We may collect your data:
We may collect:
We may collect personal data about you:
There is always a legal basis for collecting and processing your data. The legal basis for processing your data may be:
The data is accessible, controlled and processed by the board of Koskinen & Co.
Some parts of the data processing have been outsourced to third parties. We do our best to ensure that the chosen data processors have appropriate security measures to protect your privacy and to comply with any applicable legislation.
It is possible that we or our service providers may transfer your data outside the EU/EEA-area. This may happen if for instance we or our service providers duplicate some data outside the EU / EEA area in the United States. Data is duplicated to keep your data safe even in situations where major servers fail.
Such a transfer is always conducted safely and according to applicable laws. We do our best to ensure that all necessary measures are taken to make sure that your data is not transferred to an entity outside the EU/EEA-area that does not fulfill the criteria regarding the processing of personal data set forth in applicable laws.
In addition, we adhere to the EU’s, US’ and Switzerland’s and United State’s Privacy Shield Framework principles. We do not use these principles as the legal justification for the transfer of personal data, taking into account the EU's Court of Justice’s decision in the case C-311/18. You can find more information from the US department of commerce's Privacy Shield website.
The European Commission has approved the use of model contract clauses as a means of ensuring adequate protection when transferring data outside of the EEA. By incorporating model contract clauses into a contract established between the parties transferring data, personal data is considered protected when transferred outside the EEA or the UK to countries which are not covered by an adequacy decision. We rely on these model contract clauses for data transfers.
Your data may be processed by any number of the following third parties:
Your data is not transferred elsewhere unless the performance of a contract that you are a party, other legal obligations that we are a subject, or a public authority demands otherwise.
Your data is protected with appropriate security measures. The computers that are used to access your data have been encrypted. The access to the data processing services has been protected with two-factor authentication measures, where applicable, and with very secure passwords. Also, a VPN connection is used wherever possible to connect to these services.
Your data may be transferred outside of the EU or ETA by the third parties described above. It is likely that some parts of their data processing processes do transfer the data internationally. However, we have done our best to ensure that these third parties have their data servers within EU or ETA, or have appropriate security measures to transfer your data internationally.
You may exercise any of these rights by contacting us.
If the changes result in the expiration of the legal basis for collecting, controlling and processing your data, we make sure that the legal basis for collecting, controlling and processing your data is restored. Otherwise, your data will be deleted according to all applicable privacy laws and regulations.
Updated 12th of September, 2021