VALPAS PRIVACY POLICY

CONTROLLER:

Valpas Enterprises Oy, Business ID: 2575159-9
Address: Lapinlahdenkatu 16, 00180 Helsinki, Finland
Contact Person: Martim Gois, info [at] valpas.io

INTRODUCTION:

Valpas Enterprises Oy (“Valpas” or “we”), collects personal data of its customers, users and visitors whilst providing its applications, websites and possible other services (jointly hereinafter “Services”).

The monitoring application (hereinafter "Application") is a service provided by Valpas for the purposes of monitoring and preventing bed bug infestations in the premises of hospitality providers. To use the Application, you are required to fill in at least one viable email address that might be subject to personal use. Some functions and sub-services of the Services may require more information to be provided, but this will be clearly stated and you will be requested to provide the extra information before you can use these certain services and functions.

This Privacy Policy governs the principles of storing and processing the personal data included in the Register. This Privacy Policy explains what data we process, how we do that and how you may use your rights as a data subject (e.g. right to object, right of access).
This Privacy Policy may be updated from time to time if required in order to reflect the changes in our data processing practices or otherwise. You can find the current version on our website at valpas.io.
The Privacy Policy only covers data processing carried out by Valpas.
The Privacy Policy does not address, and we are not responsible for, the privacy practices of any third parties. Without affecting our responsibility for the data processors engaged by us to process data on our behalf, Valpas disclaims all responsibility for the processing carried out by third parties, also in cases where the Services include hyperlinks to third parties’ websites.
Privacy, security and online safety are important for us, and we process all personal data with due care and in accordance with applicable laws and regulations.

PURPOSE FOR PROCESSING PERSONAL DATA

There are several purposes for the processing of your personal data by Valpas:

To provide our services

Valpas processes your personal data in the first place to be able to deliver our Services to you and to run, maintain and develop our businesses. We would like to know who you are, so we can tailor our service to meet your needs and desires as precisely as possible. Some of the functions of our Services are simply unable to work properly if we do not know who is using them. If you contact our customer service, we will use the information provided by you to answer your questions or solve your complaint. In order to ensure that our Services are in line with your needs, this data can be used for things like customer satisfaction surveys. We might also request another party to do this for us.

For customer communication (including marketing)

Valpas processes your personal data to contact you regarding our Services and to inform you of changes to our Services. Your data is also used for research and analysis to improve our Services. We may also use your data entered on our Services in certain cases to send information and marketing communication by e-mail, provided that you have given us consent to that or other legitimate grounds for such marketing communication exists.

Legitimate grounds for processing and storage limitation

Valpas processes your personal data to perform our contractual obligations towards you and to comply with legal obligations. Furthermore, we process your personal data to pursue our legitimate interest to maintain and develop our businesses.

We store personal data only as long as necessary for the purposes set out in this Privacy Policy. Once the data is no longer necessary, we delete or anonymize it as soon as possible. We regularly assess the necessity, accuracy and quality of the personal data and will delete or anonymize if the data is no longer needed for the purposes defined above.

PROCESSED DATA AND SOURCES OF DATA

Valpas collects two types of information from our customers and users of the Services: (i) Customer Data; and (ii) Technical Data. Although we do not normally use Technical Data to identify you as an individual, you can sometimes be recognized from it. In such situations, Technical Data can also be considered personal data under applicable laws.
We may collect and process the following basic Customer Data: (i) first and last name; (ii) e-mail address, telephone number, address; (iii) payment information and transactional data. In addition, we may collect the following data arising from the customer relationship (i) information relating to maintaining the customer relationship; (ii) information on marketing permissions; and (iii) customer service data.
We may collect Customer Data from our customers and visitors in a variety of ways, including, when they register to our Services, when they submit customer feedback, claims or other communication or when they subscribe to a newsletter or fill out a form. Further, please note that we also collect details of any transactions and payments you carry out through our service. We will collect Customer Data from customers and visitors only if they voluntarily submit such information to us or carry out transactions or payments through our Services. We may also update and supplement personal data with information provided by third parties in accordance with applicable data protection laws.
We and/or our authorized third party service providers, may automatically collect Technical Data when you visit or interact with our Services. ”Technical Data” may include the browser name, the type of computer or device, time spent on the website, interaction with the Services, URL of the website you visited before and after visiting the Services, the time and date of user visits, surfing habits, IP address, operating system and the Internet service providers utilized and other similar technical information.

