Privacy statement | Medita Communication

Got curious?

Visit our office in Helsinki or in Jyväskylä. Or contact us via form, email, text message or by calling.

Call (mon-fri 9-17)
+358 40 830 1821
Send text message
+358 40 830 1821
Send email

hbspt.forms.create({ region: "na1", portalId: "2009444", formId: "15f083ff-ab43-4c21-9d4e-93f172296ac0" });

Registration and data protection statement of Viestäntätoimisto Medita Oy.

Prepared on February 18, 2020, updated on April 4, 2022.

Registrar

Communication agency Medita Oy, Fredrikinkatu 55 A, 00100 Helsinki

Registry name

Customer and marketing register of communications agency Medita

Legal basis and purpose of personal data processing

The basis for processing personal data is a customer relationship or the person’s own consent, in which case the data has been disclosed in connection with a contact, such as downloading material or subscribing to a newsletter. The purpose of processing personal data is to maintain customer relationships, to manage obligations such as communication and invoicing, and to market Medita’s services.

Data content of the register

Information stored in the register may include the person’s name, organization, position in the organization, contact information, information about ordered services and contacts, and e.g. information about interests for the purpose of personalizing the content offered. In addition, we can store information about the visit to our website.

Customer data is stored for the duration of the customer relationship and also for a sufficient time after that to fulfill obligations. In the marketing register, the person’s information is kept for as long as he, for example, continues to subscribe to the newsletter. If the person cannot be contacted, the information will be deleted within a year of the last contact.

IP addresses of website visitors and cookies necessary for the functions of the service are processed on the basis of a legitimate interest, e.g. to take care of information security and for the collection of statistical data of website visitors in those cases when they can be considered as personal data. If necessary, consent is requested separately for third-party cookies.

Regular sources of information

The information stored in the register is obtained from contracts, customer meetings, during telephone calls or from information sent via online forms or e-mail, by telephone, via social media services and other situations where a person discloses his or her information. In addition, we may collect contact information for organizations from public sources or other companies.

Regular transfers of data and transfer of data outside the EU or EEA

Information is not regularly disclosed to other parties. Information is only published if it has been agreed separately with the person. Data can also be transferred outside the EU or EEA when it is stored in the customer and marketing register maintained by the Hubspot CRM system.

Principles of registry protection

All registers are stored in information systems that are protected with personal usernames and passwords and two-step authentication. Service providers such as Hubspot and Google take care of the data security of the servers appropriately. The data is not stored or processed manually. Personal data is processed only by the company’s designated employees, whose duties are data processing is included.

The right of inspection and the right to demand correction of information

Every registered person has the right to check their information stored in the register and to demand the correction of any incorrect information or the completion of incomplete information. If a person wants to check the information stored about him or demand correction, the request must be sent in writing to the controller. Applicants are required to prove their identity before handing over information. As a general rule, the registrar responds to the customer within a month.

Other rights related to the processing of personal data

A person in the register has the right to request the removal of personal data about him from the register (“right to be forgotten”). Those registered also have other rights according to the EU’s General Data Protection Regulation, such as limiting the processing of personal data in certain situations. Requests must be sent in writing to the controller. Applicants are required to prove their identity before handing over information. As a general rule, the registrar responds to the customer within a month.