HOW WE USE YOUR INFORMATION
PRIVACY STATEMENTRegister and Privacy Statement – Simulation Platform User Register
This is the Register and Privacy Statement of SmoothTeam Ltd for EU General Data Privacy Regulation (GDPR). Created on May 25, 2018. Last update April 4, 2022.
1. Registrar
SmoothTeam Ltd, Finnish Business ID 2679043-4, Nekalantie 28, 33100 Tampere, Finland
2. The contact person responsible for the register
Jaakko Heikkilä, Rekisterit [at-symbol] smoothteam.fi
3. The name of the registry
SmoothTeam Ltd’s simulation platform user register
4. Legal basis and the purpose of processing personal data
The processing of personal data is based on the consent of the data subject.
The purpose of processing personal data is to manage and develop a customer relationship or to implement a service.
Information is not used for automated decision making or profiling.
5. Information content of the register
The information to be stored in the register is:
- Personal information: first name and last name, nickname, e-mail address
- The person’s choices in the game situation
This information will be retained for at least three years after the game, such that we can produce reports for the customer upon request. By way of derogation, when requested by the customer, the data will be deleted from the register without delay.
6. Regular sources of information
The data stored in the register is obtained from the registered persons (the data fields filled in the gaming system).
7. Regular transfers of data and transfer of data outside the EU or EEA
The information is given to third parties as follows:
- Sentry.io, USA – If an error occurs in the simulation platform, the error tracking information is stored on the Sentry.io server. This will help SmoothTeam find the cause of the error and correct the error. The data to be stored may contain the personal data mentioned above.
- Slack, USA – e-mail addresses of facilitators. These make it easier to provide quick support in case of problems and to monitor the use of the platform.
8. Principles of registry protection
Careful handling of the registry is ensured and data processed by the information systems is adequately protected. Electronic databases are protected by firewalls, passwords and other generally accepted technical means. Access to personal data is available only to persons specifically identified whose job requires handling of personal data stored in the register. These people will be able to access the system with their personal user IDs.
9. The right of inspection and the right to demand correction
Every registered person has the right to check his / her data stored in the register and to demand that any incorrect information be corrected or incomplete information supplemented. If a person wishes to check the data stored or to request correction, the request should be sent to the registrar. The registrar may, if necessary, request the applicant to verify his / her identity. The registrar responds within the time limit set by the EU Data Protection Regulation (usually within one month).
10. Other rights related to the processing of personal data
A registered person has the right to request the removal of his / her personal data from the register (“the right to be forgotten”). Also, those who are registered have other rights under the EU’s general data protection regulation such as restricting the processing of personal data in certain situations. Requests should be sent to the registrar. The registrar may, if necessary, request the applicant to verify his / her identity. The registrar responds within the time limit set by the EU Data Protection Regulation (usually within one month).
Note! This is an English translation of the original Finnish document.