RFM Creative Agency

Privacy Policy

This is the privacy policy and data protection statement of Mainostoimisto RFM Oy, prepared in accordance with the Finnish Personal Data Act (Sections 10 and 24) and the EU General Data Protection Regulation (GDPR). Prepared on May 24, 2018.

1. Data Controller

Mainostoimisto RFM Oy (Business ID 2691069-4)
Keilaranta 1, 02150 Espoo, Finland

2. Contact Person Responsible for the Registry

Heta Koivula, tel. +358 40 7365824, if.mf1739215591r@alu1739215591viok.1739215591ateh1739215591

3. Name of the Registry

Mainostoimisto RFM Oy Customer Registry

4. Legal Basis and Purpose of Processing Personal Data

The legal basis for processing personal data is the customer relationship with RFM.

Personal data is used for Mainostoimisto RFM Oy’s communication with customers and for marketing purposes. Personal data may also be processed for business analysis, reporting, and for purposes related to business development.

5. Content of the Registry

The registry contains the following information: name, position, company/organization, contact details (phone number, email address, address), website URLs, IP address of the internet connection, social media profiles/identifiers, information on ordered services and their changes, billing information, and other information related to the customer relationship and ordered services.

6. Regular Data Sources

The information stored in the registry is obtained from the customer, e.g., through messages sent via website forms, by email, by phone, from contracts, or in customer meetings.

7. Regular Data Disclosures and Data Transfers Outside the EU or EEA

Mainostoimisto RFM Oy does not regularly disclose registry data to third parties. However, data may be disclosed occasionally in accordance with Finnish law. Data will not be transferred outside the EU or the EEA.

8. Principles of Registry Security

Mainostoimisto RFM Oy takes care to handle the customer registry with due diligence, ensuring that data processed via information systems is appropriately secured. When registry data is stored on internet servers, the physical and digital security of the hardware is appropriately managed. The data controller ensures that stored information, server access rights, and other critical personal data are handled confidentially and only by employees whose job description requires it.

9. Right to Access and Rectify Data

Every individual registered has the right to check the information stored about them and request the correction of any erroneous or incomplete data. If a person wishes to inspect or rectify their data, a written request should be sent to the data controller (if.mf1739215591r@alu1739215591viok.1739215591ateh1739215591). The data controller may request proof of identity if necessary. The data controller will respond to the customer within the time frame set by the EU’s General Data Protection Regulation (usually within one month).

10. Other Rights Related to Personal Data Processing

Individuals registered have the right to request the deletion of their personal data from the registry (“right to be forgotten”). Requests should be sent in writing to the data controller at if.mf1739215591r@alu1739215591viok.1739215591ateh1739215591. The data controller will respond to the request within the time frame set by the EU’s General Data Protection Regulation (usually within one month).