Paptic Ltd (‘we’ or ‘us’ or ‘our’) value your privacy and we recognise our obligations in meeting the demands of the General Data Protection Regulation (GDPR) and the Finnish law on electronic communications services (laki sähköisen viestinnän palveluista, 7.11.2014/917). This privacy notice is meant to help you understand what personal data we collect and why, and how you can request, update or delete your information.
What personal data we collect?
In general, Paptic collects personal data directly from you, either through web forms on our website, via email discussions or phone calls, through social interactions or through the customer relationship. We only collect data that you provide, and we assume all contact information to be business related (a business email address, for example).
For marketing purposes, we might collect your name, company, job title, address, contact details, and interest in the Paptic product. If you are our customer, we would also collect your invoicing information, delivery information, customer-specific details, your current and past order details etc.
How we use personal data?
Paptic securely stores your data on encrypted devices or on cloud services that are completely GDPR compliant. We use the personal data to maintain existing customer relationships or to advertise and keep you informed about the Paptic products. This means sending you informational and promotional emails, messages or letters or we could even call you if we feel you might want (or you have indicated you want) to be reached that way. We use some parts of the data for development and research purposes. In this case the data is first anonymized.
On what basis is personal data collected?
The processing of personal data is based on the legitimate interest of Paptic Ltd. If you are our customer, we have a legitimate interest to process your data for maintaining the customer relationship and perform direct marketing (unless you have told us not to).
If you have filled in a form on our website (ordered a sample, for example) or have otherwise been in business related contact with us, you might have been added to our marketing register, based on our legitimate interest. We have conducted a legitimate interest assessment to ensure that we can justify our decision. We have decided that your interests, as the individual, do not override Paptic’s legitimate interests. However, you can at any time unsubscribe from our marketing list as informed and instructed at the end of each marketing message.
How long will personal data be stored?
All personal data we process can be used for marketing and unless you ask us to remove your information (or unsubscribe from the marketing list), we keep your data for the time being.
Who else processes personal data we collect?
We may disclose personal data to our subsidiaries.
In rare cases, we may also disclose personal data to affiliates, contractors, service providers and other third parties we use who are bound by contractual obligations to keep personal information confidential and use it only for the purposes for which we disclose it to them.
We also use third party tools and services to process personal data. We take this into account in our risk analysis and make sure that the services are trustworthy and meet the GDPR requirements. These services act as Data Processors for Paptic but in practice they are just tools and all processing work is done by Paptic employees.
Paptic doesn’t store or transfer personal information outside the EU (to countries not meeting the commission’s criteria).
How to access your personal data?
You may access your personal data by contacting us via our website’s contact form. You may request information about what personal data we hold about you or you may request to have your information corrected or erased. Additionally, if you are a subscriber to our mailing list, instructions to unsubscribe are provided at the end of each marketing message.