Privacy Policy

This is Emiva Media Oy’s privacy policy in accordance with the EU General Data Protection Regulation (GDPR).

  1. Data Controller
    Emiva Media Oy
    Business ID: 3128594-2
    contact@emivamedia.com

  2. Contact Person for the Register
    Emma Ivane
    contact@emivamedia.com

  3. Name of the Register
    Customer Register in accordance with Section 19 of the Finnish Personal Data Act

  4. Purpose of Personal Data Processing
    The legal basis for processing personal data under the EU General Data Protection Regulation is:

  • The individual’s consent

  • Employment or customer relationship

The purpose of processing personal data is to communicate with customers, maintain customer relationships, and for marketing purposes.

  1. Contents of the Register
    The data stored in the register includes:

  • Name, position, company/organization, contact details (phone number, email address, physical address), website addresses, IP address, social media profiles, information about ordered services and their changes, billing information, and other data related to the customer relationship and ordered services.

The data will be stored only for as long as necessary and will not be kept longer than needed considering the purpose of processing. Individuals can request the deletion of their data.

The IP addresses of website visitors and cookies necessary for the operation of the service will be processed based on legitimate interest, e.g., for ensuring security and collecting statistical data about website visitors, in cases where they can be considered personal data. Consent for third-party cookies will be requested separately when needed.

  1. Regular Sources of Information
    The data stored in the register is collected from customers through web forms, email, phone, social media services, contracts, customer meetings, and other situations in which the customer provides their data.

Information about contacts at companies and other organizations may also be collected from public sources such as websites, directory services, and other companies.

  1. Regular Transfers of Data and Transfers Outside the EU or EEA
    Data will not be disclosed to third parties. Data may be published to the extent agreed with the customer.

Data may be transferred by the data controller outside the EU or EEA.

  1. Principles of Register Protection
    The register is processed with care, and data handled via information systems is appropriately protected. When data is stored on internet servers, the physical and digital security of the equipment is ensured. The data controller ensures that stored data, server access rights, and other critical data regarding the security of personal data are handled confidentially and only by employees whose job responsibilities require it.

  2. Right of Inspection and Correction
    Each individual in the register has the right to check the data stored about them and request corrections to any incorrect data or the completion of incomplete data. If an individual wishes to inspect or correct their data, they must send a written request to the data controller. The data controller may request the requester to verify their identity if necessary. The data controller will respond to the customer within the time frame set by the EU data protection regulation (within one month).

  3. Other Rights Related to Personal Data Processing
    Individuals in the register have the right to request the deletion of their personal data from the register (“right to be forgotten”). Additionally, data subjects have other rights under the EU General Data Protection Regulation, such as the restriction of personal data processing in specific situations. Requests must be sent in writing to the data controller. The data controller may request the requester to verify their identity if necessary. The data controller will respond to the customer within the time frame set by the EU data protection regulation (within one month).