ZENTREASURY OY’S PRIVACY POLICY AS A CONTROLLER | PERSONAL DATA ACT (523/1999) 10 § AND 24 §

1) Controller

Name: ZenTreasury Oy

Business ID: 2762104-2

Address: Aalto Start-Up Center Otakaari 5, 02150 Espoo, Finland

2) Person in charge of data files

Name: Lars Nevalainen

Contact details: +358449808133 [email protected]

3) Purpose of the processing of personal data

Personal data can be handled for following purposes:

  • management and development of the customer relationship,

  • to enable us to comply with our legal and regulatory obligations,

  • analysis and statistics,

  • development of artificial intelligence,

  • marketing, market surveys and studies, as well as

  • other similar purposes.

Personal data can also be processed by other ZenTreasury Oy’s Finnish affiliate companies, if any, in accordance with the Finnish Personal Data Act.

4) Personal information in the data files

The data file may contain the following information:

  • contact information, such as full name, address, phone numbers and e-mail addresses,

  • possible registration information, such as username, pseudonym, password and other unique identification,

  • age, gender, title or profession and mother tongue,

  • information regarding the customer relationship, such as billing and payment information, product-, service- and ordering information, information regarding customer feedback and contacts and cancellation information,

  • information relating to the implementation of communications and information relating to use of services, such as browsing and search information, and

  • possible other information gathered with the data subject’s consent.

5) Regular sources of information

Information regarding the data subject are regularly gathered:

  • from data subjects themselves via phone, internet, e-mail or in other similar fashion,

  • with cookies and other similar tech,

  • by ZenTreasury Oy’s other Finnish affiliate companies, if any, and

  • from the Population Register Center/Population Information System, Posti’s address database, phone companies’ databases and other similar private and public registries.

6) Regular disclosure of data and information transfer outside of EU or the European Economic Area

Information may be disclosed with the data subject’s consent for marketing purposes in accordance with the Personal Data Act.

Information may be transferred and stored to a server outside of EU or the European Economic Area to be processed by the Controller or Controller’s affiliate on Controller’s behalf in accordance with the Personal Data Act.

7) Data subjects’ rights

Right to inspect and rectify: The data subject has the right to verify the stored data in the data file that concern the data subject. Inquiries regarding the right of inspection must be in writing and signed and sent to the address mentioned in paragraph 1. In the situation that the information in the data file is incorrect, the data subject may submit a rectification request to the person in charge of the data file stated in paragraph 2.

Right of refusal: The data subject has the right to prohibit the controller of processing personal data for purposes of direct advertising, distance selling and other direct marketing, market research and opinion polls, as well as registers or genealogical research. Prohibition and rectification matters are to be sent by mail to the address referred in paragraph 1.

8) Data protection principles

ZenTreasury Oy uses all reasonable efforts to maintain physical, electronic, and administrative safeguards to protect personal information from unauthorized or inappropriate access, but ZenTreasury Oy note that the Internet is not always a secure medium. ZenTreasury Oy restricts access to information about data subjects only to the personnel of ZenTreasury Oy that need to know the information e.g. for responding to inquiries or requests made by the data subjects.