Data Protection Description

This Data Protection description serves also as a register description which is in compliance with Clause 10 of the Finnish Personal Data Act (523/1999)

  1. Registrar’s name and address

Discendum Oy Kiviharjunlenkki 1 E90220 Oulu, Business ID: 1725022-5 (service provider)

  1. Contact Person

TerttuKaikkonen, tel. 0207181850, address same as above

  1. Name of the Register

Customer registry of Kyvyt.fi-service (“service”)

  1. The Purpose of Using the Data

Registry Data is used in managing and maintainingcustomer relations between the service provider and the customer. Moreover, the data is used for the company’s business planning and development purposes when deploying various research methods. The data will also be used for business communication and possibly for direct marketing provided that the national legislation permits and the customer has given his or her consent. The Data can also be used to follow up or investigate any information security breaches.

Contents of the Registry

The Registry contains the following information:

Customer Information(obligatory):

  • First name
  • Last name
  • E-mail address

Customer information (optional)

  • student ID
  • user identity
  • presentation
  • official WWW address
  • personal wwwaddress
  • blog address

* Streetaddress

  • City
  • Country
  • Home phonenumber
  • Workphonenumber
  • Mobile phonenumber
  • Fax number
  • ICQ-number
  • MSN Chat
  • AIM-Screenname
  • YahooChat
  • Skype username
  • Jabberusername
  • Occupation
  • Professional field
  • Date of birth
  • Place of birth
  • Nationality
  • Sex
  • Marital status
  • CV and the data included in it

Usage Data:

  • Customer’s profile pages and their contents
  1. Register information sources

Register data are provided by the customer, either directly or via cookies, in the following situations :

  1. when creating a user profile into the service and, thus, registering as a customer
  2. when editing one’s profile settings
  3. when logging into the service
  1. Disclosure of data

In principle, the service provider will not release any customer information to third parties/outsiders. However, information can be disclosed for research and marketing purposes in case the customer has given his or her permission to do so beforehand. Information is released also to the Police and it can be used, for example, in police investigations when and to the extent that the law in force at that particular time allows/requires. Data is not transferred to the countries outside the EU or EEA.

  1. Protection of the Register

Personal data are gathered in the common databases, which are protected by firewalls and other appropriate technical means. Server equipment is stored in a locked space. Access to storage facilities is restricted to authorized personnel only.

All those managing the register must be individually authorized by the Register Controller (user ID, password and access level). Customers’ Personal Data can only be accessed by members of the personnel who need information in performing their work tasks, i.e.Service Provider’s customer service staff and the system operators of the service.

  1. Rights to Inspect

Registrees are, in accordance with the Personal Data Act Clause 26, entitled to inspect their personal data recorded in the register. Registreesmust send a written and signed request for inspection to the Contact Person or it can be made in person at the address mentioned above. All registrees have the right to rectify any inaccurate or incorrect data in the register.