At Centero, we’re committed to protecting and respecting your privacy. This policy explains when and why we collect personal information about you, how we use it, the conditions under which we may disclose it to others, how we keep it safe and secure and your rights and choices in relation to your information.
- Centero Public websites
We encourage you to read the policy notice carefully and contact us with any questions or concerns about our privacy practices via email to email@example.com or by writing to:
Data Protection Officer
2. Who we are?
We are Centero, Finnish-based agile IT service provider dedicated to help organizations endpoint management and cloud technologies.
In this policy ‘Centero’, ‘we’, ‘us’ or ‘our’ means:
- Centero Oy (Finnish business ID: 2109868-4) registered to Yliopistonkatu 28E, 40100 Jyväskylä, FINLAND
Contact details for privacy protection issues via email to firstname.lastname@example.org or directly to our Data Protection Officer:
- Juha Haapsaari (email@example.com)
3. How do we collect information from you?
We obtain information about you in the following ways.
3.1 Information you give use directly
For example, filling form on website, purchase services or when you register to our newsletters
3.2 When you visit our websites
Our websites are on following domains:
We automatically collect following information:
- Technical information, including the type of device you are using, the IP address, browser and operating system being used
- Information about your visit to websites, including pages you visit, how you navigate on the website, length of visits to pages, products and services you viewed or searched for and referral sources (how you arrived at our website)
We collect and use your personal information by using cookies on our website. See chapter ‘Cookies’ for more details.
3.3 Social Media
When you interact with us on social media such as Facebook, LinkedIn and Twitter we may obtain information about you. The information we receive is controlled by you on the privacy preferences you have set on those types of platforms.
3.4 Public information
Information about you available publicly such as organization websites, public social media accounts in order to create a fuller understanding of someone’s interests and support.
4. What information do we collect?
The personal information we collect, store and use include:
- Your name and contact details (including email address, telephone number, postal address)
- Services you requested more information
- Information about your activities on our website and device used to access it (including your IP address and geographical location)
- Any other personal information shared with us
We do not collect any sensitive personal information in special categories (like race, ethnic origin, politics, religion, trade union membership, genetics, biometrics, health, sex life or sexual orientation).
5. How and why your information is used?
We may use and process your information for different purposes, which may include:
- Account set up and administration
- Providing you with the services, products or information you have requested
- Personalization of content, business information or user experience
- Processing orders that you have submitted
- Fulfilling our obligations under any contracts entered into between you and us
- Keeping a record of your relationship with us
- Performing analysis and market research so we can understand how we can improve our services, products or information
- Internal research and development purposes
- Finding your feedback on the services we provide
- Carrying out polls and surveys
- Notifying you of the changes to our services
- Sending you communications which you have requested and that may be of interest to you. These may include information about campaigns, activities and promotions of our products and services
- Processing job applications
6. How long is your information kept for?
We keep your information for no longer than is necessary for the purpose it was collected for. The length of time we retain your personal information for is determined by operational considerations.
We review or retention periods on regular basis. You can request information about your collected personal information or request removal of your personal information from firstname.lastname@example.org.
7. Who can access your information?
We do not sell or rent your information to third parties. We also do not share your information with third parties for marketing purposes.
7.1 Third parties working on our behalf
Our selected 3rd party service providers, suppliers, agents, subcontractors and other associated organizations can have access to your information for the purpose of administering the platform for us. However, when we us these third parties, we have a contract in place that requires them to keep your information secure and prevents them from using it for their own purposes.
|3rd party name||Purpose / reason||Role||Other information|
|Seravo Oy||Hosting provider for website and database||Data processor||https://wp-palvelu.fi/gdpr-tietosuoja-asetus-ja-wordpress/|
|Fulmore Oy||Website development and administration||Data processor|
|ActiveCampaign, LLC||Marketing registry and marketing communications||Data processor||https://www.activecampaign.com/privacy-policy/|
|Microsoft||CRM service provider||Data processor||https://www.microsoft.com/en-us/TrustCenter/CloudServices/dynamics365|
|Zapier||Data synchronization||Data processor||https://zapier.com/privacy/|
|PieSync NV||Data synchronization||Data processor||https://www.piesync.com/legal/terms-and-conditions/|
8. What legal basis do we have for processing your personal data?
Where you have provided specific consent to us using your personal information in a certain way, such as sending email to you, using cookies to collect information about your visit to our websites.
