Skip to main content

Privacy Statement

In this statement, we explain how we process the personal data of our customers and visitors to our website. First, here is a summary of the key issues. For those who are particularly interested in data protection (like ourselves!) we have made a longer and more detailed text version of the same issues below.

note

Registrar: Molemmat Oy, business ID 3242728-7

Contact information for checking data and exercising other data protection rights: [email protected]

Supervisory authority: The Finnish Data Protection Ombudsman, www.tietosuoja.fi

Piece of informationWhere do we get itWhen do we delete itWill be transferred outside the EUWhat it is used for
WWW server log information: IP address, User-Agent, requested document, time stamp, server response code, referring site, possible unique linkFrom you/your device when you come to our website. Information about opening a unique link is only stored if you open a link tailored to you.After 2 yearsNoTechnical functionality of the website, data security and visitor counting. The unique link is used for sales development.
Contact form information (name, e-mail address, what the contact is about, message and time stamp)From you, when you send us the information using the contact form on our websiteWhen the contact has been processed, or when the customer relationship has endedNoTo respond to your contact request, to monitor the customer relationship
URL & Title of pages viewed, URL & Title of any links that are clicked on pages viewed, Referrer, User agent, Screen resolution, Language, x/y coordinates of mouse events, Anonymized IP addressFrom you/your device when you come to our websiteAfter 1 yearYesImproving our marketing and sales

Website

We use the services of German Hetzner to run our website. When you visit our website we get the following log data from the web-server:

  • IP address (your computer or mobile device’s unique identifier that can be traced back to you)
  • Your browser’s User-Agent
  • Requested document (i.e. the part of our website that you have clicked or looked at)
  • Timestamp
  • Server’s HTTP Response Code
  • Referrer
  • The potential tracking URL (i.e. the identifier of the marketing etc. material that we have shared with you)
  • This data will be kept on our server for two (2) years, after which it will be permanently deleted.

We use the data to resolve potential technical issues on our website, to ensure the cyber security of the site and to count the visits to our site. With the data we can estimate how many visits we get within a certain timeframe, how many times a document has been requested within a certain timeframe, what devices are used to access the website (User-Agent), how many and which documents each visitor has requested as well as which websites the visitors are coming from.

We get the data directly from you (or rather from your device) when you visit our website. We do not disclose data to outside parties, and we do not transfer data outside of the EU/ETA area. We also do not use your data for automated decision-making or profiling. We do not use tracking cookies or tracking software that could be used to follow you after you have left our website.

We process your data according to the EU’s General Data Protection Regulation’s (GDPR) article 6.1 section b): “processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract”. In practice this means that the website has to process your data for its technical functioning. Otherwise you would not be able to access our website at all.

However, the technical functionality does not require saving the log data for a longer period of time. This longer processing time is based on the GDPR’s article 6.1 section f): “processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child”. Molemmat Oy has a legitimate interest in storing data to ensure cyber security, in order to e.g. resolve hostile attacks or misconduct. We also have a legitimate interest in getting to count the amount of visits on our site and seeing which parts of our site get the most traffic in order to develop our website. We also have a legitimate interest to know how often our marketing material is viewed in your organization, so that we can better target our marketing to just those who are interested in our products. Since we do not process much data on you and since the data we process cannot be deemed as very sensitive, we are of the opinion that in this case your rights according to data protection legislation do not weigh more than our legitimate interest to process your data.

Website Analytics

We use Clicky by Roxr Software Ltd for website analytics to improve our marketing and sales.

When you visit our website the following information is collected:

  • URL & Title of pages viewed
  • URL & Title of any links that are clicked on pages viewed
  • Referrer
  • User agent
  • Screen resolution
  • Language
  • x/y coordinates of mouse events
  • Anonymized IP address
  • The collected information is automatically deleted after one year.

We use the data to improve our marketing and sales. With the data we can see the effectiveness of our marketing campaigns and how our website is used, we can estimate how many visits we get within a certain timeframe, how many times a document has been requested within a certain timeframe, what devices are used to access the website (User-Agent), how many and which documents each visitor has requested as well as which websites the visitors are coming from.

