Privacy policy

This is Toptier Ltd's privacy policy compliant with the European Union's General Data Protection Regulation (GDPR).

Written 7.6.2021. Latest edit 7.6.2021.

1. Registrar

Toptier Ltd. (3130275-7)
Bulevardi 46
00120 Helsinki

Data protection contact person:

Janne Valtakari
Bulevardi 46
00120 Helsinki
janne.valtakari@toptiercrew.com

2. Name of the registry

Toptier Ltd's marketing registry.

3. Registered persons

Contact persons of potential client organizations.

4. Legal basis and purpose of registry

Legal basis of registry:

- Marketing directed towards potential client organizations (legitimate interest)

Personal data will only be handled regarding predetermined purposes, which consist of the following:

- Contacting the contact persons of potential client organizations
- Description of offered services

5. Data recorded in the registry

The marketing registry contains the following information:

- The name and address of the potential client organization
- The name, email address and the phone number of the contact person of the potential client organization
- Other possible information recorded from the perspective of the marketing registry

6. Regular sources of information

- Information from public sources
- Information received from the registered person themselves through e.g. online form, email or phone.

7. The rights of the registered person

The registered person has the following rights:

Right to inspect:
The registered person can inspect the recorded data associated with them.

Right to correct:
The registered person can request the correction of faulty or incomplete data associated with them.

Right to object:
The registered person can object to the processing of the data associated with them, if they feel that the data has not been handled according to therelevant regulations.

Objection of direct marketing:
The registered person has the right to object to direct marketing.

Right of removal:
The registered person has the right to request the removal of their personal data, if it is not required to be kept or processed. We will process the data removal request, after which we either remove the data or state a justified reason for not being able to do so. It should be noted, that the registrar can have a legal or other kind of a right not to remove the requested information.

Right to file a complaint regarding a decision to the Data Protection Officer:
The registered person has the right to request that we limit the usage of the disputed personal data until the matter has been settled.

Right of complaint:
The registered person has the right to file a complaint to the data protection officer if they perceive that the recorded personal data has not been processed according to the relevant regulations and legislation.

Requests regarding these rights are to be sent to janne.valtakari@toptiercrew.com with visual proof of identity attached. The requests are usually handled within 14 days.

Contact information of the Data Protection Officer: https://tietosuoja.fi/en/contact-information

8. Regular releasing of personal data

The recorded data will not be released or otherwise distributed outside of Toptier Oy for marketing purposes. We also ensure that the service providers we may use comply with the relevant data protection regulations.

9. Security and handling of personal data

All physical records are stored in locked facilities of the registrar. All electrical forms of data are stored and processed within the registrar's information systems according to proper data protection and privacy practices. The data is accessible only to pre-defined legitimate employees of the registrar.

The processing of personal data can also be partially externalized to a third party. In this case, proper and data protection regulation compliant processing of personal data is ensured through contractual arrangements.

10. Transferring personal data outside of the EU

Personal data will not be transferred outside of the EU or the EEA, but a part of the automated processing of the data may occur outside of the EU or the EEA. In these cases, the information systems used comply with the Privacy Shield-contract between the EU and the United States.

11. Automated decision-making and profiling

The recorded data will not be used in automated decision-making or profiling.