Privacy Policy


Novox Oy, Privacy Policy

Under the Data Protection Regulation, the data controller has a duty to clearly inform data subjects.

This document fulfils the information obligation.

1. The data controller

Novox Oy

Contact information:

Tekniikantie 12, 02150 Espoo

Contact information for the register

Novox Oy/Petri Vesanto

Tekniikantie 12 02150 Espoo

050-517 6268

petri.vesanto@novox.fi

2. Registered data subjects

  • Contact persons for customers
  • Contact persons for potential customers
  • Contact persons for partners
  • Contact persons for potential partners
  • Contac persons for subcontractors
  • Contact persons for potential subcontractors
  • Contact persons for suppliers of goods and services
  • Contact persons for potential suppliers of goods and services

3. Purpose of personal data

Criteria for keeping the register:

  • Personal data is processed on the basis of a business relationship (customer relationship, partner, subcontractor, supplier of goods or materials)
  • Personal data is processed on the basis of a potential business relationship (customer relationship, partner, subcontractor, supplier of goods or materials)

Purpose of the processing of personal data and the register

Personal data will only be processed for pre-defined purposes, which are as follows:

  • Business relationship management (customer relationship, partnership, subcontracting relationship, relationship of supply of goods or services)
  • Telling about our services and marketing of services
  • Developing business relationships

4. Personal data to be stored in the register

The register contains the following contact details:

Contact information

  • name
  • address
  • email
  • telephone number
  • the role and position of the contact person in his organization
  • information on the dates of the contacts and the negotiations that took place

5. Rights of the data subject

The data subject shall have the following rights, requests for which shall be addressed to the address set out in point 1:

Right of inspection

The data subject can check the personal data we have stored. Right to rectification of data The data subject may request the correction of incorrect or incomplete data concerning him or her.

Right to object

The data subject may object to the processing of personal data if he or she feels that the personal data has been processed unlawfully.

Prohibition of direct marketing

The data subject has the right to prohibit the use of the data for direct marketing.

Right of removal

The data subject has the right to request the deletion of data if it is not necessary to process the data.

We will process the deletion request, after which we will either delete the data or provide a valid reason why the data cannot be deleted.

It should be noted that the controller may have a statutory or other right not to delete the requested information.

The registrar is obliged to keep the accounting material in accordance with the period (10 years) specified in the Accounting Act (Chapter 2, Section 10). Therefore, the accounting material cannot be deleted before the deadline.

Withdrawal of consent

If the processing of personal data concerning the data subject is based only on consent and not, for example, on the basis of a customer relationship or other business relationship, the data subject may withdraw the consent.

The data subject may appeal against the decision to the Data Protection Officer

The data subject has the right to demand that we therefore limit the processing of the disputed data until the matter can be resolved.

Right of appeal

The data subject has the right to lodge a complaint with the Data Protection Officer if he or she feels that we are in breach of the applicable data protection legislation when processing personal data.

Contact information of the Data Protection Supervisor: https://tietosuoja.fi/en/contact-information

6. Regular sources of information

The information in the register is obtained on a regular basis:

  • Directly from the customer, partner, subcontractor or supplier of goods or services
  • Contacting a potential customer, partner, subcontractor or supplier of goods or services
  • Material published or sent by a potential customer, partner, subcontractor or supplier of goods or services
  • From public lists or registers

7. Regular disclosures

 As a rule, the information is not disclosed for marketing purposes outside Novox Oy. The information is passed on (stored) to the service provider providing our financial management services.

8. Duration of processing

 As a general rule, data is processed for as long as the business relationship is active or we estimate that it will be activated after the break.

As a general rule, the contact details of a potential business relationship will be processed for as long as the contact person is acted in that capacity.

9. Processors of personal data

The information is processed by Novox Oy’s employees and the employees of our financial administration service provider. We may also partially outsource the processing of personal data to a third party, in which case we will ensure through contractual arrangements that the personal data is processed in accordance with applicable data protection legislation and otherwise in an appropriate manner.

10. Data transfer outside the EU

Personal data will not be transferred outside the EU or the European Economic Area unless the service provider complies with the privacy shield regulation.

11. Automatic decision making and profiling

We do not use the information for automatic decision making or profiling.