This is the register and privacy policy statement of GameSpace Oy in accordance with the Personal Data Act (Sections 10 and 24) and the EU General Data Protection Regulation (GDPR). Prepared on 6.8.2024. Last modified on 6.8.2024.
1. Controller
Name: GameSpace Oy
Address: Porvoonkatu 3
Business ID: 3451154-6
2. Contact person responsible for the register
Name: Semi Rantanen
Phone number: +358451301661
Email address: semi.rantanen@gamespace.fi
3. Name of the register
GameSpace Oy customer register / marketing register
4. Legal basis and purpose of processing personal data
The legal basis for processing personal data under the EU General Data Protection Regulation is the individual's consent.
The purpose of processing personal data is to maintain contact with customers, manage customer relationships, and marketing.
The data is not used for automated decision-making or profiling.
5. Content of the register
The customer register stores the customer's first name, last name, street address, postal code, city, country, email address, phone number, company, information about ordered services and their changes, billing information, and other information related to the customer relationship and ordered services.
The data is stored only in systems that are deemed secure. Access to the systems is granted only to those who process the data. The data is retained as long as we need it to provide our services, but for no more than 2 years. After this period, the data will be destroyed unless required otherwise by law.
6. Regular data sources
The customer's information to be stored in the register is obtained from the contact form on the website, emails, phone conversations, contracts, customer meetings, social media services, and other situations where the customer provides their information.
Information about contacts of companies and other organizations can also be collected
from public sources, such as websites, directory services, and other
companies.
7. Regular disclosures of data and transfer of data outside the EU or EEA
The data is not regularly disclosed to other parties.
8. Principles of register protection
Care is taken in the processing of the register, and the data processed through information systems is appropriately protected. When register data is stored on Internet servers, the physical and digital security of the equipment is properly managed. The controller ensures that the stored data, server access rights, and other information critical to the security of personal data are treated confidentially and only by employees whose job description includes it.
9. Right of inspection and right to demand correction of data
Every person in the register has the right to check their stored data and demand the correction of any incorrect or incomplete data. If a person wishes to check their stored data or request a correction, the request must be sent in writing to the controller. The controller may ask the requester to prove their identity if necessary. The controller will respond to the customer within the time frame set by the EU General Data Protection Regulation (usually within one month).
10. Other rights related to the processing of personal data
Every person in the register has the right to request the deletion of their personal data from the register ("right to be forgotten"). Similarly, registered persons have other rights under the EU General Data Protection Regulation, such as restricting the processing of personal data in certain situations. Requests must be sent in writing to the controller. The controller may ask the requester to prove their identity if necessary. The controller will respond to the customer within the time frame set by the EU General Data Protection Regulation (usually within one month).
11. Changes to the privacy policy
Our website and privacy policy may be updated in the future. The date of the latest update to the privacy policy is indicated in the policy. If there are significant changes to our policy, we will clearly notify them on our website.