1. Data controller

Earthpac Oy | business ID: 1030180-0
Kustaa Vaasankatu 2-4
85800 Haapajärvi

2. Contact person for register-related issues

Antti Liimatainen
antti.liimatainen@earth-pac.com
+358 40 734 5718

3. Register name and data subjects

Earthpac | Marketing Register

In the Register, we process the personal data of our potential clients and their representatives.

4. How do we use your personal data?

We use your data for the marketing and development of the services provided by Earthpac Oy. We collect, store and process personal data only for pre-defined purposes.

5. What personal information do we collect?

Data of the following kind can be stored about data subjects:

• Name
• Company
• Telephone number
• E-mail address
• Address
• Title
• Consent information
• Publicly available classification information
• IP address data or another identifier
• Data collected via cookies
• Website(s) visited
• The time spent on website
• How did you get to the website
• What links do you click
• Data collected from social media channels

Other data collected with the customer’s consent.

6. Which sources do we collect personal data from?

We collect personal data about you mainly from yourself, when you contact us or when you use our services at a later time. We can also collect contact information from public sources.

7. What is our basis for processing your data?

We ensure that we always have a legal basis for processing your personal data.

We process personal data stored in the marketing register either on the basis of our legitimate interest (e.g., direct marketing to our potential clients and developing our services) or on the basis of your consent.

8. Will your data be transferred or disclosed?

As a general rule, your personal data are processed by our staff members in the course of their work.

In some cases, your data may be disclosed confidentially to our business partners or subcontractors, who process personal data under a written mandate agreement. These include data centre and cloud services meant for data storage, the suppliers of the IT systems we use, and external services purchased to support sales and marketing.

Our subcontractors and business partners process personal data in an agreed manner, in accordance with our written instructions, and only to further the agreed, lawful purposes.

9. Will your data be transferred outside the EU or the EEA?

As a general rule, we do not transfer your personal data outside the EU or the EEA

The website analytics service we use (Google Analytics) might transfer analytical data outside the EU. However, Google is committed to the Privacy Shield framework, which guarantees an adequate level of data security as approved by the European Commission.

Likewise, the social media channels we use might transfer your data outside the EU and the EEA, but they are also committed to the Privacy Shield framework.

10. For how long will your personal data be stored?

We will only store your personal data for the time necessary to fulfil the purposes described in this statement. Unnecessary data are deleted regularly, at least once a year.

11. How are your data secured?

We respect the confidentiality of your personal data.

Personal data are protected from third parties by firewalls, anti-virus software, personal usernames and passwords. Only the persons authorised by us, whose work requires the processing of personal data, have access to personal data. We only disclose personal data confidentially and to a limited extent, based on the agreements with our contracting partners, such as our subcontractors. Our contractual partners must implement adequate data security and process personal data lawfully in all respects. The people who process personal data are bound by an obligation of confidentiality.

Our website uses a TLS-encrypted HTTPS connection, which means that all personal data are protected electronically. In your browser, you can see it from a lock on the left side of the address bar. If data are in a manual format, they are stored in locked premises not accessible to third parties, and destroyed securely.

12. How do we use cookies?

Cookies are small text files that are automatically stored on a computer/terminal when a user visits various websites. Our online service uses cookies so that we can offer our service to a standard that is as user-friendly and high-quality as possible.

We use cookies to develop our services and website, to analyse the use of our website (Google Analytics), and to target and optimise marketing. With the help of monitoring website traffic, we can develop our website to make it even better, and to be able to provide a better visit experience for our users. We also target marketing using Facebook Pixel.

If you do not want the online service to receive data through cookies, you can refuse the use of cookies (most browsers allow you to disable the cookie function). You can stop Google Analytics from collecting data about you; you can find out more about this on Google’s website. Please note that in this case, the online service might not work properly.

This website uses cookies. We use cookies to customise the content and ads we provide, to support social media features, and to analyse our traffic. In addition, we share information on how you use our website with our social media, advertising and analytics partners. Our partners may combine this information with other information you have provided to them or collected after you have used their services.

According to law, we are allowed to store cookies on your device if this is essential for the operation of the website. We need your consent to use of any types of cookies.

This website uses cookies of different type. Some cookies are set by third party services appearing on our website.

13. What rights do you have?

13.2 The right to access data (the right of inspection)

You have the right to know which of your personal data are stored on the register. You can review your stored personal data as described in this statement.

13.3 The right to have the data corrected or removed (the right to be forgotten)

We will delete, correct or supplement data that are inaccurate, unnecessary, incomplete or outdated for processing, either on our own initiative or at the data subject’s request.

13.4 The right to restrict processing

The data subject has the right to demand that the active processing of their personal data is restricted, for example, when the data subject disputes the accuracy of their personal data and requests that their personal data are corrected or removed. In this case, such personal data may only be stored, not processed otherwise. Restrictions on processing are ensured by technical measures.

We will notify the data subject before lifting the processing restriction.

13.5 The right to object to the processing of personal data

You have the right to object to the processing of your personal data to the extent that there is no compelling reason for the processing that would supersede your rights or the processing is not necessary for fulfilling a legal requirement.

13.6 The right to transfer data from one system to another

To the extent that the data subject has provided data for the customer register, processed with the consent or mandate of the data subject, the data subject has the right to obtain such data in a mainly machine-readable format and the right to transfer this data to another data controller.

13.7 Withdrawal of consent

If personal data are processed based on the data subject’s consent, the data subject has the right to withdraw their consent by notifying us. You can withdraw your consent as described in Section 14 of this statement.

13.8 The right to appeal to the supervisory authority

The data subject has the right to lodge a complaint with the competent supervisory authority if the data controller has not complied with the applicable data protection regulation in its activities.

14. Where can I submit requests regarding my rights?

Any queries and requests related to the register can be submitted either in person on site by presenting an identity document, or by sending a message to the e-mail address info@earth-pac.com. We may then contact you by telephone, if necessary, to verify to identity.

We will send the requested data to your e-mail address as a password-protected document, and the password will be sent to your phone by text message.

We will respond to requests within one (1) month of submitting the request, unless there are special reasons for extending the response time. We may also refuse to comply with your request on the grounds provided by the applicable legislation.

The exercise of the rights is, in principle, free of charge.

15. Mandatory disclosure of information

If you do not consent to the processing of your personal data for the purposes and rights specified in this privacy policy, we are probably unlikely to serve you and fulfil the purpose of our activities fully. Therefore, if you do not want us to process your data in accordance with these principles, please do not provide us with any data.

16. Where can I find the latest, valid privacy policy?

We will always have the latest privacy policy available at this address.