Data Protection Policy for North Patrol
North Patrol Oy
Fabianinkatu 31 C, 4th floor
Data Protection Officer
+358 50 307 4044
Customer and Stakeholder Register of North Patrol Ltd
Purpose of processing personal data
The information of the Register is used to maintain the customer relationship, contacting customers, sales and marketing work, contact management, managing newsletter and blog subscriptions and saving project contacts.
Personal data in the Register
The Register contains personal information of contact persons from present and potential customer organizations and other stake holder organizations of North Patrol. Personal data may contain name, title, organization information, contact information (phone number, email address, address), relevant contact history, notations regarding to marketing (for example newsletter subscription) and project participation.
Collection of data
The vast majority of the personal information in the Register is collected from the contact persons themselves for example by email, web forms, phone, in meetings and other situations where the person her/himself or the organization gives information. Information in the Register can be gathered and updated also from other sources (web pages, RFPs, proposals, governmental Registers etc.).
We do not generally share your data with any third-party service provider outside North Patrol.
Transferring information outside the EU/EEA
We may disclose your personal information also with third parties acting as data controllers where required by law, where it is necessary to administer the relationship with you or where we have another legitimate interest in doing so. All our third-party service providers are required to take appropriate security measures to protect your personal information and are not allowed to process your personal information for their own purposes.
Our external third parties may be based in the US, so their processing of your personal data will involve a transfer of data outside the European Economic Area (EEA). Whenever we transfer your personal data out of the EEA, the service providers are required to be part of the Privacy Shield which requires them to provide similar protection to personal data shared between the Europe and the US.
Data protection principles
The data Register is handled carefully, and the data in the information systems is properly protected. Backup procedures, technical security against hacking and burglary protection are taken care by professional service providers.
Only employees appointed by the Data Controller can access the data of the Register. All employees have signed an NDA, in which an employee commits not to reveal any piece of confidential information she/he has got to know at work.
Rights of access, rectification, erasure, and restriction
Each person whose personal data is saved in the Register has a right to inspect data about her/him and request a correction of a possible incorrect information, supplementing of an inadequate information, or erasure of unnecessary information for handling. A registered person also has a right to deny the Registrar to handle her/his personal data, use of direct mail, remote sales, and other direct marketing including marketing and opinion surveys.
If a person wants to inspect their information or to correct their information, the request must be sent by letter or by email to the Data Protection Officer of the Data Controller. The Data Controller may have to ask the requester to prove her/his identity. The Data Controller answers within the the time defined in the EU Data Protection Regulation (usually within one month).
It is possible to disable Cookies. Disabling can be done by changing the web browser settings.
This is a General Privacy notice
Composed 2018-05-22. Last change 2018-05-22.