Data Protection and registry notice
EU:s general data protection regulation (679/2016, “GDPR”)
1. DATA CONTROLLER
IT-Bolaget Åland Ab
Business ID: 2044859-0
+358 18 527 000
2. CONTACT PERSON OF THE REGISTER
Marcus Andersson, CISO
3. NAME OF THE REGISTER
IT-Bolaget Åland Ab Customer register
4. PURPOSES OF THE USE OF PERSONAL INFORMATION
The purpose of the register is
1. Handling, developing and managing client relations;
2. Handling commissions and invoicing;
3. Recruiting. For this part the register consists only of the information delivered by the job applicant and they are stored and processed only for recruiting purposes
5. REGISTER CONTENTS
IT-Bolaget Ålands customers are saved to the client register.
The following data is processed in the register:
- First and last name
- Contact information
- Business identity code
- Information regarding commissions and the material collected or composed for the handling of the commissions. These are for example documents from the client, the authorites, and the documents composed by the IT-Bolaget Åland Ab, communication with the client, sent invoices and the payments.
6. REGULAR SOURCES OF INFORMATION
The information in the register is primarily collected from the registered person.
Additionally, personal data may be gathered from authorities and other reliable sources within the limits of the applicable law.
7. RIGHT OF INSPECTION AND RIGHT TO RECTIFICATION OR RIGHT TO ERASURE
The data subject shall have the right to obtain information of what data, how and for what purposes their data is being processed. Giving the information can be justifiably denied if the request includes information that falls under confidentiality.
The data subject has the right to request the rectification of incorrect or inaccurate data, limitation of data porcessing or the erasure of data. The data subject may exercise his or her right in writing via email or by mail.
8. DISCLOSURE OF PERSONAL DATA
The data in the register may be disclosed forward. Data is only passed forward to the extent that is necessary according to legislation.
9. TRANSFER OF PERSONAL DATA OUTSIDE OF EU OR EEA
The data in the register will not be transferred outside of the EU or EEA.
10. RETENTION OF PERSONAL DATA
Personal data is retained for the time that the client relationship is valid. After the client relationship ends the information is retained for as long as is necessary due to the obligations arising from law, as a rule for at least ten years. Personal data may be retained for a longer time if required by the existing legislation or for another justified cause.
11. PRINCIPLE OF REGISTRY PROTECTION
The data stored in the register is only for the usage of the persons needing them to manage our services and invoicing.
Paper documents including personal data are stored in a locked area.
For the inspection of personal data stored electronically a username and a password is required. Additionally, the internet access is secured.
The data controller may collect data on the use of services through cookies. Cookies are small text files that the browser may save on your device when visiting a website. They are used to keep track of your movement across the site. You can manage your cookie preferences in your browser settings and choose to enable or disable cookies. Disabling cookies may affect the functioning of the website.
The information is received from the user, technically registered use of internet services, third party analytic services such as Google Analytics or public sources of information. Information collected includes the IP-address, location and time of the use of internet services, information about the used device, operating system and software, browser type and language settings, interaction with customer service in different service channels and external web pages from which the user has entered the website from and websites the user moves to from the website. The information is used to improve the service and customer experience and will not be connected to an individual user.
Cookies we use:
- Login data to facilitate the use of the service and functional cookies, such as saving
the settings when logging in which speeds up the use of the service and improves
the user experience
- Analytic cookies: Anonymised information about users provided to Google Analytics,
which allows IT-Bolaget Åland Ab to improve the functionality of the site. An
individual user cannot be identified through the use of these cookies. These cookies
are used to analyze popular pages on the site and possible improvements.
- Targeted cookies or advertising cookies. These do not include personal information.
They allow the operation of cost-effective advertising in, for example, Facebook and
Google services. You may disable these cookies in the cookie banner.
If you wish to delete cookies from the browser or disable their use, you have a right to do so. You should familiarize yourself with the browser settings, as actions are always browser-specific. It is important to note that the disabling of the cookies may affect the effectiveness of the use of services. By allowing cookies, you ensure the effective use of our site.
THE REGULAR DISCLOSURE OF INFORMATION
The information will not be disclosed to third parties, excluding technical management of the online store and as far as necessary to ensure the functioning of the website. The information may be disclosed to a person in the register to see and review. The information may be deleted on request.
PROTECTION OF THE REGISTER
The register will not be disclosed to third parties excluding for functions related to technical management of the website. The register is password protected and encrypted. All internet accesses requiring usernames and passwords are protected https-connections.