Register and privacy policy

in accordance with the EU's General Data Protection Regulation (GDPR), register and
privacy policy.

The report was prepared on 23 May 2018. Updated 18.8.2021.

1. Controller

Risk Control Services Finland Oy, Keilaranta 1, 02150 Espoo.
info@riskcontrolservices.fi

Risk Control Services Finland Oy's auxiliary business names are Conflict Control, RCS Training and Kehokoodi.

2. Name of the register

Risk Control Services Finland Oy customer and marketing register

3. Legal basis and purpose of processing personal data

The purpose of this statement is to inform visitors to the websites of Risk Control Services Finland Oy and its auxiliary business names, as well as users of Risk Control Services Finland Oy's services on the collection, use and storage of personal data.

The legal basis for the processing of personal data in accordance with the EU's General Data Protection Regulation is the management of the customer relationship, the fulfilment of the rights and obligations of the customer and Risk Control Services Finland Oy, and the processing of personal data in accordance with the Personal Data Act for purposes related to online services, risk control services finland oy and/or its
directing the advertising and/or direct marketing of partners on the basis of customer data through the media and services of Risk Control Services Finland Oy without providing personal data to a third party.

Our website may also contain links to other, external sites or resources. This Privacy Policy is not suitable for their use, so we encourage you to read the privacy statements concerning them separately. The link to sites other than those of Risk Control Services Finland Oy or its auxiliary business names does not indicate that Risk Control Services Finland Oy is responsible for or supports the owner of the website in question.

4. Data content of the register

Information stored in the registry may include:
– First and last name
- E-mail address
– Mobile phone number
– Company and position
– Address information

By ordering or using the services of Risk Control Services Finland Oy, you agree that we collect information related to you in accordance with this privacy statement.

Risk Control Services Finland Oy's online coaching and courses service provider is Kajabi LLC. Read more about Kajab's data protection here: https://kajabi.com/policies. Web coaching providers store first name, last name, and e-mail address. Online course purchases take place in an online store where Stripe is the payment intermediary. Read about Stripe's privacy policies here: https://stripe.com/en-fi/privacy.

Account management and newsletters

Anyone has the opportunity to subscribe to risk control services finland oy's and/or its assistance newsletter via the order form samisallinen.fi the website. The name and email address are stored by the newsletter provider Kajabi LLC. You can log off the list at any time. Read more about Kajab's data protection here: https://kajabi.com/policies.

Data retention period

Risk Control Services Finland Oy stores personal data for at least the time required by law or regulations. The retention period for customer data may be longer in order to achieve the normal and legal objectives of the business. For terminated customer relationships, all stored data is reviewed from time to time and unnecessary personal data is deleted.

5. Cookies

Cookies are used on our websites to maintain a user session. Technical cookies do not collect or store the user's personal data. Pages can also be used without cookies, but some features may not be available.

Cookies are used, for example, for measuring and research purposes to determine the use and number of uses of the website. Cookies are also used to target advertising. Cookies can be used to target advertising based on browser behavior, and cookies also allow the system to identify whether a user has seen an advertisement before, so that the same ads are not displayed to the same user all the time.

Advertising targeted by third parties on the basis of cookies

The following entities collect cookie information on our website that is used to target advertising:

• Facebook Inc. Read more about Facebook's privacy policies here: https://www.facebook.com/policy.php
• Google Ads. Learn more about Google's privacy policies here: https://policies.google.com/technologies/ads?hl=en-US

The following entities collect cookie information on our website that is used to develop websites:

• Google Analytics. Learn more about Google's privacy policies here: https://policies.google.com/technologies/ads?hl=en-US

Other data usage, if any

Mandatory data disclosures required by law: At the request of the authorities and the law, it is possible that we are obliged to disclose personal data. The disclosure or processing of data may also be in question if Risk Control Services Finland Oy must defend its rights in civil, corporate or criminal law.

Acquisitions: We may disclose or transfer the data we collect in connection with the sale of the company, the sale of shares, the combination with another company, any other merger or bankruptcy.

6. Regular data sources

The information stored in the customer and marketing register is obtained from the customer information system or through the person's own request.

7. Regular disclosures of data and transfer of data outside the EU or EEA

The controller does not disclose data outside the EU or EEA. The above third parties can transfer data, but they comply with the regulations required by the EU. Learn more about the data protection of those entities for each entity.

8. Principles of registry protection

The register is handled carefully and the data processed in the information systems is properly protected. The security of servers that store registry data is properly ensured.

Stored data, server access rights and other information critical to the security of personal data are treated confidentially. They are only dealt with by the employees whose job description it belongs to.

9. Rights of the data subject

Each person in the register has the right to check their data stored in the register and to demand that any incorrect information be corrected or that incomplete information be completed. If a person wishes to check or request rectification of the data stored about him or her, the request must be sent in writing to the controller.

The person in the register has the right to request the deletion of personal data concerning him or her from the register (the "right to be forgotten"). He also has other rights under the EU's General Data Protection Regulation, such as restricting the processing of personal data in certain situations.

If necessary, the controller may ask the applicant to prove his or her identity. The controller will reply to the customer within the time limit set in the EU's General Data Protection Regulation, as a rule within one month.

10. Amendment of the report

We are constantly developing our services. Risk Control Services Finland Oy reserves the right to amend and/or update this Privacy Policy. We will inform you of any changes in this document, so please check for updates from time to time. Changes always take effect immediately after publication on this page.