JAY Solutions Oy processes personal data in accordance with the Personal Data Act and personal data legislation. JAY sees to the realisation of privacy and non-disclosure in the processing of personal data.
JAY Solutions Oy (Business ID (FIN) 3150260-1), Ludviginkatu 6, 00130 Helsinki, Finland
Client Register (Asiakasrekisteri)
The purpose of processing personal data is to maintain and develop JAY Solutions’s relationships with its clients, to implement contracts between JAY and its client(s), and to use the data for marketing purposes.
The basis for processing data to maintain customer relationships is a legitimate interest in improving relationships with customers. The legitimate interest basis also applies to data processing for marketing purposes.
JAY may use subcontractors to fulfil the processing purposes described above. These subcontractors are responsible for following JAY’s instructions for processing and processing information only for the above-mentioned matters or they provide technical solutions for processing.
Data will be retained as long as it is needed to maintain and develop customer relationships. Personal data used for marketing shall be erased upon request from the data subject. In case a data subject wants to prohibit direct marketing to them, JAY keeps a record of that prohibition. In some cases, data may need to be stored for longer periods if required by law or by an official’s request.
The register contains the following information:
The primary source of stored information is the data subject. Other sources, such as Asiakastieto, may be used to look for information regarding company representatives.
Personal data shall not be delivered to third parties. All personal data is processed within the EU/ETA region. If we would need to transfer your data outside the EU/EEA, we will ensure the appropriate protective measures of this transfer (e.g. we will apply the EU-approved standard contract clauses).
Data may be disclosed to authorities based on compelling regulations.
Additionally, data can be disclosed within the group for group-level IT administration purposes, to manage customer relationships and for marketing purposes.
Physical documentation shall be stored in a locked storage space. Electronic data shall be stored in an information system that utilizes both hardware and software protections to ensure information security and to monitor the use of data.
Access rights to the register are handed to personnel in restricted capacity and in line with the requirements set by their work duties. All persons with access to the register are bound by professional confidentiality.
The right to access data and to request the rectification or erasure of data
The right to withdraw consent
Head of Compliance & Risk Control
Ludviginkatu 6, 00130 Helsinki
Tel. +358 50 4062254
This policy will be updated as our operations develop or regulations change. If these changes are significant, we will attempt to notify you of them also in other ways, such as by e-mail or by publishing a notification on our website. We recommend visiting our website regularly and reviewing the potential changes of the policy.