Privacy protection

Content:

  • Privacy policy
  • Regular sources of data
  • Cloudia as a controller
  • Rights
  • Data protection and the storage of data
  • Cloudia as a processor of personal data
  • Subcontractors and the disclosure of personal data
  • Changes to the privacy policy
  • Controller of the customer register and contact requests
  • Cookie policy

Privacy policy

We at Cloudia respect your privacy. In this privacy policy, we explain your privacy-related rights and our commitment to protecting your personal data.

Cloudia operates according to the strictest information security and data protection standards. We know our customers’ quality requirements, which is why we also take our own operations, the quality assurance of our own services and privacy protection seriously. We have been granted with the information security management system certification (ISO 27001), quality management system certification (ISO 9001) and environmental management system certification (ISO 14001). In addition, Cloudia’s services have been granted the Government Information Security Management Board’s VAHTI2-level information security.

From the beginning of our operations, we have paid attention to the reliable and safe processing of our customers’ personal data. Our clients include Parliament of Finland, Bank of Finland, The Finnish Defence Forces and various ministries, so our information security must be on the highest level possible.

The systems we use are fully reliable, and in all our operations, we also comply with the legislation, regulations and stipulations of all our market regions. Our operations and services comply with the requirements of the EU General Data Protection Regulation (GDPR). Read more here

Privacy-related decisions at Cloudia are made on the management level together with the data protection officer and a lawyer.

This privacy policy is available on cloudia.fi and cloudia.com websites.

Applying the privacy policy

This privacy policy is applied to all of Cloudia’s business operations as well as websites, domain names and cloud services.

The personal data that Cloudia Ltd collects from customers or potential customers may include the following: name, mailing address, email address, telephone number, date of birth, fax number, nationality, contact language, task and position in the company, data related to customership and contractual relationship such as order and purchase data in different channels or ordered services, data necessary for invoicing and collection, profiling data provided by the customer as well as other data that is necessary to maintain the service.

Please, do not use Cloudia’s website or our services if you do not accept the processing of personal data carried out by us as referred to in the privacy policy.

Regular sources of data

Cloudia processes personal data of job-seekers, customers, software users, contact persons and potential new customers who contact us or leave us their contact details through Cloudia’s websites and portals or other channels.

Customers provide the collected data as they register. Cloudia Ltd can also collect data from public official registers (for example, the Finnish Patent and Registration Office’s Business Information System YTJ) and other publicly available data sources.

Cloudia as a controller

Name of the register: Cloudia Ltd’s customer register

Cloudia is the controller when it defines the purpose of use of your personal data and the used methods. Cloudia is the controller also when it collects personal data of you as a job-seeker, customer or representant of a potential customer or a software user.

The purpose of processing personal data

Information on users registered as Cloudia Ltd’s customers or potential future customers is stored in Cloudia Ltd’s customer register. The information is also used to take care of and maintain the customer relationship, for marketing purposes and to develop Cloudia Ltd’s business operations and the customer relationship.

The grounds for processing personal data is an agreement between the parties and legitimate interest based on managing the customer relationship between the parties.

Cloudia Ltd may also use your personal data in other ways if the customer gives separate consent to this. Cloudia Ltd can combine the provided information with information collected by Cloudia from other sources.

Rights

Your right to withdraw consent to marketing communication

You have the right to withdraw your consent and stop receiving marketing communication from Cloudia. You can do this in the following ways:

  1. In a marketing email you have received, click the link “unsubscribe”
  2. Contact us by email at: communications@cloudia.com

Please note that as a user of Cloudia’s services, if you withdraw your consent to receive marketing communications, you may still receive administrative communication from Cloudia, such as order confirmations, information on product updates etc. and notifications related to the administration of your account or services offered to customers.

Right of access

You have the right to access your personal data by asking for a summary of the personal data we process by sending an email to Cloudia Ltd’s email address, which is available in the Privacy policy. You can also request access personally at the controller’s premises. You also have the right to ask Cloudia to rectify inaccurate information in your personal data. If you have control rights to Cloudia’s services, you can edit your data in the service yourself. Only the party in question can edit their data with their username and password.

Other rights related to the processing of personal data

The customer has the right to request to have their personal data erased from the register as well as to have it transferred to another company. The customer has the right to restrict the processing of personal data and to object the processing of personal data.

Cloudia Ltd emphasizes that providing information and allowing its processing may be a prerequisite of the introduction or use of the service. Cloudia Ltd has the right to interrupt offering the services or prevent access to the services if the customer does not provide information that is relevant to the service or demands that it is erased.

We kindly ask you to send any requests related to the above-mentioned actions to juha.levo@cloudia.com.

The customer has the right to lodge a complaint with a supervisory authority if they consider that the processing of their data infringes the data protection legislation.

Data protection and the storage of data

We at Cloudia ensure the confidentiality and integrity of the personal data we process as well as the availability of the data according to data protection legislation.

  • The company has appointed a data protection officer. We also work in close cooperation with a law firm on matters related to data protection.
  • Each employee completes a data protection training as they start working for us.
  • Access to customers’ personal data is provided only for those employees who have the need to process personal data according to obligations in the legislation or service agreements.
  • Personal data is stored in Cloudia Ltd’s server environment appropriately protected and secured.
  • Cloudia Ltd’s technical, administrative and physical processes have been designed to protect personal data from personal data breaches.
  • Cloudia Ltd protects personal data appropriately in its own systems, but the customer is responsible for ensuring that their own computer system, network connection and other processes are information secure.
  • Access to Cloudia’s premises is monitored with access control and video monitoring systems.

For how long do we store your personal data?

