DATA PROTECTION POLICY
The term ‘data protection’ refers to ensuring the fulfilment of an individual’s rights in the processing of their personal data. The purpose of data protection is to indicate when and based on what preconditions personal data can be processed. ‘Personal data’ refers to information related to an identified or identifiable natural person.
The processing of personal data is absolutely necessary for the operations of InLove Group Oy (hereinafter ‘we/us’). We adhere to all procedures and processes that protect personal data in accordance with the requirements of the data protection legislation. This data protection policy details the grounds for collecting data and the purposes for which the data is used. Usage of our services is an example of situations to which this policy applies. We also apply this data protection policy when processing the personal data of our employees, job applicants and our partners’ staff members.
The controller of the personal data is InLove Group Oy.
2. Why do we process personal data and on what grounds?
Purposes of processing personal data
We collect and process personal data for the following purposes:
- Sending marketing and communications to our current and potential customers on our services or the services of select third parties by means of bulletins, newsletters, various marketing campaigns or event invitations, for example.
- Handling our contractual obligations towards customers, partners and employees, for example. If you are a user of our services, this can include showing user profiles to other profiles, and analysing your preferences and activities on the service so that we can recommend meaningful contacts to you and recommend you to others. Provision of the service may also include analysing the information you provide to us so that we can suggest partner candidates that are the most suitable to you.
- Developing our services and improving the user experience of our services.
- Managing our services.
- Preventing and, in some case, resolving possible cases of misuse.
Legal basis for processing personal data
In certain situations, we will request permission to process your personal data. For example, we will ask your consent for electronic direct marketing or the processing of data belonging to certain special categories. The request for consent will contain information on the processing of the data in question. If you have provided your consent for the processing of personal data, you also have the right to withdraw your consent.
In the context of marketing our services or products to persons within marketing target groups, potential customers or current customers, we are processing the relevant personal data on the basis of legitimate interest. We have a legitimate interest to market our products and services in a variety of ways. We want to provide persons in our marketing target groups with the most interesting information and marketing possible through our website and social media channels, for example. In addition to this, we can also market our own services or those of third parties through news letters or invitations to events. In the context of our marketing, we may use social media tools, such as various target groups. We analyse our e-mail campaigns and the operation of our websites and social media channels. This enables us to evaluate the effectiveness of our marketing campaigns, for example. This information serves as a basis for the development of our business and future marketing measures.
We also have a legitimate interest to develop our products and services. The development of our business-related processes and systems may be based on the processing of personal data. This may also involve personal data processing related to preventing and resolving cases of misuse.
In handling our contractual obligations, we process personal data on the relevant agreement, such as the service contract, employment contract or assignment contract. Furthermore, we process personal data to fulfil our obligations arising from the pertinent legislation, such as accounting and tax laws.
3. What information do we collect?
We collect details that are necessary for the purposes of use determined in this data protection policy:
A) Information you provide us
For example, our sites and service request your contact details when you order a newsletter, register for an event, submit feedback or leave a contact request. When you create an account, you must, at least, provide us with your login details and some information required to create your profile and ensure the functionality of the service. When filling in your profile information, you can provide us with additional details, such as links to your social media channels.
B) Information we receive from others
In addition to the information you provide, we gain information about you from other sources, such as other users upon them contacting the service in relation to you. We may also receive information about you from our partners; as an example, we are informed of the success of ad campaigns when our advertisements are published on various platforms.
C) Technical details observed and derived based on service use:
We use a variety of technologies (including cookies) to collect and store data on the users and visitors of our website, app and services.
A cookie is a small data storage program that the web browser saves on the hard drive of the user’s computer. Whenever a user’s browser retrieves data from our server, a message is sent back to the user’s computer. This message accelerates the site’s functionality and simplifies the login process, stores user details and customises the site for the user in question.
The menu of most browsers features a Help section that indicates how to withdraw cookie consent, how the browser indicates the receipt of cookies and how to disable cookies. Disabling cookies may prevent or limit the use of the website.
On a mobile devices, you can control settings related to data protection, such as the sending of notifications and the sharing of your location.
