DATA PROTECTION POLICY
This website is maintained by iQ Payments Oy (‘PayiQ,’ ‘we’ or ‘us’).
This data protection policy concerns our website and your personal data related to its use and processed by PayiQ. We recommend that you get to know this data protection policy in order to find out which personal data we may collect through our website and how we process this data. We may also process your personal data through a service we provide (see below).
PayiQ is required to comply with the EU General Data Protection Regulation and the Act on the Protection of Privacy in Electronic Communications. PayiQ is committed to the protection of your personal data according to the requirements under this Regulation and the Act on the Protection of Privacy in Electronic Communications.
We always process your personal data in a reliable way. We are always open about how we process your personal data. We take all reasonable measures to protect your personal data from misuse and to keep it secure. We will inform you on who you should contact, should you have questions about how your personal data is processed.
Party collecting your personal data:
iQ Payments Oy (2564925-2)
Contact person for matters related to the processing of personal data:
Address: Linnankatu 13a A 18, 20100 Turku
Telephone: +358 10 419 2222
How we collect personal data:
We mainly collect personal data directly from you (for instance as you contact us by telephone, as you send us messages such as e-mails, as you fill in our questionnaires or forms, as you order our publications or as you use our website or our social media pages). We may also collect your personal data concerning the use of our website or process your personal data which you provide in connection with the use of a contact form. If you do not provide us with the personal data we request, we may not be able to offer you a service or procedure you request. The processing of your personal data is based on your consent, which you give by accepting this data protection policy.
In some cases, it may be necessary to collect your personal data from third parties. For instance, we may collect your personal data from your employer if your employer is our customer or wishes to become our customer, or from public sources. The collection of data from third parties is only applicable if it is necessary to provide justified benefits to us or to third parties, such as your employer.
In some cases, the processing of your personal data may be necessary in order for us to meet our statutory obligations.
Which personal data we collect
You do not need to separately register your personal data in order to use our website. We mainly collect personal data which visitors to our websites provide voluntarily and which must be provided for the purposes for which the data is collected. For instance, you may provide us with personal data, such as your name and your e-mail address, to register for the use of certain services we provide, to send us e-mail or to receive e-mail from us through our website.
Some data is necessary in order for us to allow the use of our website and its properties (this includes cookies, which are required in order for us to provide the services you request).
We collect the following personal data:
- name, job title, contact details
- identifiers for the use of the website (IP addresses, cookies etc.)
- objects of interest and behavior on our website
If you wish to receive our news or marketing material or are interested in the services we provide, we may request various contact details depending on the type of material you have requested and permitting us to discuss your needs with you. In this case, the personal data we collect may include your name, your e-mail address, your street address and your telephone number.
If you decide to log in to our website using the login service provided by a third party, confirming your identity and linking us with your social media login details (such as LinkedIn, Google or Twitter), we shall collect data and contents required for registration or login and data and contents which the social media service provider shares with us with your consent. This data may include your name and your e-mail address. We do not collect data belonging to particular personal data groups on our website.
Purposes for which we collect personal data
We shall only process your personal data for purposes indicated in this data protection policy, unless you have separately given your consent to processing for other purposes.
PayiQ collects and processes personal data for various purposes, such as:
- the provision of our services, including technical solutions and applications
- answering your inquiries
- maintaining and enabling a connection to our customers, our partners and stakeholders and keeping them up to date on our services, our product development and other topical subjects
- allowing you to register for various areas on our website
- confirming your identity
- for recruitment purposes
- requesting you to provide feedback
- monitoring the functionality, usability and security of our website
- meeting our statutory obligations or our obligations from the point of view of the authorities
- for internal statistical purposes concerning our databases and their website
- profiling visitors to our website based on user content
- targeting our marketing communications based on the use of our website
- for other purposes related to business activities.
Transfer and disclosure of personal data
We may transfer the personal data you provide via our website to our subcontractors who process your personal data for and on behalf of us (storage, processing or backup of personal data) according to the data protection obligations we follow, including the transfer of personal data across national borders.
We do not disclose your personal data to third parties (other than those mentioned above) unless this disclosure is permitted and required in legislation which binds us.
We do not sell your personal data or otherwise offer it to third parties for their direct marketing purposes.
