PRIVACY STATEMENT – FIMX SERVICE USER REGISTER

  1. Controller
    • FIMX Ltd (Business ID: 0946189-0)
  2. Contact Details for Register-related Matters
    • FIMX administration, email: info@fimx.fi
  3. Name of Register
    • FIMX Service User Register
  4. Content of Register
    • The FIMX Service User Register contains information provided by Data Subjects or created at the request or consent of Data Subjects. Natural persons can register to use the FIMX Service. The register can contain the following information that is collected as appropriate depending on the user type:
    • — basic information, including first and last names
      — photo of user
      — place and date of birth
      — language
      — contact information (postal address, phone number and email addresses)
      — employee and organisation information (e.g. organisation, personal ID, supervisory ID, tax registration number, workplace, team, area of duty, areas of competence and educational background)
      — information related to customer relationship management, such as customer communication and messages (feedback)
      — IP address and other possible technical data (including log information, geographic data, location data and cookies)
      — FIMX Service user ID and password
      — consent or refusal of direct marketing
    • You can also register for the FIMX Service using e.g. Google, Facebook and Microsoft user credentials, in which case the email address and authentication key of the identification service in question will be included in the register data.
    • If the user also acts in the role of a resident in the FIMX Service, resident related data (e.g. moving information, rental liabilities, possibly a personal ID number and living permit information, as well as any necessary additional housing information, such as given keys, water, parking, sauna and laundry room fee information and information contained in rescue plans) will also be collected.
  5. Regular Sources of Information
    • Our primary sources of information are the Data Subjects themselves, who, for example, may provide personal data via the FIMX Service or the website of FIMX or a third party or by completing forms as part of various events or campaigns organised by FIMX Oy, or by telephone during customer service calls. Information is also collected from organisations registered for the FIMX Service, which may record information through the FIMX Service, or by FIMX Service users, based on data subject’s consent, customer relationship or other legitimate interest. In special cases, data can also be collected from the registers of the authorities, such as the Population Register Centre.
  6. Disclosure of Data
    • FIMX may only disclose FIMX Service User Register data within the limits of relevant legal provisions or normal functions of the FIMX Service, taking into account the requirement of necessity and within the limits permitted or obligated by the terms and conditions.
    • FIMX does not process personal data outside the EU or EEA. Notwithstanding the foregoing, the provider of Microsoft Azure service used by FIMX for the provision of FIMX Service may process personal data in certain specific cases also from outside the EU or EEA due to the nature of a public cloud infrastructure. Microsoft complies with the requirements set out in the General Data Protection Regulation of the EU, including the protection of personal data by using appropriate technical and organisational measures. Lawfulness of personal data transfers is ensured by Microsoft's terms and conditions and Standard Contractual Clauses adopted by the Commission.
    • Only registered organisations and users can be authorised to access the personal data in the FIMX Service in accordance with the normal functions of the FIMX Service and within the scope specified in the terms of use. These organisations and users only have access to the data directly or indirectly relevant to the organisation or user in question and their access rights are limited. The organisations registered for the FIMX Service act as parties who process data and are thereby bound by the instructions provided by FIMX as well as legal obligations.
  7. Changes
    • FIMX regularly investigates and assesses its processing of personal data as part of its business development and in connection with any legal amendments. FIMX is unilaterally entitled to change this privacy statement by providing notice of the matter in an expedient manner. The user must expressly approve or reject the changes. If the user rejects the changes, the use of the FIMX Service will no longer be possible.