We get the data directly from you (or rather from your device) when you visit our website. The information is sent to the Clicky servers in the United States for analysis. The transfer of data is based on the Data Privacy Framework (read more: https://www.dataprivacyframework.gov/s/). Roxr Software Ltd acts as a data processor. See Clicky’s privacy policy for more detail. We do not use your data for automated decision-making or profiling. We do not use tracking cookies or tracking software that could be used to follow you after you have left our website.

e process your data according to the EU’s General Data Protection Regulation’s (GDPR) article 6.1 section f): “processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child”. We have a legitimate interest in analysing which channels bring customers to our site, how effectively they find what they are looking for, and seeing which parts of our site get the most traffic in order to develop our website and marketing. We also have a legitimate interest to know how often our marketing material is viewed in your organization, so that we can better target our marketing to just those who are interested in our products. Since we do not process much data on you and since the data we process cannot be deemed as very sensitive, we are of the opinion that in this case your rights according to data protection legislation do not weigh more than our legitimate interest to process your data. If you wish to opt-out from this analysis, you can use the opt-out tool.

Customer Information

We collect data on our clients’ representatives through our contact form as well as through communication with our clients. Some data we get from public sources such as the Finnish Trade Register. The processing of the data from our contact form is explained above in The Website’s Contact Form -section. We process the following data on our clients:

  • The name of the company, Business ID, address (this is counted as personal data when it applies to a one-person company; in the case of larger companies it is deemed business data)
  • The name and contact details of the contact person, such as (work) telephone number and (work) email address, as well as position
  • The needs and interests of the client company (this is counted as personal data when it applies to a one-person company; in the case of larger companies it is deemed business data)
  • The services bought by the client company and the data related to them (this is counted as personal data when it applies to a one-person company; in the case of larger companies it is deemed business data)
  • The decision-makers and owners of the company (name and position)

We use the data to improve our sales and customer service so that we can offer you the services that are best suited to the specific needs of your company. In addition we use the data for the maintenance and daily upkeep of the customer relation.

We do not disclose data to outside parties, and we do not transfer data outside of the EU/ETA area. We also do not use your data for automated decision-making or profiling.

We check our register annually and delete the data that is no longer valid (such as if the client company has closed down or the contact person has changed, or if the client company has not bought our services in the last two years). In this way we ensure that all data is deleted at least 2 years after the data has expired, or 3 years after the last purchase. We will naturally delete the data earlier at the client’s request or announcement.

We process client data according to the EU’s General Data Protection Regulation’s (GDPR) article 6.1 section b): “processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract”. In practice this means that we need the data in order to make offers and fulfill the contractual relationship between us.

Your rights and the contact details of the Data Protection Ombudsman

You have the right to check the data we hold on you, the right to ask for correcting the data, deleting it, for limiting the processing of your data, as well as the right to oppose the processing of your data. You also have the right to ask to have your data moved from one system to another. Please note, that we cannot always fulfill your request of e.g. deleting your data if we have a legal or other obligation to store the data (e.g. the data required by the Accounting Act).

Make a request about your personal data by sending an email to [email protected]. In the email please state which data you wish to check or any other right you wish to exercise, and tell us your name and any other information that we can use to help find your data on our registers. When submitting the request you do not need to give us any more data than what we already have.

You have the right to make a complaint to the Data Protection Ombudsman, if you suspect that we are using your data in a way that goes against data protection legislation. The Data Protection Ombudsman will also advise you on your data protection rights. The contact details for the Office of the Data Protection Ombudsman are:

Office of the Data Protection Ombudsman

Website: www.tietosuoja.fi/en/home

Visiting Address: Lintulahdenkuja 4, 00530 Helsinki, Finland

Postal Address: PL 800, 00531 Helsinki, Finland

Email: tietosuoja(at)om.fi

Switchboard: +358 (0)29 566 6700

General guidance for private persons: +358 (0)29 566 6777