Where we are entering into a contract with you or performing our obligations under it like when you order products or services from us.
Consent given by you can be withdrawn and managed any time by contacting email@example.com.
Contract legal basis ends when contract is not signed, or it is terminated. In these cases, consent given by you is not automatically withdrawn.
9. Where do we store and process personal data?
As part of the services offered to you through this website, the information which you provide to us may be transferred to countries outside the European Economic Area (“EEA”). For example, this may happen when your personal data is transferred to marketing registry that is located in service hosted outside of the EEA. By submitting your personal data, you’re agreeing to this transfer, storing or processing. If we transfer your information outside of the EEA in this way, we will take steps to ensure that appropriate security measures are taken with the aim of ensuring that your privacy rights continue to be protected as outlined in this policy.
If you use our services while you are outside the EEA, your information may be transferred outside the EEA in order to provide you with those services.
10. How do we secure personal data?
When you give us personal information, we task steps to ensure that appropriate technical and organizational controls are in place to protect it.
We use SSL encryption on our websites to make sure that information given is always protected. SSL encryption is forced whenever processing more sensitive information (such as credit card details).
Information given us using other methods (such as email, social media, written letters etc.) are transmitted or delivered in ways that we cannot guarantee to be 100% secure. Therefore, even we have steps in place to keep your information secure, you send the information at your own risk. Once the information is received by us, we make our best effort to ensure its security on our systems.
We, or our 3rd party service providers, have implemented protection against accidental loss of data with regular backup of data.
Access to your personal information requires authentication and authorization, unless you have given consent to make information publicly available on our websites or marketing materials.
11. Use of automated decision-making and profiling
We may analyse your personal information to create a profile of your interests and preferences so that we can tailor and target our communications in a way that is timely and relevant to you. We may make use of additional information about you when it is available from external sources (such as social media etc.) to help is do this effectively.
You can always opt out of your information used for decision-making, profiling or marketing communications by contacting firstname.lastname@example.org
12. Your rights
12.1 Right of access
You have right to request access to the personal data we hold for you. You also have right to request copy of the information we hold about you, and we will provide this information to you unless legal exceptions apply.
12.2 Right to rectification
You have right to have inaccurate or incomplete information we hold about you corrected.
12.3 Right to restrict processing
You have right to request us to restrict processing of some or all your personal information if there is a disagreement about its accuracy or we are not lawfully allowed to process it.
12.4 Right to erasure
You have right to request us to delete some or all your personal information, and we will anonymize or delete this information unless legal or contract exceptions apply. When possible, we anonymize requested information rather than delete it.
12.5 Right to data portability
You have right to request your personal information to be provided in machine-readable form when we are processing (using automated means) your personal information based on your consent or in order to enter or carry out a contract with you.
12.6 Right to object
You have right to object processing of your information when we are using it for direct marketing or for statistical/research purposes.
If you want to exercise any of the above rights, please email us at email@example.com or in writing to Centero Oy, Data Protection Officer, Yliopistonkatu 28E, 40100 Jyväskylä, FINLAND. We may be required to ask more information and/or provide evidence of identity. We are dedicated to respond fully to all request within 30 days of receiving of your request, however if we are not able to do so we will contact you with reasons for delay.
You also have right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that processing of your personal data infringes GDPR regulation.
14. Links to other websites / 3rd party content
Our websites may contain links to other websites run by other organizations. This policy applies only to our website. Please read the privacy policies on the other websites you visit. We cannot be responsible for the privacy policies or practices of other websites even if you access them using links from our website.
15. Changes to this policy
Any changes we may make to this policy in future will be available on this website so please check this page occasionally to ensure that you agree with any changes. If we make any significant changes, we’ll make this clear on this website.