We at Bitcomp (Bitcomp Oy and our affiliates) are committed to protecting your privacy. Bitcomp collect and process personal information under the General Data Protection Regulation and Personal Data Act (523/1999).
Our business is based on legal business. We comply with EU legislation when we collect and store personal data:
- All gathered personal data are processed legally, fairly and in a transparent manner. You have the right to access your personal data, to have it corrected and the right to recourse; at any time if you believe your data protection rights have been breached.
- We collect personal data only to the extent necessary to fulfill a precise purpose related to our tasks. We do not hand out data collected to third parties without consent.
- We minimize our data and keep them accurate. We only control the data we need.
- We restrict the storage of information. We do not keep your personal information for longer than necessary for the purposes for which we collected it. However, we may keep your information for a longer period under certain conditions outlined in law.
- We store only intact and reliable information. We put in place measures to guarantee that your data are kept up-to-date and processed securely.
- We collect and process personal data for customer relations and handling other appropriate business matters or to further communications with potential customers.
Processing of Personal Data
Under EU data protection law (the GDPR), when we are what is known as a processor, we are processing personal data on behalf of a controller. In these situations, we take care that we process personal data in compliance with the data protection principles specified in data protection legislation. We process personal data to the extent necessary to provide the service.
Personal Data protection principles
We store personal data securely through technical and organizational means. Our registers are protected by access controls, firewalls, encryption technology, passwords and other measures widely accepted by data security specialists. With license agreement, we restrict access to the services. Only the employees and partners accepted by Bitcomp have access to the production and application servers.
Personal Data Transfers
Bitcomp does not share, sell, rent, or trade personal information with third parties. We do not pass on personal data to outside of the EU/EEA region. Some of the tools Bitcomp uses are located outside of the EU region (for example newsletter). Suppliers of these tools complies with the EU-U.S. Privacy Shield Framework.
Sources of Personal Data
Personal data is collected when you register for newsletter, do contract with us, contact us via phone, email or by messaging us on our social media channels, use a contact form on our website or other situations where you give us permission to collect your personal data, such as client meetings or events. Based on our business intentions we also might collect names for example from media.
We do not seek to collect, store or otherwise process your sensitive personal information (i.e. about race or ethnicity, political opinions, religious or philosophical beliefs, etc.) or any information that you have not given permission.
Deadlines for Erasure of Personal Data
We do not keep your personal information for longer than necessary for the purposes for which we collected it. However, we may keep your information for a longer period under certain conditions outlined in law.
As a processor, we are processing personal data on behalf of a controller. Controller can request deletion of personal data.
Rights in Respect of Your Information
You can request access, correction or updates of your personal information. Upon written request, controller provide an overview of the categories of data that are being processed as well as a copy of the actual data or corrects inaccuracies relating to your information. The controller may, if necessary, request the applicant to prove your identity. Under the GDPR, the controller will answer the client without undue delay (mainly within a month).
Other Rights in Relation to Data Processing
Upon written request, you can request deletion of your personal data (A right to be forgotten). You may object to the processing of your personal information, request us to restrict the processing of your personal information or request the transferability of your personal information. The controller may, if necessary, request the applicant to prove your identity. Under the GDPR, the controller will answer the client without undue delay (mainly within a month).