Cloudia Ltd stores personal data only for as long as the data can be considered necessary for the purposes of use described in this policy, unless it is legally required or allowed to store the data for longer than this.

Cloudia as a processor of personal data

Cloudia offers various services to its customers. Most of our services include processing of our customers’ data, and later on, this data will be referred to as personal data. Our customers define the purposes of use instead of Cloudia, which makes the customer the controller. In this case, Cloudia is the processor of personal data and processes the data on behalf of the customer and according to the instructions provided by the customer. Operations of the customer acting as the controller and Cloudia acting as the processor are governed by a data processing agreement.

Obligations of the customer and Cloudia

When the customer acts as the controller, they will ensure the legal grounds of the processing of personal data according to applicable data protection laws. The customer also assesses and defines the risks caused to data subjects by the processing of personal data. In addition, as the controller, the customer must comply with the communication obligation related to data subjects.

Cloudia is included as a natural part of the customer’s obligations as the controller, as Cloudia’s services are part of the processing of personal data, and as the controller, the customer must ensure that the processing of personal data corresponds to applicable data protection laws. For this reason, Cloudia must comply with the data protection laws applied to processors of personal data when it processes personal data on behalf of its customers.

In short, the customer and Cloudia commit to cooperation to ensure the privacy of the data subjects. Cloudia presents the customer with the necessary data in accordance with applicable data protection laws.

Subcontractors and the disclosure of personal data

Cloudia Ltd does not disclose data to third parties subject to the terms and conditions of this policy.

Cloudia Ltd has the right to disclose personal data to Cloudia Ltd’s partners taking part in service production in order to provide the service. Cloudia Ltd can also disclose information in anonymous form for research purposes.

Cloudia Ltd is additionally entitled to use or disclose information if this is necessary to comply with a law or regulation or due to another legal request.

Cloudia Ltd does not transfer data outside the EU or EEA.

When using subcontractors, Cloudia signs a Data Processing Agreement (DPA) with them to protect your privacy-related rights and to comply with its obligations in relation to its customers.

Changes to the privacy policy

If we make changes in the privacy policy, we will publish the updated policy here together with the date of the new version. We recommend that you read the privacy policy regularly. If we make essential changes to our privacy policy that change our data protection processes significantly, we might also notify you in another manner, for example, by email or by publishing an announcement on the company website and/or in social media before the changes take effect.

This privacy policy was last updated on August 30, 2019.

Controller of the customer register and contact requests

Cloudia Ltd
Business ID: 1088146-2
Länsikatu 15, FI-80110 Joensuu, Finland
Tel: +358 (0)20 766 1077
Email: info@cloudia.fi

Data protection officer:
Juha Levo
E-mail: juha.levo@cloudia.com
Tel: +358 (0)40 679 2378
Address: Länsikatu 15, FI-80110 Joensuu, Finland

Your opinion matters to us. If you have questions or comments related to our privacy policy or concerns related to data protection or the use of data that we have not issued thoroughly or if you suspect that your privacy has been violated, kindly contact us by email at juha.levo@cloudia.com. You can also contact us by writing to us at Cloudia Ltd, Länsikatu 15, FI-80110 Joensuu.

Your requests and complaints are handled confidentially. Our representant will contact you and let you know how we can solve the matter. Our aim is to process complaints promptly and appropriately.

Cookies

Cookie policy

We track the use of our website with cookies. Below, you will find some additional information on cookies. If you do not accept these terms, please, do not use our website.

What are cookies?

In this policy, “cookies” refer to cookies or related techniques referred to in the EU directive on the protection of privacy in the electronic communications sector.

Cookies are small text files that are stored on your computer, smartphone or other terminal device as you visit our website. With the help of cookies, we can identify your computer/IP address and gather data on the sites you visited and the functions you used.

With the help of cookies, we can, among other things, identify your device as you return to the website, remember your preferences and selections, improve your user experience and adapt the ads on our sites and potential other services.

The collected data includes the browser you are using, the device’s operating system and the length of the visit. By using our website, the visitor accepts the use of the cookies. If they wish, the user of the website has the possibility to prevent the use of cookies by changing the settings of the browser they are using.

Cookies help us calculate the total number of visitors to our website and track the use of our service and website. This helps us improve our service.

We use cookies that make it easier for you to use our service and website by, for example, remembering usernames, passwords and (language) selections. We also use tracking and analytics cookies to track how our users experience the service we offer. We may utilize cookies also to target marketing (such as remarketing) as well as to optimize marketing.

Our website uses Google’s cookies. The data collected by these cookies is transferred and stored on Google’s servers, some of which may be located outside the EU, in which case local data protection legislation will be applied to this data.

How do I remove cookies?

Most web browsers allow cookies automatically. You can prevent the use of cookies in your browser or set your browser to warn you when a website tries to install cookies. Please note that if you do this, Cloudia’s website might not function correctly. For further information on cookies and how to remove them, visit www.allaboutcookies.org. Instructions on how to remove cookies from different browsers is available at the below addresses:

Instructions for Internet Explorer
Instructions for Mozilla
Instructions for Chrome
Instructions for Safari

You can opt out of Google’s use of cookies or device identifiers by visiting Google’s Ads Settings. Alternatively, you can opt out of a third-party vendor’s use of cookies by visiting the Network Advertising Initiative opt-out page or control the use of device identifiers by using your device’s settings. You can opt out of Google Marketing Platform’s use of cookies by visiting the Google Marketing Platform opt-out page or the Network Advertising Initiative opt-out page. To prevent your data from being used by Google Analytics, you can use the Google Analytics opt-out browser add-on.

Changes

We will notify you of any changes to the use of cookies here. We might also highlight the changes on our website.

Contact us
to build your strategic suite