INTO SCHOOL Oy is committed to protecting your personal data and processing it in an appropriate manner in compliance with the applicable legislation. With this data protection statement, we explain in more detail how we process your personal data in our operations.
What kind of data do we process?
We collect information from our customers necessary for providing the service, such as the customer's name, address, email address, phone number, social security number, and other billing information.
In addition, we process the following information using the treatment place application, service contract and early childhood education plan:
Child's name, social security number, address;
Information provided by the customer in relation to the service and the need for the service, such as diet, allergies and other information affecting the provision of the service;
Guardians' names, addresses, e-mail addresses, telephone numbers and place of work/study, as well as any other corresponding information of persons related to the customer relationship (such as the name of the backup applicant indicated by the customer); and
Information about the day-to-day events of daycare activities for the exchange of information between the controller and the children's guardians.
Why do we process personal data?
We process personal data in connection with customer care and maintenance, as well as the production and invoicing of services purchased by the customer, as well as the marketing of services to potential customers. According to the EU's General Data Protection Regulation, the legal basis for processing personal data is a contract with a customer or, in the case of potential customers, the basis is a legitimate interest.
In addition, we process personal data to fulfill our statutory obligations, such as for accounting purposes. The information is not used for automated decision-making or profiling.
Where do we get the information we process?
Personal data is collected during the customer relationship and during the work done to create a possible customer relationship. As a rule, information is obtained from the person himself or the person's guardian at the beginning of the customer relationship. Information can also be collected and supplemented with the person's consent from public registers of third parties or other public information sources. Data from potential customers can also be collected in connection with various marketing measures.
We keep our customers' data only as long as it is necessary for our operations or the service we offer, or as long as valid legislation requires.
Disclosure of information
The starting point of our operation is that we do not hand over your personal data to third parties. However, if the applicable legislation so requires, we will hand over personal data to the parties required by the legislation. In addition, we use service providers in our operations to support the service we offer, who, based on this service relationship, can process personal data in accordance with appropriate agreements. Otherwise, we will pass on your data to a third party, always with your consent.
If data is processed in relation to tools on our website or other service providers outside the EU/EEA area, we ensure that an adequate level of data protection is ensured by means of EU model contract clauses or that the level of data protection is ensured in another way.
How do we protect the data being processed?
We take care when processing personal data. Information is kept technically protected and unauthorized access to the information of our customers or potential customers is also prevented, e.g. with the help of firewalls and other technical protection. Personal data is processed only by those persons for whom it is necessary due to their work tasks. Users are bound by a duty of confidentiality.
Rights of the registrant
The person in the register has the right to:
Check the data stored in the register and demand correction of possible incorrect data or completion of incomplete data;
Requests the deletion of their data from the register;
Object to the processing of data in marketing;
Restrict data processing; mixed
Complain about the processing of personal data to the supervisory authority.
We will respond to the request made to us regarding the above matters within the time stipulated in the EU Data Protection Regulation, i.e., as a general rule, no later than one month after the request. Contact can be sent to our contact person, whose contact information can be found below.
INTO SCHOOL Oy
Business ID: FI2919793-5
This document has been created: 1 October 2020