.

Who processes your data?

Company
Typing Master Finland Oy (1543684-3)
Eerikinkatu 4 A 16
00100 Helsinki

Contact Person
Hannu Sehm
[email protected]
+358-9-8240 8350

Whose data we process?

Customers
Potential customers
Website users

Why do we process your data?

To manage customer relations
Marketing purposes

Where do we get the data from?

The person him/herself

We record log data of our website users

Which data do we process?

Name
E-mail
Phone number
Organization
Job title/role
Ordering information
Login and password
Consent for direct marketing
IP address

For how long will we process your data?

We will process your data as long as you are our customer.

For marketing purposes, the rule is two (2) years, after which we delete your information.

Who else processes your data?

No data is released to third parties, but our own service providers may process your data, if necessary. Here you can find a list of our service providers.

How do we protect your data?

We protect the web connection (https)
We use a firewall
We encrypt data
We restrict access to the register only to people who need it
We commit our staff with confidentiality agreements

Cookies

Our websites use cookies.

You can deny the use of cookies at any time.

Purpose and legal grounds for the processing of personal data

Consumer users of Typing Quest
Purpose of processing: Providing the service, invoicing, debt collection, marketing, managing and developing customer relations, developing products and services, statistical purposes.
Grounds for processing: Consent

Contact persons (client companies)
Purpose of processing: Customer service, managing and analyzing relationships based on customership and other appropriate affiliation, developing and planning of business operations, customer communication and marketing.
Grounds for processing: Legitimate interest of the data controller

Potential customers and website users
Purpose of processing: Developing and analyzing business operations; marketing.
Grounds for processing: Legitimate interest of the data controller

Duration of data processing

We cease any active processing as soon as the customership, the management of which we need the data for, has ended. We may retain some data even after this (e.g. for bookkeeping) but we cease the storage of any customer-related data no later than 6 years from ending the customership. We record the data in the register as they are when we receive them from the data subject and update it according to what the data subject informs the data controller.

For marketing purposes, as a rule, the personal data is stored for two (2) years, after which we delete the data.

Personal data

The following data are recorded in the register:

Data Consumer user of Typing Quest Customer and potential customer Website user Purpose of use
Name X X * Identification/communication
Phone number X X * Communication
E-mail address X X * Communication / Marketing
IP address X X Managing customer relations / targeting marketing actions
Subscription information (if customer) X X Managing customer relations
Consent/objection to direct marketing X Targeting marketing actions
Login and password X Login management
Organization X X * Managing customer relations / targeting marketing actions
Job title / role X X Managing customer relations / targeting marketing actions

* If you fill the contact form. If you only browse through our pages, we only remain with your IP address, which is recorded automatically.

Your rights

You have the following rights. Please send any request for exercising these rights to the address: [email protected]

Right to access and rectification
You have the right to inspect any data concerning yourself that we process. If you notice any incorrect or incomplete data, you may request us to rectify or amend the data.

Right to object
You have the right, at any time, to object the processing of your personal data if you feel that we have processed your personal data in an illegitimate manner (for example with insufficient data security efforts) or that we have no right to process some of your personal data. If you object to your data to be processed, we will cease processing your personal data (except for storage) until we have investigated the legitimacy of processing.

Right to object to direct marketing
You have the right, at any time, to deny us from using your data for direct marketing. We never sell or otherwise release your personal data to other parties in order for them to engage in direct marketing towards you.

We acquire web advertising from e.g. Facebook and Google. However, we never release your personal data to these companies and this kind of advertising is not direct marketing but based on cookies. See cookies for additional information.

Right to erasure
If you feel that processing some data concerning yourself is not necessary for the purpose of our duties, you have the right to request us to erase these data. We will process your request, after which we either delete your data or notify you of any legitimate grounds why the data cannot be deleted. If you disagree with our solution, you have the right to lodge a complaint to the data protection supervisor of your own country. You also have the right to request us to restrict the processing of the data in question until the matter has been settled.

Right to lodge complaint
You have the right to lodge a complaint to the data protection supervisor of your own country, if you feel that our processing your personal data is in violation of current data protection legislation.

Regular data sources

Data concerning the customer are primarily collected from the customer themself in the context of registering and logging in, ordering products, asking for tenders, requesting trial use or participating in competitions and customer reviews, and from other persons in the same workplace.