D) Information collected from other sources
We collect personal data from publicly available sources, such as registers maintained by authorities (e.g. Population Register, Tax Administration’s registers) and commercial information providers.
4. For how long are user’s personal details stored?
We store the personal details of users only for as long as they are needed for the provision of the service or for the maximum period permitted by law.
5. To whom can we disclose your information?
As a user of the service we provide, you disclose your information to other users voluntarily through the service (including your public profile). We recommend exercising caution with regard to your personal data and ensuring that you only share content that you do not mind being publicly viewable.
We only transfer and disclose personal data to the extent that third parties require access to the personal data that we process in order to provide our services for the purposes specified in this data protection policy. In this context, the service providers are processing data on our behalf.
Your personal data may be disclosed due to requirements imposed by authorities or based on applicable legislation.
6. Automated decision-making and profiling
Automated decision-making refers to a decision based on automatic processing that has legal effects on the person in question or that similarly affects the person in a significant way. We do not use automated decision-making in our operations.
Profiling, in turn, refers to automated personal data processing, which involves assessing or predicting a person’s interests or behaviour, for example. The purpose of our service is to help our customer find the most suitable partner possible. This necessitates assessing aspects, such as each user’s interests. For this reason, our service may involve profiling based on the details of our logged in customers.
We may also utilise profiling in our marketing in attempting to target the most suitable and interesting products and services to each customer.
7. International data transfer
Our aim is to provide our services and process all personal data, utilising operators and services within the EU or EEC area.
In some cases, however, services may also be provided with the help of operators, services and servers in other locations. In these contexts, your personal data may be transferred to countries outside the EU or EEC area where the legislation on the processing of personal data deviates from the requirements of Finnish law. If this is the case, we will ensure the sufficient protection of your personal data by agreeing upon the arrangement with the processor, for example.
8. Protection of the information
Data security is ensured by means of the appropriate administrative, technical and physical protection.
9. Underaged persons
The service we provide is not aimed at underaged persons, and we do not collect the personal details of minors. We request that any minors wishing to use our service secure consent from their guardian before savings their personal details. We recommend that the guardians of any minors using our service regularly monitor their dependents’ use of our website and the internet.
10. Third-party services
This data protection policy is only applicable to our services, and we cannot be held liable for the data protection policies of other services, such as websites or app marketplaces. We recommend that our users check the data protection policies of any websites they use.
11. Amending this data protection policy
We may amend this data protection policy. In the event of any changes to the data protection policy, we will always provide notification in this data protection policy.
12. Your rights
Right of access
You have the right to access and check the data that has been saved in contact information register on you.
Right to request rectification
You have the right to request the rectification or supplementation of incorrect, inaccurate, obsolete or unnecessary information.
Right to request erasure
You can ask us to erase your personal data from our systems. We will comply with your request, unless we have a justified reason not to erase the information. The information may not be immediately erased from all backup copies or other similar systems.
Right to restrict use
You can ask us to restrict the processing of your specific personal details. The request regarding the restricted use of your data may result in your use of our website and service being limited. You have the right to decline electronic direct marketing by following the instructions included in all of our marketing messages.
Right to object to data processing
You can also ask for restrictions regarding the processing of your personal data, if your details are being processed for purposes other than the provision of our service or the fulfilment of statutory obligations. Your possible objection to the processing of your personal data may limit your use of our website.
Right to transfer data from one system to another
You have the right to receive your personal data from us in a structured and commonly-used format that can be transmitted to another controller.
Right to withdraw consent
If the processing of your personal data is based on consent, you have the right to withdraw your consent at any time.
13. Exercising your rights
You can exercise your rights by contacting the customer service. We may request additional information to verify your identify. Please also note that our operations involve statutory obligations in relation to data storage, for example, which is why we may be obliged to process your personal details even if you request their erasure restriction of their processing.
If you find that the processing of your personal data conflicts with the applicable legislation, you can lodge a complaint with the local data protection authority.
14. Who can I contact?
You can always contact our customer service in matters regarding data protection.