This is SmoothTeam Ltd's register and privacy policy in accordance with the EU General Data Protection Regulation (GDPR). Prepared on 25.5.2018. Last modified on 25.5.2018.

1. The controller

SmoothTeam Oy, business ID 2679043-4, Nekalantie 28, 33100 Tampere, Finland

2. Contact person responsible for the register

Jaakko Heikkilä, registry[at-merkki]smoothteam.net

3. Name of the register

SmoothTeam's customer register based on customer relationship and other material connection ("SmoothTeam Customer Register")

4. Legal basis and purpose of the processing of personal data

The legal ground for processing personal data under the EU General Data Protection Regulation is the legitimate interest of the controller (customer relationship).

The purpose of processing personal data is to manage and analyse the relationship with the customer and other relevant contacts, to provide and personalise services, to develop and plan business, and for marketing, distance selling, opinion and market research and customer communications, which may also be carried out electronically and in a targeted manner.

Personal data may be processed as permitted by applicable law for the marketing purposes of SmoothTeam's carefully selected partners, including direct marketing, distance selling and opinion and market research. In principle, the disclosure of data to partners may only take place for purposes that support the operational purpose of the register and where the purpose of the data is not incompatible with SmoothTeam's purposes.

5. Data content of the register

The data to be recorded in the register are:

6. Regular sources of information

The information stored in the register is obtained from the customer through, for example, messages sent via web forms, email, telephone, social media services (e.g. Facebook, LinkedIn, Twitter, Google, Youtube, Instagram), contracts, customer meetings and other situations where the customer discloses their data. This includes various marketing activities such as newsletter marketing sweepstakes and contests and events such as trade fairs.

Personal data may also be collected and updated from SmoothTeam Oy's other registers, from the registers of selected partners and from authorities and companies providing services concerning personal data.

7. Cookies and other similar technologies

A cookie is a small text file that the browser stores on the user's terminal device. Cookies contain a unique identifier that allows users to be identified.

Cookies and the information they collect are also used to analyse the usability and use of the web service, to improve security, to monitor usage and to improve the service.

Cookies and the information obtained from them may also be used to deliver targeted communications, advertising and content on the website, to develop the website and to measure and optimise marketing activities.

8. Regular disclosures and transfers of data outside the EU or EEA

The data may be disclosed at the discretion of the controller to the extent permitted and required by applicable law, for example to SmoothTeam's partners, unless the data subject has prohibited the disclosure. In principle, data may only be disclosed for purposes that support the purpose of SmoothTeam's customer register and where the purpose of the data is not incompatible with SmoothTeam's purposes.

The data may also be disclosed in accordance with the requirements of the competent authorities or other bodies, on the basis of the legislation in force, and for historical or scientific research, provided that the data have been transformed into a non-identifiable form.

Information may be disclosed to buyers in connection with a business transaction, in the event SmoothTeam sells or otherwise reorganizes its business.

Data may be transferred to partners selected by the controller who process the data on behalf of the controller, on the basis of a cooperation agreement between the parties. In such cases, the data processor is not entitled to process the transferred data on its own behalf, in its own personal files.

As a general rule, data will not be transferred outside the territory of the Member States of the European Union or the European Economic Area, unless this is necessary for the purposes of the processing of personal data or for the technical implementation of the processing, in which case the transfer of data will comply with the requirements of personal data legislation.

SmoothTeam may transfer the information contained in the register to its own direct marketing registers after the termination of the customer relationship and business relationship.

9. Principles of register protection

The data in the register is not stored in any other than electronic form. Pipeprive OÜ is responsible for the technical protection of the register. When transferred over the network, the data is protected by SSL technology. The controller ensures that the stored data, as well as server access rights and other information critical to the security of personal data, are treated confidentially and only by employees whose job description includes this.

10. Right of inspection and right to request correction of information

Every data subject in the register has the right to check the information stored in the register and to request that any inaccurate or incomplete information be corrected or completed. If a person wishes to check or request a correction of the data stored about him or her, the request should be sent to the controller. The controller may, if necessary, ask the applicant to verify his/her identity. The controller will reply to the data subject within the time limit laid down in the EU General Data Protection Regulation (as a general rule, within one month).

11. Other rights relating to the processing of personal data

A data subject in the register has the right to request the erasure of personal data concerning him or her from the register ("right to be forgotten"). Data subjects also have other rights under the EU General Data Protection Regulation, such as the restriction of processing of personal data in certain circumstances. Requests should be sent to the controller. The controller may, if necessary, ask the applicant to verify his or her identity. The controller will reply to the data subject within the time limits set by the EU GDPR (usually within one month).

12. Amendments to the Privacy Statement

SmoothTeam is constantly developing its business and therefore reserves the right to change this Privacy Policy by notifying its customers. Changes may also be based on changes in legislation.