PayiQ has taken appropriate technical and organizational measures and has appropriate technical and organizational practices for protecting your personal data against misplacement, misuse, modification or destruction.
PayiQ stores your personal data in printed and electronic form. Materials containing personal data are stored in locked premises which are only available to designated individuals whose duties require authorized access to them.
To the extent that the data may not be in a manually written form, the database containing personal data is included in the system which is only available to designated individuals whose duties require authorized access to it. Access to the databases and systems is only possible by means of personal usernames and passwords which are assigned specially for this purpose. We have limited access rights and authorizations to use information systems and other storage platforms so that only individuals who must be able to examine and process them for statutory processing purposes are able to do so. In addition, the database and system usage events are registered to the log data in our IT systems.
Our employees and other individuals processing personal data are committed to meeting the obligation of secrecy and to maintaining the confidentiality of the information received in connection with the processing of personal data.
We shall only store your personal data as long as necessary and to the extent which is necessary in terms of the original or compatible purposes for which the personal data is collected, or until we are requested to delete the data (if this takes place earlier). We take all reasonable measures to ensure that inaccurate, incorrect and dated personal data is deleted or corrected without unnecessary delay.
Usage of Cookies
In terms of the processing of your personal data, you have the following rights:
a) the right to receive our confirmation that your personal data is being processed or not processed, and if such personal data is processed, the right to gain access to your personal data and the following information: (i) processing purposes; (ii) personal data groups concerned; (iii) recipients or recipient groups to whom personal data has been disclosed or to whom it is intended to be disclosed; (iv) where possible, the intended storage period for the personal data or, where this is not possible, the criteria for determining this period; (v) the right to request the correction of your personal data or the limitation of processing your personal data or to oppose such processing; (vi) the right to file a claim with the supervisory authority; (vii) if personal data is not collected from you, all information available on the origin of the data.
b) the right to withdraw your consent at any time without any effect on the legality of the processing carried out based on your consent before the withdrawal takes place;
c) the right to demand that we correct without unnecessary delay any inaccurate and incorrect personal data related to you, and the right to request the completion of incomplete personal data, for instance by providing additional clarification, taking into account the purposes for which the data was processed;
d) the right to oblige us to delete your personal data without unnecessary delay provided that (i) the personal data is no longer required for the purposes for which it was collected or for which it was otherwise processed; (ii) you withdraw your consent on which the processing was based, and there are no other legal grounds for data processing; (iii) you oppose data processing based on your particular personal situation, and there are no legitimate reasons for data processing; (iv) your personal data has been processed in violation of the law; or (v) the personal data must be deleted in order to meet our statutory obligation based on European Union law or national legislation;
e) the right to oblige us to limit the processing of your personal data, if (i) you contest the correctness of your personal data, and data processing will be limited for a period during which we can confirm its correctness; (ii) the data is processed in violation of the law, and you oppose that deletion of your personal data, demanding instead the limitation of its use; (iii) we no longer require the personal data concerned for processing purposes, but you require this data to draft, file or defend a legal claim; or (iv) you have opposed the processing of your personal data on grounds related to your particular personal situation, while waiting for a confirmation of whether the data controller’s justified grounds override the grounds of the registered person;
f) the right to receive the personal data you have submitted to us in a structured, generally used and machine-readable form, and the right to transfer the data considered to another data controller without our preventing it, if the processing is based on the consent referred to in the EU General Data Protection Regulation and if the processing is carried out automatically;
g) the right to file a complaint with the supervisory authority, should you consider that the processing of your personal data is in violation of the EU General Data Protection Regulation.
The requests related to delivering on your rights shall be submitted to our contact person mentioned at the top of our data protection policy. Should you wish to leave our mailing list, you may use our cancellation link which is included in each e-mail.
Changes to the data protection policy
PayiQ regularly monitors this data protection policy and, where necessary, may modify it by updating the information included at its own discretion. Should we update the data protection policy, we shall record the date of the update in the data protection policy. The updated data protection policy shall be in force and applicable to you and your personal data from this date onwards. We recommend that you read this data protection policy regularly in order to be informed of the potential updates. This data protection policy was last updated on 17 April 2018.