Customer Register Privacy Policy – GDPR

Data protection is very important for Algol, and we are committed to protecting your privacy. We process your personal data in order to provide you with services. We can also use your personal data to communicate with you. We only collect personal data that is necessary for the purposes for which they are processed.

We will only process personal data for purposes that are defined in advance. Algol Group companies process your personal data in accordance with applicable data protection laws and the EU General Data Protection Regulation (GDPR). We may also outsource the processing of personal data to a third party, a personal data processor, in which case contractual arrangements guarantee that personal data will be processed in accordance with applicable data protection legislation and GDPR.

If we transfer your personal data outside the EU or the EEA, we will ensure an adequate level of data protection by agreeing on the confidentiality and processing of your personal data in accordance with applicable data protection laws and the EU General Data Protection Regulation (GDPR). We only retain your personal data for as long as it is necessary for the purposes for which the personal data is processed or for as long as is specifically determined by applicable law.

The contents of this Privacy Policy are subject to change, in which case the latest version will be published online. Therefore, we recommend that you review our Privacy Policy regularly.

Algol Chemicals Oy’s Customer Register Privacy Policy

1. Controller

Algol Chemicals Oy (0777485-0)

P.O. Box 13, FI-02611 Espoo

info@algol.fi


2. Contact information for GDPR issues

gdpr@algol.fi or +358 9 50991


3. Name of the register

Algol Chemicals Oy’s Customer Register.

4. For what purposes do we process your data and based on which grounds?

We send customer letters to our stakeholders and through our website to persons who have subscribed to our customer letters. The processing of personal data is based on either the person's consent or a legitimate interest. For example, when subscribing to an Algol newsletter, we ask for your consent to having your data processed.

Our processing of your personal data is based on our legitimate interest based on a customer relationship, employment relationship, or other relevant relationship.

The storage of data in the register is based either on a contractual relationship with our company, on the consent of the person to store the data, or on the legitimate interest of our company in gathering data as required for our business operations.

We collect and store data based on customer relationships or about potential new customers related to our business operations.

5. What kinds of data do we process and where do we obtain the data?

The data we collect for sending customer letters includes the person’s name and e-mail address, organisation and, in some cases, position. The analytics of the publishing system we use collects data for the development of services. The following data is collected by the system:

  • The time and location of opening the message based on the IP address
  • The time when a person has joined or been added to the mailing list
  • Clicks on links and their timestamps
  • E-mail programme used to open the message
  • Sharing the message on social media

The system registers an IP address when you subscribe to a newsletter or when you click on a link in the newsletter. In doing so, the system also collects indicative positioning data.

Other data that may be collected include:

  • Other text-based data related to the customer relationship
  • Marketing authorisation or denial
  • Data collected by cookies

You are entitled to deny permission for the collection of the above data.

We store minimum information about the customer relationship, which typically includes a person's name, company and contact information, such as email and phone number.

We obtain data directly from you and from our own registers, such as the customer register and the stakeholder register. Personal data is collected directly from you when you subscribe to our customer letter, for example. We may also collect data from publicly available sources, such as the internet and registers kept by external service providers.

6. To whom may we transfer and assign your personal data, and is your data transferred to countries outside the European Union or European Economic Area?

Personal data is not transferred outside the EU or EEA.

The distribution system for our customer letters is provided by an external service provider, and personal data is processed by servers outside the EU. Our service provider complies with data protection legislation, and no personal data is transferred without our consent. When processing personal data outside the EU or EEA, we ensure that the subcontractor is bound by the European Commission’s data processing clauses and/or is covered by the Privacy Shield.

Personal data is not disclosed to other third parties.

7. How do we protect your data, and for how long do we store your data?

Only designated persons who are authorised to process customer data are entitled to use the personal data system. The data contained in the customer letter publication system is protected by the IT and administrative security measures of the service provider and Algol. Such measures include the use of firewalls, encryption techniques, and secure spaces for hardware. Other means of protection include granting user rights and ensuring the competence of personnel involved in the processing of personal data.

We store personal data as long as necessary for the purpose of processing the personal data. Your personal data is deleted when you are removed from the subscriber list for our newsletter or when information about a change is received from elsewhere. When you cancel your subscription, your email address will remain inside the system to ensure that we no longer send mail to that address.

8. What are your rights as a person included in our customer register?

Access and right to rectification: You have the right to access your data. This may be referred to as the right of the data subject to request access to their data. If we believe we are obliged to provide your personal data to you, we will do so at no charge. Before we deliver personal data to you, we may request proof of your identity and sufficient information about your business with us to be able to locate your personal data. If the data we have about you is incorrect, you have the right to request rectification of any errors in your personal data.

Right to restrict processing: You have the right to restrict the processing of your personal data if we no longer have the right to use the data.

Other rights: You may also have the right to have your personal data deleted if we have retained them for too long, to restrict their processing in certain circumstances, and/or to receive a copy of the data we retain about you in electronic format.

You may send a request or exercise your rights by contacting Algol by email to gdpr@algol.fi, whereby we will take all reasonable steps to execute your request, provided that it complies with applicable laws and professional norms and standards.

9. Who can you contact?

All communications and requests related to this privacy policy must be made in writing or in person to the e-mail address specified in Section 2.