This site uses cookies. We use cookies to personalize the content and ads we offer, to support social media features, and to analyze our visitor traffic. Additionally, we share information about your use of our site with our social media, advertising, and analytics partners. Our partners may combine this information with other information you have provided to them or that they have collected when you have used their services.

Cookies are small text files that websites can use to make the user experience more efficient.

By law, we can store cookies on your device if they are strictly necessary for the operation of the site. We need your consent for the use of all types of cookies.

This site uses different types of cookies. Some cookies are placed by third-party services appearing on our pages.

You can change or withdraw your consent through the cookie notice on our website.

Read our Privacy Terms for more information about who we are, how you can contact us, and how we process your personal data.

Please provide your consent ID and the date of consent when contacting us regarding your consent.

Your consent applies to the following domains: super-site/en.com

This is the Company's registry and privacy statement in accordance with the EU General Data Protection Regulation (GDPR). Drafted on 29.05.2023

1. Data Controller Digital Labs Oy (3001169-1), Heikkiläntie 103, 42560 Pohjoisjärvi

2. Contact Person Responsible for the Register Dini Mäntylä, dini@digitallabs.fi, +358 40 6539424

3. Name of the Register The Company's customer register, marketing register

4. Legal Basis and Purpose of Processing Personal Data The legal basis for processing personal data under the EU General Data Protection Regulation is: – the individual's consent (documented, voluntary, specific, informed, and unambiguous) – a contract in which the data subject is a party – performance of a public task or – the data controller’s legitimate interest (e.g., customer relationship before the conclusion of a contract).

The purpose of processing personal data is communication with customers, maintenance of customer relationships, and marketing.

The data is not used for automated decision-making or profiling.
5. Content of the Register The information stored in the register includes: name of the person, position, company/organization, contact information (phone number, email address, address), website addresses, IP address of the network connection, identifiers/profiles in social media services, information about subscribed services and changes to them, billing information, and other information related to the customer relationship and subscribed services.

Customer Register Company details, contact person details, billing details

Marketing Register Company details, public information about decision-makers.

The data retention period is 6 months after the end of the customer relationship or marketing activity.

The IP addresses of website visitors and cookies essential for the functioning of the service are processed based on legitimate interest, e.g., to ensure data security and for collecting statistical data on website visitors in cases where they are considered personal data. Consent for third-party cookies is requested separately if necessary.

6. Regular Sources of Information The information stored in the register is obtained from customers, for example, from messages sent via web forms, by email, by phone, through social media services, from contracts, customer meetings, and other situations where the customer provides their information.

Information about company and organizational contact persons can also be collected from public sources such as websites, directory services, and other companies.

7. Regular Disclosure of Information and Transfer Outside the EU or EEA Information is not regularly disclosed to other parties. Information may be published to the extent agreed with the customer.

Information may also be transferred by the data controller outside the EU or EEA. Information will not be transferred to the United States without the explicit consent of the data subjects.

8. Principles of Register Protection Care is taken in processing the register, and the data processed via information systems are properly protected. When registry information is stored on Internet servers, the physical and digital security of the hardware is properly ensured. The data controller ensures that the stored data and server access rights as well as other critical personal data are processed confidentially and only by employees whose job descriptions include such processing.

9. Right of Access and Right to Request Correction Every person recorded in the register has the right to check their stored data and request the correction of any incorrect data or the completion of incomplete data. If a person wishes to check the data stored about them or request correction, the request must be sent in writing to the data controller. The data controller may, if necessary, request the requester to prove their identity. The data controller will respond to the customer within the time stipulated in the EU General Data Protection Regulation (generally within one month).

10. Other Rights Related to the Processing of Personal Data A person recorded in the register has the right to request the deletion of their personal data from the register ("right to be forgotten"). Similarly, registered persons have other rights under the EU General Data Protection Regulation, such as restricting the processing of personal data in certain situations. Requests must be sent in writing to the data controller. The data controller may, if necessary, request the requester to prove their identity. The data controller will respond to the customer within the time stipulated in the EU General Data Protection Regulation (generally within one month).