OC-System

Privacy policy

Updated September 29, 2022

OC-System Oy complies with the EU General Data Protection Regulation
(GDPR).

Controller

OC-System Oy (0894209-4)
Työkuja 4
79600 Joroinen, Finland

Name of the register:
OC-System Oy customer and marketing register

Person responsible for the register

Riku Räisänen
Tel. +358 (0)201 441 410
Email: firstname.lastname@oc-system.fi

Legal basis and purpose of the processing of personal data

We process and record information about your contacts with us in order to reply to queries and invitations to tender. In addition to this, we require your contact information and information on the services and products you have acquired from us in order to arrange invoicing, product warranty, maintenance, spare parts, accessories, and any insurance policies, for example.

We also process your data in order to ensure the quality of our customer service provision, maintain our online service and develop our service and customer experience.

We use data collected with cookies in order to carry out analytics, improve our user experience and target advertising and marketing messages.

We also process your data insofar as our legitimate interests permit, i.e., as a part of our business operations.

The basis for the processing of personal data is a customer relationship or the data subject’s consent, in which case the data has been disclosed in connection with a contact, such as downloading material or subscribing to a newsletter.

If you have consented to the use of the website user data for marketing purposes, we can use your data for the purpose of targeting marketing and offers. If you have consented to receiving our newsletter or separately subscribed to our newsletter, we can also use your data to offer you newsletter content according to your interests.

Data collected in the register

  • various identifiers, such as the email address and telephone number you have provided
  • other identifying information, such as name and contact information, and information about the company represented by the contact person
  • information on contact with our customer service and sales departments
  • information on the services and products you have acquired
  • information on the cookie consent you have given or cancelled and on your other selections
  • information on your behavior on our website, e.g., a unique cookie or device identifier, information on your browser and operating system, your assumed location based on the IP address of your device or location data of your mobile device (if you have allowed the processing of your location data on your mobile device).

Some cookies are necessary for the services offered on our website.

You can manage your cookies through the cookie notification page.

Regular sources of data

Data on the customers is received directly from the data subjects by their own declaration, e.g., in connection with a newsletter subscription, invitation to tender or customer relationship registration.

Disclosure of data in the register

No data is disclosed further.

Transfer of data outside the European Union or European Economic Area

Personal data may be transferred outside the EU and EEA in connection with the production of IT services required by register maintenance. A data transfer agreement has been signed with the service provider using the standard contractual clauses approved by the EU Commission.

Rights of the data subject

The data subject has the right to request access to their data stored in the register. Requests to access data must be presented in a signed and written form to the controller.

If the register data is incorrect, the data subject may request that the controller rectify the data.

The data subject has the right to prohibit the controller from processing their data. Requests to prohibit processing must be presented in a signed and written form to the controller.

Register protection principles

The data can only be accessed by the staff of OC-System and its service providers whose tasks include the processing of data. The necessary data may be transferred to financial institutions and insurance service providers, if so agreed with the data subject. The data is protected by technical means, and access is restricted with personal access accounts.

Data storage period

In general, the data is stored for the duration of the customer relationship. Newsletter subscribers are removed from the register if they have not opened a newsletter in the past 12 months.