CoReorient Oy is a Finnish company developing and providing fair circular and sharing economy services that aim at making the society more sustainable and efficient. Our services are www.coreorient.com, www.liiteri.net, www.piggybaggy.com, www.talkootori.fi, www.töitäsuomesta.fi, www.bettercommons.com and www.townhall24.com.
Registrar, VAT ID and Contact information:
Vanha Talvitie 10 G
Contact in issues related to your personal data:
Why are we processing your data?
We collect and process your personal data in order to develop and provide services, monitor the use of online and physical services, respond to contact requests, newsletter orders and event registrations.
The purpose of the processing can also be research and development work by CoReorient and its partners, business or other planning and development and marketing, including direct marketing, surveys and market research, and tailored customer service.
The processing of personal data is based on customership, contract, the explicit permission of the registered individual, or other legitimate reason such as the legitimate right to collect information on potential customers. We will process your personal data in compliance with data protection regulations and good data management and processing principles.
What are your data used for?
We use your personal data to offer products and services, answer your requests and questions, execute contracts, process orders and fulfill other similar functions. Your data is also used to perform obligations that are based on regulations and official orders and guidelines, such as user identification, risk management, data protection and the prevention and investigation of abuses.
We use your data also for customer communications. For example, we can send you notifications or change notices regarding our products and services. We can use your personal data for the marketing and market research of products and services on your permission or when it is otherwise allowed. We can also use your personal data to target our products and services for you, for example by recommending or showing targeted content in our service. We can combine data collected in the context of one of our products and/or services with data collected in the context of our other products and services and/or data collected by our potential partners.
What data do we collect?
The data we process can be divided into data provided by the user, data observed through the use of our services, and data derived through analytics.
User provided data
User provided or individually identifiable data in online services
- Contact information, such as name, address, phone number, email address
- registration data required by the digital account, such as user identifier, handle, password and potential other personal identifier
- customership data, such as billing and payment information, product and order information, customer feedback and contacts, draw and competition response information, and cancellation information
- user provided profile and preference information
- permissions and approvals
- survey and research responses
- other data collected with user permission
Data collected with a contact request on one of our websites can be, for example, name, the organization you represent and contact information, such as a phone number or an email address.
Data collected in the context of ordering a newsletter can be, for example, email address, name and place of residence.For marketing purposes we can monitor the opening of newsletters and links that they contain, online behavior and IP addresses collected on our websites.
Data collected in the context of event registrations can be, for example, name and contact information, such as phone number or email address. We need this data to contact you, for example, regarding event arrangements.
Data observed through the use of our services
Our services can store identification, authorization, address, update, credit, video surveillance, email marketing, salary, payment and other similar information. We can have subcontractors that provide services and process information. There is a written contract with each of the subcontractors that specifies the processed personal data and its target, purpose and duration. The subcontractors are committed to compliance with the current data protection regulations.
Data derived through analytics
We can utilize machine learning or artificial intelligence to analyze and deduce information from the use of our services and other data provided by you and produce data to develop and provide services, and for research purposes. The processing of data complies with data protection regulations and good data management and processing principles.
How do we process and protect your personal data?
All personal data are protected against unauthorized access and accidental or illegal destruction, modification, delivery or transfer of data or other unauthorized processing. All access to personal data is monitored according to good practices. The servers containing the data are protected against data breaches and denial of service attacks. The data are not transferred outside the European Union or the European Economic Area.
Cookies and other technical monitoring
We use Google remarketing cookies to show targeted banner advertisements to website visitors when they are browsing other websites. With remarketing cookies we can manage settings so that the visitor is not shown too many of our advertisements.
We have embedded YouTube videos on certain pages on our website. YouTube (owned by Google) stores cookies when the visitor clicks the YouTube button in the video player.
You have always the option to deny, manage and remove cookies through the settings of your browser or mobile device.
Data protection and principles on registry protection
We use appropriate technical and organizational data protection methods to protect personal data against unauthorized access, delivery, destruction or other unauthorized processing. The access to the registry is only with specific persons who require the data in their tasks. The data is collected in databases that require a user identifier and a password and, and are protected with a firewall. We use TLS protected HTTPS connection in the transfer of data so that all personal data is protected when in electronic form. If data is stored in a printed form, they are stored in a space protected from outsiders, and are destroyed in data protection compliant manner when the purpose of their use has ended.
The data received through the traffic monitoring by Google Analytics of our website is stored and processed in the Google Analytics service. Login in the Google Analytics account associated with our website requires login credentials that are only in the possession of specific individuals. The data transfer is protected with a TLS protected HTTPS connection.
You can influence the collection and processing of your data in several ways:
- You can check your stored personal data. We will correct, remove or complement on your request data that is erroneous, unnecessary, deficient or obsolete considering the purpose of the processing.
- You can transfer the personal data you have provided yourself and the data processed based on an approval or contract to yourself or another registrar.
- You can deny the delivery and processing of your data for direct marketing purposes by pressing the link at the end of a newsletter (”peruuta tilaus” tai ”unsubscribe”).
- You can oppose the processing with a reason related to your personal situation that is based on a legitimate interest. If your personal data are invalid, you can restrict the processing until we have confirmed their validity.
- You can cancel your approval if the data processing is based on approval. The cancellation of approval does not affect data processing that is required to comply with the law.
To whom do we deliver your data?
We can deliver your data to third parties e.g. in the following cases:
- We can deliver your data in a manner that is based on claims required by authorized public authorities or other entities and is in accordance with the current regulations. We can for example deliver your payment and account data to the tax authority.
- We can deliver your data to partners that support the purposes or functionality of our services.
- We can deliver your data to scientific or historical research.
- We can deliver your data to third parties if it is necessary to execute a contract, investigate potential violations or prepare, present or defend a legal claim.
- We can deliver your data to direct marketing purposes or surveys or market research unless you have declined it. We can deliver your data to other third parties if you have given your approval.
We can use subcontractors and partners in the data processing. We have written contracts with the subcontractors and partners where the target, purpose and duration of the personal data processing as well as the personal data are specified. The subcontractors and partners are following good data processing principles and comply with the requirements of the European Union General Data Protection Regulation.
How long do we store your data?
We store your data as long as necessary to perform the purposes described above, within the current law. Upon termination of the customer relationship the storage duration depends on the data and its purpose of use. We aim at keeping the data in our possession correct and valid by removing unnecessary data and updating obsolete data.
Data stored for marketing purposes is typically stored as long as an approval has not been cancelled. We can store the information on the cancellation of approval and contacts in order to confirm the compliance with the cancellation.
We may be obligated to store some data in order to comply with accounting or other regulations also after the termination of customership or other reason for data processing. After the termination of customership we store data required for preparing research, statistics or studies.
Contact information for the relevant public authority:
Office of the data ombudsman
Address: Ratapihantie 9, 6. krs. 00520 Helsinki
Postal code: PL 800 00521 Helsinki
Telephone: 029 56 66700