This is a statement on the processing of your personal data pursuant to the EU’s General Data Protection Regulation (679/2016).
Visentools Project
address: Otakaari 5A, 02150 ESPOO tel. +358405847654
email address: thomas@epicmeets.io
We request that data subjects contact the person listed hereinabove for all questions related to the processing of personal data and situations related to the exercising of your rights.
The legal basis for the processing of personal data is:
The consent to the processing of personal data provided by the data subject
The contractual relationship between the data subject and controller
The purposes of processing personal data include the right to attend and invite to meetings or other types of sessions using the epicMeets app and contacting meeting attendees in issues regarding the meetings.
The controller only collects mock data for testing purposes.
The following mock data concerning the data subjects is processed:
First name, Family name
Email address
Data regarding the app usage
Videos of team working uploaded during the meeting
The controller processes mock data in a manner that aims to ensure the appropriate security of the personal data, including their protection against unauthorised processing and accidental loss, destruction or damage.
The controller uses appropriate technical and organisational safeguards in order to achieve this goal; these include the use of firewalls, encryption techniques and safe equipment rooms, appropriate access control, careful management of data system user IDs, and providing instructions to the personnel participating in the processing of personal data.
All employees processing personal data have a non-disclosure obligation for matters related to the processing of personal data of the data subjects based on the Employment Contracts Act (55/2001) and non-disclosure agreements that supplement it.
The controller will delete the mock data immediately after completing the test sessions.
The controller may have an obligation to process some personal data belonging to the filing system for longer than stated above in order to comply with the legislation or authority requirements.
The processing of mock data contains profiling. Profiling refers to the automatic processing of personal data wherein the data is used to assess specific characteristics of the data subject. The data subjects are profiled in order to better target direct marketing and other communications to suit their interests.
Right to request access to personal data
The data subject has the right to receive confirmation regarding whether personal data concerning them is being processed and, if it is, the right to receive a copy of their personal data.
Right to rectification
The data subject has the right to request that inaccurate and erroneous personal data concerning them be rectified. The data subject also has the right to supplement incomplete personal data by submitting the required additional information.
Right to erasure
The data subject has the right to request erasure of personal data concerning them if
a. the personal data is no longer required for the purposes for which they were collected;
b. the data subject withdraws their consent which the processing of personal data was based on, and no other legal basis exists for the processing; or
c. the personal data has been unlawfully processed.
Right to restriction of processing
The data subject has the right to restrict the processing of personal data concerning them if
b. the processing is unlawful and the data subject opposes the erasure of the personal data and requests the restriction of its use instead; or
c. the controller no longer needs the personal data for the purposes of the processing, but it is required by the data subject for the establishment, exercise or defence of legal claims.
Right not to be subject to a decision based solely on automated processing
The data subject shall have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning them or similarly significantly affects them.
The above shall not apply if the decision is necessary for the creation or execution of an agreement between the data subject and the controller, or if it is based on the explicit consent of the data subject.
Right to withdraw consent
The data subject has the right to withdraw the consent they have provided for the processing, without affecting the lawfulness of processing based on consent before its withdrawal.
Right to data portability
The data subject has the right to receive the personal data concerning them, which they have provided to a controller, in a structured, commonly used and machine-readable format and have the right to transmit this data to another controller.
Right to lodge a complaint with a supervisory authority
The office of the Data Protection Ombudsman, operating under the Ministry of Justice, is the national supervisory authority for personal data matters. You have the right to bring your case to the supervisory authority if you consider that the processing of personal data concerning you is in violation of applicable law.
The controller is continuously developing its activities and may therefore be required to amend and update its privacy policies when necessary. The amendments may also be based on changes in the legislation concerning data protection.
If the amendments include new purposes for the processing of personal data or otherwise introduce substantial changes, the controller will provide an advance notification of them and, if necessary, request consent.
