Privacy policy

Privacy policy for corporate and institutional customers and partners

Last modified: 28.10.2024

This Privacy policy helps our corporate and institutional customers and partners (”You” or ”User”) understand what personal data and other information Atria Finland Ltd and Atria Plc (”Atria” or ”We”) collects in connection with the sale of their products and when interacting with their partners.

 

1 Contact details for registration matters

Atria

PL 900, Atriantie 1, Nurmo

60060 Atria

Phone number: 020 472 8111

Email: tietosuoja@atria.com

 

2 What data do we process and what is the purpose and legal basis for processing personal data?

We process the following personal data when selling our products and when interacting with partners:

  • Our customers´ and partners´ contact person’s name, title, role in the organization represented by, email address and phone number
  • Content and relevant information from meetings held with our customers and partners, which we record in relevant systems for the customer relationship and co-operation
  • The content of any message or feedback given in the context of customer feedback
  • Information related to your participation in events and training sessions we organize, such as dietary information you provide, as well as photographs and video recordings taken during events
  • Information about the idea letter or other ordered material
  • Recordings of calls to and from our phone service

 

Atria processes above identified personal data for the following uses: 

  • For the maintenance, care and development of the customer and partner relationship
  • For the processing and delivery of orders
  • For the implementation of product safety
  • For the organisation of events and trainings
  • For communication and sending marketing materials
  • For the sale and development of our services and products

 

The processing of personal data for the purposes specified above is based on implementation of the agreement between Atria and customer or partner and for Atria´s legitimate interest.

 

3 Where do we collect your personal data?

We collect your personal data when you interact with us on behalf of the organization you represent. We may also receive your contract information from our customer or partner or from public sources, such as the website of the organization you represent.

 

In addition, we can collect potential customers and partners representatives’ personal data from other registrars as a disclosure of personal data.

 

4 Who can process your data and do we disclose it to third parties?

Atria uses third-party service providers, such as IT, consulting and marketing service providers, to process the personal data it collects. These partners may act as processors of your personal data in accordance with our instructions, in which case we will contractually bind them not to use your data for their own purposes. In certain circumstances, these partners may also act as a separate, independent data controllers of the personal data necessary to provide the service.

 

In specific exceptional circumstances, Atria may be required to disclose personal data to third parties in situations where required by applicable law or regulation or other order of a public authority.

 

Atria may also disclose personal data in connection with a potential acquisition or business transaction in which Atria or part of it or its operations are sold to the recipient of the data.

 

5 Do we transfer personal data outside the EU or EEA?

We transfer personal data outside the EU or the EEA if it is necessary for the purposes of the processing of personal data or for the technical maintenance of the data. Where personal data is processed outside the EU or EEA, we will ensure that the conditions for transfer set out in the EU General Data Protection Regulation are met. In such cases, Atria will ensure, among other things, that the data it collects is transferred only to third countries or entities whose level of data protection has been committed to the European Commission to be adequate or that the subcontractor has committed to the European Commission's Model Clauses for the processing of personal data and, where necessary, has put in place adequate additional technical safeguards.

 

6 How we protect your data?

All personal data is protected against unauthorized access and accidental or unlawful processing in accordance with Atria's data security policy.

 

Information security is a process for ensuring the confidentiality, integrity and availability of information. At Atria, information security is managed in accordance with the Group's information security policy. The information security policy applies to all information assets and related processes that Atria manages or processes.

 

This applies to data processing relating to Atria and its staff, as well as to its partners and customers. Atria's systems and processes are highly secure and protected against data breaches and denial of service attacks.

 

Personal data is maintained on a secure server. The data is collected in databases protected by firewalls, passwords and other technical means. These protections include, among others, password protection, which allows access to the stored data only to Atria employees and Atria partners who have been explicitly authorized by Atria to do so. The register is appropriately protected in accordance with industry standards and through technical and organizational security systems. While Atria makes its best efforts to protect the information it collects, it cannot guarantee that the information will be absolutely secure when processed, transmitted or stored. Atria will notify you on its website or through its other services of any potential security threats that may jeopardize the security of your personal data. Atria may also temporarily shut down online services to protect your personal data.

 

Atria staff are obliged to keep all personal data strictly confidential.

 

7 How long we will store your data?

We store the personal data we process only for the time necessary to fulfil the purposes of use specified in this Privacy Policy. In addition, we may store some data for longer periods to the extent necessary to fulfil our legal obligations.

 

We regularly assess the necessity of storing data in the light of applicable law. In addition, we will take reasonable steps to ensure that no personal data relating to data subjects that are incompatible with the purposes of the processing, outdated or inaccurate are kept in the register. We will correct or destroy such data without undue delay.

We store customer and partnership-related data for the duration of the customer and partner relationship and thereafter as required by Accounting Act, Product Liability Act, or other laws affecting data retention periods. We store data about event participants until the end of event.

 

8 What are your rights as a data subject?

You have the right to request your personal data to be rectified, supplemented or deleted from the register if the data is incorrect, unnecessary, incomplete or outdated in relation to the purpose of the processing of personal data. Atria will also take the above measures on its own initiative. The Data Subject also has the right, under certain conditions, to request the restriction of processing, to object to the processing of personal data or to request the transfer of their personal data to another system.

 

To the extent that the processing is based on consent, you also have the right to withdraw or modify your consent at any time. Withdrawal of consent does not affect the lawfulness of the processing that took place before the withdrawal of consent.

 

For specific personal reasons, you also have the right to object the processing of your personal data where the basis for the processing is a legitimate interest. When making your request, you should identify the specific situation on the basis of which you object to the processing. We can only refuse to comply with an objection request on the grounds provided for by law.

 

If you become aware of any deficiencies or unlawfulness in our processing of your personal data, you have the right to file a complaint with the Data Protection Authority at tietosuoja@om.fi.

 

The above requests, refusals and withdrawals can be made by submitting them in writing as signed by you to address tietosuoja@atria.com. The request must include data subject´s name and contact information. In order to to ensure data protection, you will be required to prove your identity upon request.

 

9 Amendments to this Privacy policy

We may update this Privacy Policy from time to time and will post any changes on this page. When we change this Privacy Policy, we will also change the date on which the changes take effect. If the changes are significant, we will also post them on our websites.

 

10 Cookie management

When you visit our website for the first time, you agree to the use of essential cookies. To use other cookies and similar technologies, you must give your explicit consent to their use in our cookie notice. On subsequent visits, your browser will read the cookie stored on your computer and transmit the data back to the website.

 

You can manage your consent status for the use of cookies on the Cookie Notice on the Atria website.

 

For more information about how we process your personal data and how you can contact us, please see the Privacy Policy above. 

Please provide your consent ID and date when contacting us regarding your consent.

Your consent applies to the following areas: www.atriafromfinland.com