Prepared - April 9th, 2019, last amended - November 25th, 2024.
DATA CONTROLLER
Axel Health
Linnoitustie 3
02600 Espoo, Finland
CONTACT PERSON
Sanna Yrjänä
+358 40 7635 313
security@axelhealth.com
This is Axel Health Oy’s register and privacy policy, pursuant the Personal Data Act (Sections 10 and 24) and the EU’s General Data Protection Regulation (GDPR).
The legal basis for data processing pursuant to the EU’s General Data Protection Regulation is the consent granted by the user in conjunction with the use of the contact or support request service.
The purpose of data processing is communications with customers and the maintenance and monitoring of the functioning of the installed Axel systems as well as marketing and development of our products.
Data stored in the register includes the data subject’s
and, in conjunction with a support request form, the selected
The data is stored as long as is necessary for the processing of the matter. Personal data in the register is maintained by adding, updating, and removing information. The data is added to the register received from the person and the data is updated as the person informs of the changes.
The data stored in the register is collected directly from the customer via online forms (contact and support requests).
As a rule, the data is not disclosed to third parties.
Great care is taken in the processing of the register and the data being processed is protected with appropriate information systems. If the register data is stored on internet servers, the physical and digital data protection for the devices is ensured in an appropriate manner. The data controller ensures that the stored data, access rights to the servers, and other information that is critical in terms of data protection are processed as confidential and only by employees whose duties require them to do so.
Data subjects have the right to inspect the register data pertaining to them and request any erroneous data to be rectified, and any missing information to be completed. Requests for inspecting or rectifying data must be submitted in writing to the data controller. The data controller has the right to request the data subject to verify their identity. The data controller responds to data subjects’ request within the time limit specified in the EU’s General Data Protection Regulation (within a month as a rule).
Data subjects have the right to request the deletion of data pertaining to them (‘the right to be forgotten’). In addition, data subjects have all the rights specified in the EU’s General Data Protection Regulation, such as the right to restrict the processing of data in certain circumstances. Requests must be submitted to the data controller in writing. The data controller has the right to request the data subject to verify their identity. The data controller responds to data subjects’ requests within the time limit specified in the EU’s General Data Protection Regulation (within a month as a rule).