Data Protection Policy of Four Ferries Ltd

 1.Register holder

Name: Four Ferries Ltd, VAT number FI23432228
Address: Kaskenkatu 4 B 6, 20700 Turku, Finland
Email: ida.ronnlund(at)fourferries.fi

 

2.Contact person

Name: Petri Salmela
Address: Kaskenkatu 4 B 6, 20700 Turku, Finland
Email: info(at)fourferries.fi

 

3.Name of register

Four Ferries Ltd user register

 

4.The purpose and content of the register

The information we collect is required to carry out administrative duties, ensuring system stability and performance, filtering harmful content, as well as for marketing and statistics purposes. The information is collected mainly in the form of technical logs. Four Ferries may only process and use this data for purposes specifically stated in the user agreement (EULA).

When the user agrees to the EULA, s/he also agrees to that information is collected about her/him to the Four Ferries user register. The User IDs are always personal. The register can contain the following kind of data:

Personal data:
First name, Family name, Email.

Data concerning the usage of service:
School, Starting year, User category i.e. teacher/student, Teaching language.

Other information:
Data on products/service ordered by the user, delivery and invoicing of them
Register information e.g. user id, password and other information that concerns service

 

5.Regular sources of information

Data is received through registration or through use of the application.

 

6.Transfer of recurring information

Information is disclosed to other parties only to the extent that deliveries of products and service and technical solutions require (Paytrail and PayPal). No regular disclosures are done.

 

7.Disclosures outside EU and EES

No disclosures are done outside the European Union or the European Economic Area.

 

8.Use of Cookies

We use Cookies to improve the efficiency and user friendliness. We use Cookies (Google Analytics) to find out needs of our customers as well as for marketing and statistics purposes. We use Cookies for filtering out harmful content.

 

9.Principles for securing data files/registers

Manual register:
Possible printed register documents are kept in locked rooms in locked cabinets at the work place.

Data registers/ Data files:
All data is kept confidential. The system and data can be accessed only by user id and password. The passwords are saved on the server encrypted. The passwords need to be strong (minimum 10 digits and by main user 15 digits long)

Only those persons who need the data for maintenance and service are allowed to access data. Data is secured with user ids and passwords for them. The main users can use their main user role only when they fulfill maintenance, error detection or when they take care of customers’ tasks concerning their data. The data is secured with passwords and other technical means. Data is transferred over a secured HTTPS connection.

We use and maintain fire walls and corresponding security solution in all devices that can be connected directly to public networks.

 

10.Right to check information and deny information

The user has the right to know which information is stored about him or her which categories of personal information is stored about him or her. Four Ferries has to inform the user what the purposes are of the processing, with whom the data is shared and how it acquired the data. Furthermore, Four Ferries must provide, upon request, a copy of the actual data related to a user. The request is made by e-mail to the contact person.

 

11.Right to ask for correction of data or to delete data

A registered person has the right to require correction of personal data or require that personal data that concerns her/him is deleted. The requirement is done by emailing the contact person. The contact person will check the identity of the person asking for data before data is given to him/her.

 

12.Other duties concerning management of personal data

When a data breach occurs, Four Ferries, in the role of data controller, is required to inform without undue delay, i.e., within 72 hours, the supervisory authority about the breach. In Finland the supervisory authority is The Office of the Finnish Data Protection Ombudsman (https://tietosuoja.fi/en/home).

 

Updated 9.7.2020