Information security clause
Aito Support Information Security Clause
Aito Support is a private owned service company that provides its services for companies, public organizations and consumers.
Aito Support adheres to the information security decree and the legislation related to information security that is currently in effect.
The handling of information related to the users of our website, web store customers and other customers is described in this information clause.
Anyone using our services approves the terms of this information security clause by using our website and/or other web-based and non-web-based services I.e. at any of our shops.
We act as a handler of information for our customers in many of the services provided by us. The handling of personal information related to these services is described in more detail in the service descriptions and contract terms of these services.
What Information Is Collected of Me And for What Purpose?
The main use of the information collected from the users of our website, web store and other customers is customer service and managing, tending to, and up-keeping customer relations, advancing sales, remote sales, direct marketing and targeted marketing. We need the information to produce and execute services for our customers, communication to customers, billing for our services and collection of payments from our customers and for the purposes of targeting advertisements and marketing.
The information is also used for opinion and marketing studies and other similar address requiring contacts. Statistics are compiled using the information and analyzed and segments and profiles are formed in order to develop services and business activity, target marketing and increasing the appeal of the content.
We collect I.e.
- Contact information I.e. name, e-mail, phone number, company contact information and a company or organization representative's rank in said organization.
- Information regarding customer relations I.e. order, cancellation, payment and billing information and also customer feedback and liaison information.
- Permissions, consent and prohibitions granted by the user about points of interest and any information given during inquiries and studies.
We also process registering information provided by our services I.e. usernames.
We use outside sources for updating and supplementing information. In order to activate a user account we might gain some information from the users employer or other source that has ordered our services.
By compiling statistics and analyzing the information given by the users or collected by us we may infer possible interests of the user and group users by those interests.
On What Basis Is My Information Being Collected And Handled?
- The handling of customer data is based on what the information security decree allows in the following situations:
- We handle the information given by the customer based on the contract and to carry out our rights and obligations regarding a product or a service that a customer has ordered or bought from us.
- We handle information for the purpose of targeted marketing and creating customer relations, selling products and services, producing customer and other services, developing services, business and customer service, preventing and investigating abuse cases and ensuring information security. We believe these procedures to be essential for our business activity and therefore the handling to be necessary for executing our rightful benefits.
- We may also handle the information given by a customer or collected during the use of our services based on the approval given by the customer in the cases where approval is necessary by law.
- We may also handle the information given by the customer within third party systems I.e. operator or software manufacturer systems. The third parties are responsible for their part for the protection of information security.
- The handling of information may also be based on following a legislative obligation because we might be obliged to retain some information in order to adhere to accounting and other compelling legislation or to answer warranty or other obligations even after the customer relationship or other basis of retaining personal information has ended.
Usage of Cookies on the Website
Cookies and similar technologies are utilized for ease-of-use of our website and ensuring information security and producing statistical data about the usage of the website I.e. to develop the functionality of the website. Cookies are files commonly used by websites that the browser saves to the hard-drive of the computer. Cookies tell I.e. if the user has visited the website before. No personal data is collected about the users of the website with cookies. It is possible to turn off cookies. The removal of cookies can be done in the browser settings. If cookies are turned off, it is good to be aware of cookies being necessary for the intended functionality of the website.
Handling of Information With Third Parties
We may handle personal data with a third party I.e. the aforementioned operator partner. We do not give personal data to outsiders. We follow the following principles with third parties:
- With subcontractors, we ensure by contracts that the dat is handled according to this information security clause and valid legislation.
- If a user has given consent for handing over information we may hand over the customers personal information for I.e. targeted marketing and opinion and marketing studies. The user may at any moment deny the handing over of information.
- We may hand over or move personal data if we make business arrangements or while partaking in them.
- We may hand over or move information if a public officer calls for it.
We handle information mainly in Finland. Some personal data, material and services may be handled in the European economic region or the USA. Any handling done in the USA is handled according to the Privacy Shield protocol.
Retaining Information After the End of Customer Relations
We normally retain customer information for ten years after the customer relationship has ended. We retain information collected for marketing purposes as long as the person in question works with assignments relating to the marketed product or service, unless the person has denied targeted marketing. Our personal data register is gone through regularly for outdated data.
Custom Rights Regarding Personal Information
A customer has a right to gain knowledge on the handling of their personal data and to check their own personal data. A customer has a right to ask for correcting, updating, completing or removing of information unnecessary to handling of the information that is faulty, unnecessary, incomplete or outdated. Personal data that is required to be retained by the law cannot be deleted that is necessary for the use cases described in this clause.
A customer may at any time prohibit the handing out of information and handling for the purposes of targeted marketing by reacting to the message's directions or by contacting our customer service.
A customer has a right to at any moment cancel consent they have given to handle their personal data in which case Aito Support handles personal data only if the law demands so.
A customer has a right to object to or limit the handling of information within the frame defined by the information security decree and other legislation that is currently valid in Finland.