Privacy policy
Privacy Policy, valid as of 1 January 2021
Visiting and using the online services provided by Traffic Management Company Fintraffic Ltd and its subsidiaries
We are committed to protecting your privacy
Ensuring smooth and safe traffic relies on data and its utilisation, including sharing data between transport operators to facilitate travel. At Fintraffic, we are firmly committed to respecting your privacy when you use our services and to protecting your personal data in accordance with data protection legislation and good practice.
In this privacy policy, we will explain how your personal data is processed when you visit and use an online service provided by the Fintraffic Group. Please note that the individual services mentioned in this policy may also have supplementary privacy policies of their own.
The purpose of processing your personal data
The data that you provide us with is processed so that we can send customer and stakeholder communications, handle event registrations and participation, send newsletters, handle customer feedback and provide customer service. The data collected when you use our online services is processed to improve your user experience and collect visitor statistics. We also process your personal data to the extent that is necessary to ensure data security in our online services.
The legal grounds for processing your personal data
We process your personal data either on the basis of consent, as per point a of Article 6(1) of the GDPR, or on the basis of legitimate interest, as per point f.
Processing is based on your consent when, for example, you accept the cookies used in our online services. Processing is based on legitimate interest when, for example, we process your personal data to handle customer feedback.
The personal data we process and its sources
Personal data that you supply to Fintraffic
Our online services use digital forms through which we collect the personal data that you supply us with for the purpose indicated in the form. This personal data includes your basic personal details, that is, your forename and surname, the company or organisation you represent, your postal address, email and telephone number.
We also keep information about whether you have subscribed to the Fintraffic newsletter.
In addition, we collect content that you have provided or created via digital forms, such as customer feedback, comments or messages, figures, given consents, and information related to participation in events.
From time to time, we may send customer questionnaires and surveys to our users, asking them about their use of an online service and its quality. In these instances, we will collect survey and research data that we process as statistical sets. Individual respondents cannot be identified from this data. Responding to surveys and questionnaires is always voluntary, and we will provide a more detailed explanation of how your personal data will be processed in connection with each particular survey or questionnaire.
Data that is collected when you use our online services
Our online services are open to everyone and you do not need to register for the use of the services in order to visit our website.
However, we do use cookies that collect analytical and statistical data on the use of our online services. Cookies are used to improve your user experience when you visit our website. We also use cookies to record statistics about website visitor traffic. You can read more about the use of cookies in our cookie policy.
Do we disclose your personal data to third parties?
We only disclose your personal data to third parties in certain circumstances.
Your personal data may be disclosed to social media partners. Your personal data may be disclosed to social media providers such as Facebook, Twitter, Instagram and Youtube. You can read more about the use of social media plugins in our cookie policy.
Your personal data may be disclosed for use in customer surveys and questionnaires. We always assess such disclosures of your personal data on a case-by-case basis. By default, your personal data will only be disclosed in a converted format in which individuals are no longer identifiable.
Your personal data may only be surrendered to the authorities when required by statutory legislation. Your personal data may be surrendered on the basis of a legally justified demand presented by a competent authority.
Who is the data controller responsible for processing your personal data?
The data controller for your personal data is Traffic Management Company Fintraffic Ltd and its subsidiaries. Our address is Palkkatilaportti 1, 00240 Helsinki, Finland.
Contact information for exercising your rights as a data subject can be found below.
Who processes your personal data?
The processing of personal data by our employees
At Fintraffic, your personal data will only be processed by persons who have justified grounds for processing it as part of their work.
Use of subcontractors:
We may use subcontractors for the technical maintenance and development of our online service, providing customer service, managing and analysing user data, conducting customer surveys or sending customer communications.
In these cases, we will use contractual means to ensure that subcontractors process your personal data only to the extent that is necessary to achieve the purposes described in this privacy policy. Subcontractors may not use your personal data for any other purposes than those specified by Fintraffic in this privacy policy. We require our subcontractors to process personal data confidentially and to ensure an adequate level of data security to protect your privacy.
Will your personal data be processed outside the EU or EEA?
We primarily process your personal data within the EU or EEA, using parties and services located in countries within these zones.
Operators, services and servers located elsewhere may sometimes be used to implement our online services. In these instances, your personal data may be transferred outside the EU or EEA to countries whose legislation on privacy protection differs from Finnish law. We carry out such transfers as required by law, for example, using model contract clauses approved by the EU Commission, so as to ensure that your personal data is adequately protected. We ensure that your personal data is processed in accordance with this privacy policy no matter where your data is processed.
What measures do we take to protect your personal data?
At Fintraffic, our default approach is to take data protection and security into account at an early stage in the design, implementation and maintenance of our online services.
We take the appropriate physical, technical and administrative measures to protect your personal data. Separately named persons are appointed to handle data protection and security. We restrict access to systems and databases containing personal data to only those designated persons who have a work-related need and right to process the personal data in question.
How long will we store your personal data?
We will store your personal data in accordance with current legislation and only for as long as is necessary for carrying out the purposes specified in this privacy policy.
The retention period of personal data depends on the nature of the data and the purpose it was used for. We regularly assess the required retention period for data. At the end of the retention period, we delete the data or convert it into an anonymous format in which individuals are no longer identifiable.
Your rights relating to the processing of personal data and how to exercise them
As a data subject, you always have the right to:
1. obtain information about how your personal data is being processed and check any data concerning yourself
2. request the correction of any incorrect information
3. request that the controller restricts the processing of your personal data to the situations specified in Article 18 of the GDPR
4. lodge a complaint with the Data Protection Ombudsman
You also have the right to:
5. object to the processing of your personal data on the basis of particular personal circumstances if we are processing your data on the basis of legitimate interest
6. request the deletion of your personal data
7. withdraw your consent to the processing of your personal data
Data subjects can request information or exercise their rights by contacting: viestinta(at)fintraffic.fi.
Data may only be disclosed to individuals who are able to reliably prove their identity.
Changes to the privacy policy and its validity
We are continually developing our online service. As our digital services develop, we will update our privacy policy as required. We will also update our privacy policy to reflect any changes in legislation.
This privacy policy seeks to provide you with current and up-to-date information about the processing of your personal data. You should therefore reread this policy from time to time.
This privacy policy is valid as of 1 January 2021.