Register and Privacy Statement
This is the register and data protection statement of Kalenterppi Oy in accordance with the EU General Data Protection Regulation (GDPR). Established on 19.5.2024.
We are committed to complying with the GDPR and other data protection policies on our website and services.
We may update the policy to reflect our practices or changed laws or regulations. When there are significant changes to the policy, we will communicate those changes via social media and on our news page.
1. Registrar
Kalenterppi Oy, Klaavuntie 16 d 34, 00910 Helsinki
email tuki@tanssi.io
2. Person responsible for the register
Mikko Ahonen, mikko@kalenterppi.com
3. Names of registers
The user register of the Tanssi.net web service and the marketing register of Kalenterppi Oy.
4. Legal basis and purpose of the processing of personal data
The legal basis for the processing of personal data under the EU General Data Protection Regulation is the customer relationship with the service.
The purpose of processing personal data is to contact customers, marketing and developing the service.
Kalenterppi Oy does not use the data for automated decision-making or profiling.
We use third party services that may collect other information to provide services to our customers and show relevant information. See section 5 for more information.
5. Collected data
The data stored in the user register of the online service are:
-
the name of the person or company
-
contact details (telephone number, e-mail address, address)
-
links to external services (website addresses, Facebook, etc.)
-
data used for error tracing and data required by the authorities (IP address of the network connection, information on logins and activities, in case of errors also additional information such as the browser and version used)
-
information on subscribed services and changes to them
-
billing information
-
other information related to the customer relationship and the services ordered
In addition to the above, the data to be stored in the marketing register include:
-
the company/organisation of the person
-
the position of the person
At Tanssi.net, we use cookies for non-registered users to implement some features, such as map-based views and language choices. Location information is also sent to the server to perform search functions. Location information is not stored. The service can also be used without these features.
The IP addresses of visitors to the website and the cookies necessary for the functioning of the service are processed on the basis of legitimate interests, for example to ensure data security, performance and investigating error situations. We also collect statistical information about visitors to the site that may include data considered to be personal data, such as IP addresses. Third party cookies are subject to separate consent where necessary.
For registered users, a cookie is stored to allow log-ins. In addition, in some situations, such as to speed up searches, some search parameters or search result data may be stored in the customer's browser.
Our website uses Plausible, a privacy-preserving analytics tool. It collects analytics data anonymously. The purpose is to monitor trends in web usage (number of visitors, page load time, etc.). We do not track the actions of individual users through analytics. For analytics purposes, Plausible collects information such as the website from which the service was accessed, pages visited, device information (type of device, operating system, country, browser). You can view the information collected by Plausible here.
We use the Sentry to track errors. In the event of an error, information is stored on the server to help resolve the error. The information includes the email address of the logged-in user, the IP address, the action taken and information about the browser. You can read more about Sentry's security policy here. here.
We send emails using Mailgun. For this purpose, we need to transmit the email content and receiver email address to. In certain circumstances (for example, cancellation of a newsletter), Mailgun may also store information about newsletter consents. You can read the Mailgun security policy here.
The site displays advertisements from third parties such as Google and Adtraction. The third parties may store cookies in your browser to personalise the ads and to track the viewing and effectiveness of the ads. The storage of this information is based on your consent and you can change your consent in the advertising settings. here.
For billing the paid service (adding calendar events, background information etc.), Verkkolaskut.net is used. We store billing-related information for the purpose of creating and sending invoices.
We use Stripe to pay for the end-user service. Stripe stores personal information about users, such as addresses, payment card details, etc., to prevent and track abuse and to allocate taxes. Tanssi.net does not collect or store credit card information. You can read Stripe's privacy policy here.
The service includes map links to Google Maps. Your location data may be transmitted to the service if you have given your consent. You can read the Google Maps policy here.
We display Mapbox maps on the service. Your address or location information may be transmitted to Mapbox if you use these features, such as Route planner. You can read the Mapbox policies here.
To prevent misuse, we use hCaptcha. You can read about the data used by hCaptcha here.
6. Regular data sources
The data stored in the register is obtained from the customer through, for example, messages sent via web forms, e-mail, telephone, social media services, payments made, contracts, customer meetings and other situations where the customer discloses his/her data.
Information about contacts of companies and other organisations may also be collected from public sources such as websites, directory services and other companies.
7. Regular disclosures and transfers of data outside the EU or EEA
There is no regular disclosure of data to other parties. Data may be published to the extent agreed with the customer.
Data may also be transferred by the controller outside the EU or EEA and to the United States of America if this is technically necessary for the implementation of the website. Our main server environment is fly.io, which uses servers located in several countries. We use an environment located in Sweden, but in certain circumstances data may also be stored outside the EU. We also use external technical and business services, such as (CDNs, payment services, email sender, map services) to provide our service. Some of these services may store data in the USA.
The personal data collected by Kalenterppi Oy is not disclosed to third parties. The advertising networks we use (Google AdSense, Adtraction) and other services that may, in addition to the above, collect information that is used, for example, to personalize ads, monitor payments, implement map services or track errors.
8. Principles for the protection of the register
The register is processed with due care and the data processed by the computer systems are adequately protected. Where the data are stored on the Internet servers, the physical and digital security of their hardware shall be adequately ensured. The controller shall ensure that stored data, as well as access rights to servers and other information critical to the security of personal data, are treated confidentially and only by employees whose job description includes this. No confidential data, such as personal identification numbers or credit card numbers, shall be stored in the system.
9. Rights of access and rectification
Any person in the register has the right to check the information recorded in the register and to request the correction of any inaccurate or incomplete information. If a person wishes to check or request the correction of data stored about him or her, the request must be sent in writing to the controller. The controller may, if necessary, ask the applicant to prove his or her identity.
10. Other rights relating to the processing of personal data
A data subject has the right to request the erasure of personal data concerning him or her from the register ("right to be forgotten"). Data subjects also have other rights under the EU General Data Protection Regulation, such as the restriction of the processing of personal data in certain circumstances. Requests should be sent in writing to the controller. The controller may, if necessary, ask the applicant to prove his or her identity. The controller will respond to the customer within the time limits set by the EU GDPR (as a general rule, within one month).
11. Storage of data
We will retain information relating to your account for as long as your account is active in order to provide the service or otherwise fulfil our obligations.
We may also retain information in other ways as set out in this policy, to comply with our legal obligations, to resolve disputes, to enforce contracts and to enforce the legal rights of Kalenterppi Oy.
You may request deletion of your account at any time. Your personal data will be deleted when you delete your account. Information made public, such as calendar events, will be retained.
Last updated: 19.5.2024