Koy Kalajoen Vuokra-asunnot (hereinafter referred to as KVA) is committed to protecting the privacy of the users of its services in compliance with the Personal Data Act (523/1999), the Information Society Code (917/2014) and other applicable legislation. We are also committed to compliance with self-regulation within the branch, such as the direct marketing guidelines issued by the Data & Marketing Association of Finland (ASML) and the self-regulation guidelines concerning targeted online marketing issued by the Interactive Advertising Bureau (IAB).
The user consents to the terms of this privacy statement by continuing to use the service. If the user does not consent to these terms, the user is not entitled to use the service.
1. WHAT KIND OF INFORMATION IS COLLECTED ABOUT ME?
We collect necessary personal data on the user in terms of the purpose of processing described in section 3 of this privacy statement.
User personal data:
- contact details, such as name, address, telephone number, e-mail address, social security number
- register data required by the digital account, such as user ID, handle, password and any other identifying data
- demographic information, such as age, gender, title or profession and mother tongue
- information concerning the customer relationship, such as invoicing and payment details, product and order details, customer feedback and contacts, sweepstakes and competition submission data and cancellation data
- recorded customer service phone calls
- profiling data and information on interests provided by the user
- permits and consents
- preference information
- other information collected by consent from the user
Information describing the use of the service:
- information concerning the service and an identified user, such as the usage and browsing data concerning service features. Users authenticated via a digital account are usually identified by a randomly generated sequence of numbers.
- information collected with the help of cookies and other similar means, including the page browsed by the user, the page from which the user entered our site, device model, individual device and/or cookie identifier, channel (internet browser, mobile browser, application), browser version, IP address, session ID, session time and duration, as well as display resolution and operating system
- location data, such as coordinates calculated based on GPS or WLAN access points or the mobile network base station, if the user has given express permission to do so.
We record data on the user’s name, title and profession, age, gender and mother tongue, one identifier connected to them as well as contact details for contacting the user in our marketing register.
2. WHICH SOURCES ARE USED TO COLLECT DATA ON ME?
Primarily, personal data is collected directly from the user in connection with placing an order or registering with the service or later on during the customer relationship. With the help of the techniques described below, we may also collect information on how the user uses our services.
3. WHY IS MY PERSONAL DATA COLLECTED?
We only process personal data for predetermined uses, which are primarily the following:
- Products and personalisation: We provide users with network services and purchase locations. We may also customise some of our services and recommend content that might interest the user.
- Product development: We constantly develop the user interfaces and user experience of our products and services. We implement questionnaires and conduct consumer surveys, as well as generate reports to support corporate decision making.
- Offers, purchasing and customer service: We help the user find interesting offers, deliver the products or services they have bought and aim to serve users as personally as possible.
- Targeted digital advertising: We display advertising that is likely to interest the user.
4. HOW LONG WILL MY DATA BE STORED?
We store user data only for as long as necessary in order to fulfil the purposes specified in section 3 in accordance with valid legislation and the record management plan (TOS) of the organisation.
5. WHO PROCESSES MY PERSONAL DATA?
KVA may process personal data in accordance with the valid Personal Data Act at any time. We may also outsource the processing of personal data to a third party in part, in which case we guarantee through contractual means that personal data is processed in accordance with personal data legislation and otherwise appropriately.
As a rule, we do not transfer data outside the EU or the EEA. If we transfer data outside the EU or the EEA, we will ensure the sufficient level of protection of the personal data by agreeing on the matters related to the confidentiality and processing of personal data in a manner required by legislation, by utilising standard clauses approved by the European Commission, for example, and, otherwise, so that the processing of personal data is carried out in accordance with this privacy statement.
We only share information with third parties in instances specified in section 6.
6. IS MY PERSONAL DATA SHARED WITH THIRD PARTIES?
We do not sell, rent or share the personal data of an identified user to third parties in any circumstances, with the exception of what has been specified below.
User data can be shared to third parties if the user has given their permission to do so.
We may also share the personal data of users in accordance with requests by competent authorities or other parties, in so far as the requests are based on valid legislation at the time. We may also share data for the purposes of scientific or historical studies, provided that the data have been modified so that the data subjects are no longer identifiable.
If we sell, buy, merge or, otherwise, reorganise our business operations, the user’s personal data may be shared with the buyers and their advisors.
7. HOW IS MY PERSONAL DATA PROTECTED?
We employ the necessary technical and organisational data security measures to protect personal data from unauthorised access, sharing, destroying or other unjustified processing. These measures include firewalls, encryption techniques, the use of secure equipment bays, appropriate access control, controlled assignment of access rights and their monitoring, the instruction of personnel involved in processing personal data and the careful selection of sub-contractors.
We may collect information on the user’s terminal device with the help of cookies and other similar techniques, such as the local data repository of the browser, for example. A cookie is a small text file that the browser saves on the user’s terminal device. Cookies often contain an unnamed, individual identifier that we can use to identify and count the browsers visiting our website.
9. CAN ANOTHER PARTY COLLECT INFORMATION ABOUT MY VISIT TO THE KVA WEBSITE?
Third parties refer to parties outside KVA, such as advertisers, advertising networks and measurement and monitoring service providers. These third parties may save cookies on the user’s terminal device for the purpose of offering targeted advertising to the user when the user uses our services or for collecting statistical information on visitors to certain websites, for example. Because the user’s browser requests third party advertisements from a server outside KVA, these third parties may view, edit or place their own cookies as if the user were visiting their website. We strive to guarantee that these third parties abide by valid legislation at any time, as well as the self-regulation guidelines of the industry through contractual means.
10. WHAT ARE MY OPTIONS IN INFLUENCING THESE MATTERS?
Opting out of direct marketing
The user has the right to forbid the sharing and processing of their information for the purposes of direct advertising, distance selling and other direct marketing by contacting our customer service.
The user has the right to inspect the information recorded about them. If requested by the user, we will rectify, delete or complete any faulty, unnecessary, insufficient or outdated personal data in terms of the purpose of processing. The user may update and/or inspect their personal data by contacting our customer service.
The user has the option to disable cookies by modifying their browser settings. Disabling cookies may, however, affect the functionality of our services.
The user may clear cookies in their browser settings. By clearing cookies regularly, the user replaces the identifier used to create a profile of the user. Clearing cookies will not, however, stop data collection completely, but rather reset the profile based on earlier behaviour data.
11. CAN THIS PRIVACY STATEMENT BE CHANGED?
We are constantly developing our services and we reserve the right to change this privacy statement by communicating the changes in our services. These changes may also be based on changing legislation. We recommend reading the content of the privacy statement carefully.
12. WHOM CAN I CONTACT?
You can contact our customer service, whose contact details can be found on our website.
The user may also send any question they may have concerning this privacy statement and any complaints concerning targeted advertising to: