2022-1-1
Business Hacker Oy
Kaksostenkatu 9
53850 Lappeenranta
Contact Person
Tommi Rissanen
tommi@businesshacker.fi
Name and email address are required to use the service. In addition, the service collects information from the defendant's Business id, which in the case of a self-employed entrepreneur is also personal information. Personal information is temporarily attached to the sessionID and permanently to the user's responses.
Personal information is used for following purposes:
Service providing, such as:
Administrative purposes, such as:
Marketing, such as:
The processing of personal data is based on both the execution of a contract (Article 6(1)(b) of the GDPR), i.e. the fulfillment of an order or other request and the consent of the data subject (Article 6(1)(a)). The processing of personal data may sometimes also be based on the fulfillment of our legal obligation (Article 6(1)(c)) or on the controller’s legitimate interests (Article 6(1)(f)), for example in the case of marketing purposes.
The user of the service will not be subject to automatic decision-making.
The personal data has been received from the users/customers. The personal information is retained for as long as, and for no longer than, necessary to achieve the purposes for which it was collected, such as during a customer relationship or while meeting a communication need. Anonymized survey responses will be retained for the time being.
There are no regular disclosures of personal data. The controller processes the data itself and utilizes subcontractors acting on behalf and for the account of the controller in the processing of personal data. Otherwise, the personal data in the register will not be disclosed to third parties by the controller, except as required by law.
The data is located in data centers in Finland. Personal data is not transferred outside the European Union or the European Economic Area.
According to the European Union’s General Data Protection Regulation (GDPR), data subjects have the right:
If you would like to use your rights, please contact us as instructed below.
Personal data is protected by appropriate physical, electronic and administrative procedures. The data is not accessible to other users, and is stored in systems that cannot be accessed from outside of the cloud environment. All data stored in the database or in temporary backups are encrypted at rest and in transit. A limited amount of backups exist at any given time, and they are also accessible only to administrators.
Overall, the principle of privacy-by-design is conducted in all of development and system architectures, and all data processors are aware of and have received appropriate training in the processing of personal data.
The Privacy Policy is periodically reviewed to keep it up to date. If significant changes are made to this Privacy Policy, data subjects are notified as required by applicable law.
For personal data protection or privacy issues, please contact the contact person of the personal data registrant.