Data releases

In addition to us, your data are processed by a few other parties (personal data processor). We have ensured that any party processing your personal data works in accordance with data protection legislation.

Our service providers:

  • Infrastructure: Velia, RapidSwitch UK, Hetzner Hosting, Google, Cloudflare
  • System management: GoToAdmins
  • Customer relations management and communication: Zoho, MailChimp, Postmark, Proposify, Twilio, Activecampaign, Pandadoc
  • Payments and invoicing: ShareIt, Fastspring, Microsoft, Administer Oy
  • Integrations: Zapier, Cazoomi

Data transfer outside EU

Our service providers may transfer data outside the EU/EEA area. We have ensured that any party transferring your personal data to countries outside the EU/EEA area works in accordance with data protection legislation.

Canada
Proposify is a Canadian company. The EU Commission has recognized Canada as a country with adequate data protection level. Here is a list of countries which the Commission has recognized as countries with adequate data protection level.

United States - Privacy Shield
Our service providers from the United States - MailChimp, ActiveCampaign, Postmark, Twilio, Google, Pandadoc and Zapier - have joined the so called Privacy Shield program between EU and US that aims to ensure the secure processing of European data in the US. The EU Commission has stated that any service provider certified in said program can guarantee a level of data protection and data security that is in accordance with high European standards.

You can see a list of certified service providers here: https://www.privacyshield.gov/list.

India
Zoho stores your data in servers located in the EU and does not transfer the data outside the EU/EEA area. In individual cases, Zoho employees outside the EU/EEA area may have access to your data for the necessary maintenance and development of the service. We have ensured that Zoho is committed to processing your data in a secure manner in accordance with this Privacy Policy.

Principles of protecting the register

The secure processing of your personal data is important to us. We have protected your data by the following means:

  • Your data is inaccessible to anyone who does not necessarily need it for their duties. Access to your data requires a login and password. Our staff and service providers have committed to keeping your data confidential.
  • We encrypt the network connections.
  • We store the data on servers that are heavily protected against both technical and physical intrusion attempts and against natural disasters.
  • The data is backed up at regular intervals.

Cookies

When you use our website, your browser saves a cookie, which is a small text file. Cookies recognize your device on the website and enable recalling your previous visits to improve your user experience. Most websites, including ours, use cookies.

You cannot be identified with cookies alone, but together with other data they can be linked to you. In such cases, cookies may be considered personal data. We do not, however, attempt to identify you with cookies.

Why do we use cookies?
We use cookies:
      - to improve the user experience of our website
      - to recall your personal settings
      - to offer essential content and information
      - to ensure the security of our website and
      - to collect statistics on the use of our website

Which cookies do we use?
We use the following cookies on our websites:

Functional cookies
Functional cookies are necessary for using the website and its properties. Cookies are used for e.g. recalling login information and language settings. Functional cookies may also be used for personalizing the website.

Behavior-measuring cookies
These cookies collect anonymous statistics on how people use the website. For example, they may help us understand how people use our website and which are the most popular parts of our website.

Other third party cookies
We may also use e.g. social media cookies on our website. The function and data protection policy of these third party cookies are described on the website of each party.

How long are the cookies stored on my device?
The storage times of the cookies on your device is divided into two groups.

Session cookies
Session cookies are normally used temporarily to recall any settings that are necessary for the browsing session. These cookies are set for one session at a time, and they are only stored until the browser is closed. Session cookies are not saved on your device.

Permanent cookies
Permanent cookies are used to identify the user between sessions. This enables for example the keeping of language and other settings the same between sessions. Permanent cookies are stored on your device between browsing sessions until you delete them or the defined storage time ends. Permanent cookies are stored on your device no more than 2 years.

What options do I have to manage cookies on my device?
You can accept or deny the use of cookies in your browser settings. There you may also empty your cookie history, if you wish. Browsers usually enable different ways of blocking cookies and managing cookie history. You will typically find cookie-related options in the “Options”, “Tools” or “Favorites” menu of the website you are using.

Accepting cookies enables you to have the best user experience on our website. If you block cookies, some of the website properties may not work on your device or you may not have access to all pages. It is therefore recommended to accept cookies.

Additional information on targeting of marketing based on browser use can be found on the website Your Online Choices.