Cookies

We use various technologies to collect and store information when you visit a Valpas website, including cookies. Cookies allow us to calculate the aggregate number of people visiting our websites and monitor the use of the websites. This helps us to improve our websites and better serve our users. We also use tracking and analytics cookies to see how well our services are being received by our users.
You may choose to set your web browser to refuse cookies, or to alert you when cookies are being sent. If you do so, note that some parts of our sites and services may not function properly. For more information about cookies and how to disable and delete them, visit www.allaboutcookies.org.

TRANSFER OF PERSONAL DATA TO COUNTRIES OUTSIDE EU AND EEA

Valpas may transfer your personal data to countries outside the European Union and the European Economic Area. When we transfer any data to a country for which no adequacy decision of the European Commission exits, such transfer will be subject to the provisions of the (standard or other) clauses adopted by the European Commission or other competent authority. If you wish to know more about international transfers of your personal data, you may contact us via the contact details above.

RECIPIENTS

We do not share your personal data with third parties outside Valpas unless at least one of the following circumstances applies:

For legal reasons
We may share your personal data with third parties if we have a good-faith belief that access to and use of the personal data is reasonably necessary to: (i) meet any applicable law, regulation, and/or court order; (ii) detect, prevent, or otherwise address fraud, security or technical issues; and/or (iii) protect the interests, properties or safety of Valpas, our users or the public always in accordance with the applicable laws. When possible and unless prohibited by applicable laws, we will inform you about such processing.

For other legitimate reasons
If Valpas is involved in a merger, acquisition or asset sale, we may transfer your personal data to the third party involved. However, we will continue to ensure the confidentiality of all personal data. We will give notice to all customers concerned before the personal data is transferred or becomes subject to a different privacy policy.

Our services providers and vendors
We may disclose the personal data to our services providers and vendors engaged by us for the processing of personal data. Such processors may include, for example, third parties providing us with IT services and marketing services. All the third party processors have been carefully selected by us and have committed to respect your privacy in accordance with this policy.

With your explicit consent
We may share your personal data with third parties outside Valpas for other reasons than the ones mentioned before, when we have your explicit consent to do so. You have the right to withdraw this consent at all times.

YOUR RIGHTS

Right to access
Valpas offers you access to the personal data we process. This means you can contact us asking us to inform you about your personal data that we have collected and processed and the purposes such data are used for. You may also request a copy of personal data concerning you. We may charge a processing fee in case less than 12 months have passed since your last data request.

Right to correct
You have the right to have incorrect/unprecise, incomplete, outdated, or unnecessary personal data we have stored about you corrected or completed by contacting us.

Right to deletion
You may also ask us to delete your personal data from our systems. We will comply with such request unless we have a legitimate ground to not delete the data. After the data has been deleted, we may not immediately be able to delete all residual copies from our active servers and backup systems.

Right to object
You may object to certain use of your personal data if such data are processed for other purposes than necessary for the performance of our Services or for compliance with a legal obligation. You may also object any further processing of your personal data after prior given consent. If you object to the further processing of your personal data, this may lead to fewer possibilities to use our Services.
You have the right to opt-out of receiving electronic direct marketing communications from us by clicking on the opt-out link provided in all marketing communications we send you, and choosing not to receive marketing communications from us in the future. You also have the right to prohibit us from using your personal data for direct marketing purposes, market research and profiling by contacting us on the addresses indicated above.

Right to restriction of processing
You may request us to restrict certain processing of your personal data. If you restrict certain processing of your personal data, this may lead to fewer possibilities to use our Services.

Right to data portability
You have the right to receive your personal data you have submitted us in a structured, commonly used format in order to transmit the data to another controller.

How to use your rights
You may use these rights by sending a letter or e-mail, including your name, address, phone number and a copy of a valid ID to us on the addresses set out above. If your request concerns personal data in a cookie, you have to enclose a copy of the said cookie. We may request the provision of additional information necessary to confirm your identity. We may reject requests that are unreasonably repetitive, excessive or manifestly unfounded. In case you consider our processing activities of your personal data to be inconsistent with the applicable data protection laws, you may lodge a complaint with the local supervisory authority for data protection.

INFORMATION SECURITY

We will take all reasonable, appropriate security measures to protect Valpas and our customers and users from unauthorised access to or unauthorised alteration, disclosure or destruction of personal data we hold. Measures include, where appropriate, encryption, firewalls, secure facilities and access rights systems. Should despite of the security measures, a security breach occur that is likely to have negative effects to your privacy, we will inform you about the breach as soon as reasonably possible.