Privacy Policy for Clients

1. DATA CONTROLLER

HealthFOX Oy (HealthFOX Oy also operates under the parallel business name HealthFOX Ltd) Business ID: 2634025-7. Hämeenkyläntie 124, 24130 Salo, Finland. info@healthfox.fi, www.healthfox.fi

2. CONTACT PERSON FOR THE DATA FILE

Jarmo Lähteenmäki, Hämeenkyläntie 124, 24130 Salo, Finland. Mobile +358 400 759 870. E-mail: jarmo.lahteenmaki@healthfox.fi

3. NAME OF REGISTRY

HealthFOX Oy client registry

4. PURPOSE AND LEGAL GROUNDS FOR PROCESSING PERSONAL DATA

Personal data recorded in the registry is processed for the purpose of client relationship, client’s consent, client’s commission or other factual connection between the client and HealthFOX Oy or another service provider operating within its premises.

Personal data can be processed for the following purposes: quality assurance, auditing, process development; management, implementation, development and monitoring of client relationship, client service and the relevant communication and marketing.

Analysis, grouping and reporting of client relationship, and other purposes related to improving the overall client experience and HealthFOX Oy’s business operations.

Targeting of communications, marketing and services and management of campaign, contact and transaction history.

Collection and processing of client feedback and satisfaction reports. Conducting market research and opinion surveys.

5. DATA CONTENT OF THE REGISTRY

6. REGULAR INFORMATION SOURCES FOR PERSONAL DATA

Data subject and the legal guardian of an under-aged client

7. REGULAR DISCLOSURE OF PERSONAL DATA

Data subject unless there is a legal impediment.

Based on specific legal provisions, data may be disclosed to public authorities, research facilities and insurance institutions.

8. DISCLOSURE AND TRANSFER OF DATA OUTSIDE THE EU OR ETA AREA

Data recorded in the registry will not be disclosed to any parties outside Finland without a separate agreement.

9. DATA SECURITY

Paper archives are kept in locked filing cabinets under surveillance.

Personal data is stored in the HealthFOX Oy centralized client registry on the basis of written consent of the client.

Data stored in IT systems can only be viewed/accessed by logging in to the client relationship management system. User credentials are private. The top management of the data controller decides on the organisational solutions and grants the users access rights based on the requirements of their duties.

The use of personal data is monitored with access logs.

10. INSPECTION RIGHTS

Client has the right to inspect their personal data once per year free of charge. A written request for inspection must be delivered to the data controller. The right to inspection may only be denied in exceptional cases where providing access to the data could pose serious danger to the client’s health or treatment or another person’s rights. The data will be disclosed to the client in written format. The client’s identity will be verified from a photo ID before disclosing personal data.

11. RIGHT TO DEMAND RECTIFICATION

Client has the right to demand immediate rectification of inaccurate personal data in the registry. The demand must be presented in written format and delivered to the data controller.