This is the Longwater Works Data Subject Information Document in accordance with the EU General Data Protection Regulation (EU 679/2016, Articles 12-22, 30, and 34).
Created on: 10th February 2025. Last updated: 12th March 2025.
1. Data Controller
Longwater Works 3397718-4
Email: teemu@longwaterworks.com
Website: https://www.longwaterworks.com
2. Contact Person for the Register
Teemu Samuel Pitkäkoski
teemu (at) longwaterworks.com
+358 40 413 fiveonefixnine
3. Legal Basis and Purpose of Personal Data Processing
Personal data is processed as part of communication, customer relationship management, and marketing. We process the data only for predefined purposes.
Providing and Delivering Services:
We collect and process personal data as part of communication and customer relationship management. Personal data is collected for offering these services and user identification, as using the services requires registration. In this context, the processing of personal data is primarily based on the execution of a contract and our legitimate interest.
Marketing:
We actively seek new customers and market our services, especially through social media, search engines, and other digital channels. Additionally, we may conduct direct marketing and customer communication, particularly via email. These activities require the collection and processing of personal data.
Legal Obligations and Legal Requirements:
We also process personal data to comply with statutory obligations, such as accounting and taxation. Furthermore, we may process personal data for preparing and responding to legal claims, as well as preventing and investigating fraud.
4. Regular Sources of Information
The information stored in the register is obtained from the customer, including messages sent via the chatbot, emails, phone calls, social media services, contracts, customer meetings, and other situations where the customer provides their data.
We collect the following personal data related to customers and potential customers:
- Company name
- Contact person’s name
- Contact person’s email address
For website visitors, we collect the following data:
- Browser type
- Operating system
- Location data
We retain personal data only as long as necessary for the purpose of use or as required by the contract or law. Retention periods vary depending on the purpose of use, legal basis for processing, and the specific situation.
Data of registered users are stored as long as they remain active users of the services. Personal data may be deleted if the person withdraws their consent or requests deletion of their data, and we do not have another legal basis for processing. Data may also be deleted if the contractual relationship ends, or if the data is outdated or incorrect.
Retention periods are also influenced by statutory obligations such as accounting, taxation, and employment contract laws, as well as deadlines for presenting legal claims. Additionally, we strive to regularly update data and delete unnecessary, incorrect, or outdated information.
7. Regular Disclosures of Data and Transfers Outside the EU or EEA
Personal data may be transferred outside the EU or European Economic Area (EEA). In such cases, we ensure that data protection is maintained at an adequate level by complying with legal requirements, such as entering into appropriate agreements regarding the confidentiality and processing of personal data.
8. Principles of Register Protection
The processing of the register follows due diligence, and the data processed through information systems are appropriately protected. When the registered data is stored on internet servers, both the physical and digital security of the equipment is ensured. The data controller ensures that stored data and other sensitive personal information are handled confidentially and only by employees whose job it is to do so.
9. Right of Access and Right to Request Correction of Data
Each person in the register has the right to check the data stored about them and to request correction of any incorrect information or completion of incomplete information. If a person wants to check the data stored about them or request corrections, the request must be sent in writing to the data controller. The data controller may ask the requester to verify their identity. The data controller will respond to the customer within the time set by the EU data protection regulation (usually within a month).
10. Other Rights Related to Personal Data Processing
The person in the register has the right to request deletion of their personal data from the register (“right to be forgotten”). Registered individuals also have other rights under the EU General Data Protection Regulation, such as limiting the processing of their personal data in certain situations. Requests must be sent in writing to the data controller. The data controller may ask the requester to verify their identity. The data controller will respond to the customer within the time set by the EU data protection regulation (usually within a month).
Cookies
Our website uses cookies to provide and improve services, analyze website usage, and create and target content.
When you visit our website, small text files called cookies may be stored on your device to enhance your user experience. Cookies can help the website, for example, remember your selected language or facilitate online transactions, such as submitting notifications related to security breaches.
All cookies we use are technical cookies that enable the operation of our online service and improve the user experience. In some cases, we may also share information collected through cookies with third parties, as described in this cookie policy and privacy statement.
