Cookies and Privacy Notice
Taking care of and maintaining information privacy is a high priority to Netox. Our services are based on capable people, strong sertified and secure procedures as well as tested technology. Data protection is an important and deeply integrated part of our operations.
Netox protects the privacy of data subjects and complies with the General Data Protection Regulation (2016/679) of the European Union in all processing of personal data as well as other applicable data protection legislation and good data processing practices.
In this privacy notice, we describe how Netox processes personal information related to customers, as well as any other connections.
The Netox newsletter can be subscribed by anyone. Subscribing to the newsletter is a consent to receiving the newsletter and it is possible to be unsubscribe on will by using the ‘unsubscribe from mailing list’ link in the newsletter. Upon cancellation, the e-mail address will be removed from Netox systems. The e-mail address requested in the subscription will only be used to deliver the newsletter.
Controller and processing of personal data
Netox will act as the data controller for the information collected for customer relationship management purposes. When performing tasks agreed with the customer, such as IT support services, Netox acts as the data processor and the customer as the data controller, in which case the processing takes place in accordance with the written instructions received from the customer.
Collected information and its use
For the processing and implementation of the agreement, the following information, for example, is collected from the Customer (company or person):
• name (company, contact person)
• e-mail address
• phone number
• address information
• billing information
The information is mainly collected from the customer in connection with the preparation of the contract. Information may also be collected during pre-contractual negotiations, during the potential customer identification phase or when a company/individual shows interest in Netox, for example by subscribing to a newsletter or requesting a quote for Netox’ services. The information may also be used to sending service bulletins, satisfaction surveys, and for other marketing purposes.
Personal data processed in the client’s assignments (for example the customer’s employee information):
Customer’s orders and Customer-based information as well as other personal information generated during the customer relationship will be treated confidentially for the following purposes (for example the customer’s employee information):
• e-mail address
• phone number
• home address
• computer name
Keeping your data safe
Personal information kept by Netox is processed in a server environment with a very high and certified (ISO / IEC 270001 / ISO 20000-1) security level. Our services meet the requirements of the EU’s general data protection regulation for the processing and protection of data. The data is only accessible to those who need it in the course of their work, and all use is recorded in log data, which is kept for the period required by law.
Third parties and information disclosures
To provide services Netox may use subcontractors. These might include, for example, the supplier of the billing system, the supplier of the customer service system (tickets and their registration) as well as the supplier of the server environment. Netox uses secure partners in the EU/EEA area, whose safe operation is ensured both contractually and, if necessary, through audits. The partners necessary for providing the service are submitted for approval in the contract.
Netox will not disclose personal information received in connection with customers or orders to others, unless otherwise required by applicable law.
Data retention period
Customer data will only be retained for the duration of the current customer relationship, unless otherwise required by applicable law.
Customer data is stored in Netox’ data centers in the EU/EEA are. If, on a Client’s assignment, Netox processes data located on the Client’s own servers that are outside the EU/EEA area, it will be processed there remotely from Finland.
Lawfulness of processing
The processing of customer data is based on Netox’ compliance with its legal obligations and the performance of a contract.
The processing of data in connection with Client’s assignments is based on the performance of a contract.
The processing of customer data is based on Netox’ compliance with its legal obligations and the execution of the agreement.
The processing of data in connection with Client’s assignments is based on the implementation of the agreement.
Rights of the data subject
• Right to access personal data
• Right to rectification
• Right to erasure
• Right to restrict processing
• Right to object
• Right to data portability
• The right to withdraw consent if the processing is based on consent
• Right to appeal to the supervisory authority (https://tietosuoja.fi/ilmoitus-tietosuojavaltuutetulle)
Customers may exercise their rights either by contacting Netox Customer Service or firstname.lastname@example.org
Requests for information related to personal data processed in connection with the Client’s assignments are directed to the Client, who as the controller is responsible for processing them.
Saaristonkatu 22, 2krs. 90100 Oulu
Eteläesplanadi 8, 00130 Helsinki