- Regular sources of data
- Cloudia as a controller
- Data protection and the storage of data
- Cloudia as a processor of personal data
- Subcontractors and the disclosure of personal data
- Controller of the customer register and contact requests
Cloudia operates according to the strictest information security and data protection standards. We know our customers’ quality requirements, which is why we also take our own operations, the quality assurance of our own services and privacy protection seriously. We have been granted with the information security management system certification (ISO 27001), quality management system certification (ISO 9001) and environmental management system certification (ISO 14001). In addition, Cloudia’s services have been granted the Government Information Security Management Board’s VAHTI2-level information security.
From the beginning of our operations, we have paid attention to the reliable and safe processing of our customers’ personal data. Our clients include Parliament of Finland, Bank of Finland, The Finnish Defence Forces and various ministries, so our information security must be on the highest level possible.
The systems we use are fully reliable, and in all our operations, we also comply with the legislation, regulations and stipulations of all our market regions. Our operations and services comply with the requirements of the EU General Data Protection Regulation (GDPR). Read more here
Privacy-related decisions at Cloudia are made on the management level together with the data protection officer and a lawyer.
The personal data that Cloudia Ltd collects from customers or potential customers may include the following: name, mailing address, email address, telephone number, date of birth, fax number, nationality, contact language, task and position in the company, data related to customership and contractual relationship such as order and purchase data in different channels or ordered services, data necessary for invoicing and collection, profiling data provided by the customer as well as other data that is necessary to maintain the service.
Regular sources of data
Cloudia processes personal data of job-seekers, customers, software users, contact persons and potential new customers who contact us or leave us their contact details through Cloudia’s websites and portals or other channels.
Customers provide the collected data as they register. Cloudia Ltd can also collect data from public official registers (for example, the Finnish Patent and Registration Office’s Business Information System YTJ) and other publicly available data sources.
Cloudia as a controller
Name of the register: Cloudia Ltd’s customer register
Cloudia is the controller when it defines the purpose of use of your personal data and the used methods. Cloudia is the controller also when it collects personal data of you as a job-seeker, customer or representant of a potential customer or a software user.
The purpose of processing personal data
Information on users registered as Cloudia Ltd’s customers or potential future customers is stored in Cloudia Ltd’s customer register. The information is also used to take care of and maintain the customer relationship, for marketing purposes and to develop Cloudia Ltd’s business operations and the customer relationship.
The grounds for processing personal data is an agreement between the parties and legitimate interest based on managing the customer relationship between the parties.
Cloudia Ltd may also use your personal data in other ways if the customer gives separate consent to this. Cloudia Ltd can combine the provided information with information collected by Cloudia from other sources.
Your right to withdraw consent to marketing communication
You have the right to withdraw your consent and stop receiving marketing communication from Cloudia. You can do this in the following ways:
- In a marketing email you have received, click the link “unsubscribe”
- Contact us by email at: email@example.com
Please note that as a user of Cloudia’s services, if you withdraw your consent to receive marketing communications, you may still receive administrative communication from Cloudia, such as order confirmations, information on product updates etc. and notifications related to the administration of your account or services offered to customers.
Right of access
Other rights related to the processing of personal data
The customer has the right to request to have their personal data erased from the register as well as to have it transferred to another company. The customer has the right to restrict the processing of personal data and to object the processing of personal data.
Cloudia Ltd emphasizes that providing information and allowing its processing may be a prerequisite of the introduction or use of the service. Cloudia Ltd has the right to interrupt offering the services or prevent access to the services if the customer does not provide information that is relevant to the service or demands that it is erased.
We kindly ask you to send any requests related to the above-mentioned actions to firstname.lastname@example.org.
The customer has the right to lodge a complaint with a supervisory authority if they consider that the processing of their data infringes the data protection legislation.
Data protection and the storage of data
We at Cloudia ensure the confidentiality and integrity of the personal data we process as well as the availability of the data according to data protection legislation.
- The company has appointed a data protection officer. We also work in close cooperation with a law firm on matters related to data protection.
