Login
Register
Login
Register
Invosy_Logotype-1 FIN

Privacy Policy

1. Data Controller

Invosy Finland Oy

Business ID: 3413106-8

Salomonkatu 17 B
00100 Helsinki
Finland

Email: invosy@asiakaspalvelu.com

2. Person Responsible for Data Protection Matters

Weckström Jörgen Nils-Erik

Email: invosy@asiakaspalvelu.com

3. Name of the Register

Invosy Customer and User Register

4. Data Subjects

– Business owners and employees using the Invosy software

– Visitors of the website

– Recipients of newsletters and marketing communications

– Partners and service providers

5. Purpose of Processing Personal Data

Personal data is used for:

– Providing software services and managing user accounts

– Customer service and communication

– Billing and contract management

– Marketing communication and newsletters (with consent)

– Website analytics and service development

Processing is based on:

– Contracts and customer relationships

– Legal obligations (e.g., Accounting Act)

– Consent of the data subject (e.g., marketing)

6. Contents of the Register

The register may contain the following information:

– Contact details: name, email address, phone number, company, title

– Login information (email and password hash)

– Billing information: invoices, payments and contracts

– Interaction data: support requests, customer communication and usage logs

– Analytics data: IP address, browser, device and website behavior

Data subjects may request correction or deletion of their personal data unless legislation requires otherwise.

7. Regular Disclosure of Data

Data may be disclosed to:

– Authorities (e.g., Finnish Tax Administration)

– IT and hosting service providers

– Payment and accounting service providers

– Email and analytics platforms (e.g., newsletter and analytics tools)

Personal data is not sold or disclosed to third parties for marketing purposes without the consent of the data subject.

8. Transfer of Data Outside the EU/EEA

Data is primarily stored within the EU/EEA.

If data is transferred outside the EU/EEA, appropriate safeguards approved by the EU, such as Standard Contractual Clauses, are used.

9. Principles of Register Protection

Data security is ensured through:

– Firewalls and encryption

– Secure authentication

– Access control (only authorized employees have access to data)

– Regular system updates and security audits

10. Data Retention and Deletion

– Accounting data: 6 years (Accounting Act)

– Customer data: 2 years after the end of the customer relationship

– Analytics data: according to cookie and tool-specific retention periods

Data is deleted or anonymized when it is no longer needed for the purpose for which it was collected.

11. Rights of the Data Subject

The data subject has the right to:

– Know whether their personal data is being processed

– Access and correct their personal data

– Request deletion of their data if there is no legal basis for processing

– Request deletion of their data if there is no legal basis for processing

– Withdraw consent (e.g., marketing communications)

– File a complaint with the data protection authority

Requests will be processed within 30 days.