- Each employee completes a data protection training as they start working for us.
- Access to customers’ personal data is provided only for those employees who have the need to process personal data according to obligations in the legislation or service agreements.
- Personal data is stored in Cloudia Ltd’s server environment appropriately protected and secured.
- Cloudia Ltd’s technical, administrative and physical processes have been designed to protect personal data from personal data breaches.
- Cloudia Ltd protects personal data appropriately in its own systems, but the customer is responsible for ensuring that their own computer system, network connection and other processes are information secure.
- Access to Cloudia’s premises is monitored with access control and video monitoring systems.
For how long do we store your personal data?
Cloudia Ltd stores personal data only for as long as the data can be considered necessary for the purposes of use described in this policy, unless it is legally required or allowed to store the data for longer than this.
Cloudia as a processor of personal data
Cloudia offers various services to its customers. Most of our services include processing of our customers’ data, and later on, this data will be referred to as personal data. Our customers define the purposes of use instead of Cloudia, which makes the customer the controller. In this case, Cloudia is the processor of personal data and processes the data on behalf of the customer and according to the instructions provided by the customer. Operations of the customer acting as the controller and Cloudia acting as the processor are governed by a data processing agreement.
Obligations of the customer and Cloudia
When the customer acts as the controller, they will ensure the legal grounds of the processing of personal data according to applicable data protection laws. The customer also assesses and defines the risks caused to data subjects by the processing of personal data. In addition, as the controller, the customer must comply with the communication obligation related to data subjects.
Cloudia is included as a natural part of the customer’s obligations as the controller, as Cloudia’s services are part of the processing of personal data, and as the controller, the customer must ensure that the processing of personal data corresponds to applicable data protection laws. For this reason, Cloudia must comply with the data protection laws applied to processors of personal data when it processes personal data on behalf of its customers.
In short, the customer and Cloudia commit to cooperation to ensure the privacy of the data subjects. Cloudia presents the customer with the necessary data in accordance with applicable data protection laws.
Subcontractors and the disclosure of personal data
Cloudia Ltd does not disclose data to third parties subject to the terms and conditions of this policy.
Cloudia Ltd has the right to disclose personal data to Cloudia Ltd’s partners taking part in service production in order to provide the service. Cloudia Ltd can also disclose information in anonymous form for research purposes.
Cloudia Ltd is additionally entitled to use or disclose information if this is necessary to comply with a law or regulation or due to another legal request.
Cloudia Ltd does not transfer data outside the EU or EEA.
When using subcontractors, Cloudia signs a Data Processing Agreement (DPA) with them to protect your privacy-related rights and to comply with its obligations in relation to its customers.
Controller of the customer register and contact requests
Business ID: 1088146-2
Länsikatu 15, FI-80110 Joensuu, Finland
Tel: +358 (0)20 766 1077
Data protection officer:
Tel: +358 (0)40 679 2378
Address: Länsikatu 15, FI-80110 Joensuu, Finland
Your requests and complaints are handled confidentially. Our representant will contact you and let you know how we can solve the matter. Our aim is to process complaints promptly and appropriately.
We track the use of our website with cookies. Below, you will find some additional information on cookies. If you do not accept these terms, please, do not use our website.
What are cookies?
In this policy, “cookies” refer to cookies or related techniques referred to in the EU directive on the protection of privacy in the electronic communications sector.
Cookies are small text files that are stored on your computer, smartphone or other terminal device as you visit our website. With the help of cookies, we can identify your computer/IP address and gather data on the sites you visited and the functions you used.
With the help of cookies, we can, among other things, identify your device as you return to the website, remember your preferences and selections, improve your user experience and adapt the ads on our sites and potential other services.
Cookies help us calculate the total number of visitors to our website and track the use of our service and website. This helps us improve our service.
Our website uses Google’s cookies. The data collected by these cookies is transferred and stored on Google’s servers, some of which may be located outside the EU, in which case local data protection legislation will be applied to this data.
How do I remove cookies?