Portus Ltd, a company incorporated in Finland (Business Identity Code 2429982-8) whose registered ad-dress is at Energiakuja 3, FI-00180 Helsinki (including its affiliates ”Portus”), respects the personal data and privacy of all individuals (“Users”). Users use the qardian® service and its offerings (“Service”) on behalf of their organization, i.e. the customer of Portus (“Customer”). In all our business, we comply with the Finnish Data Protection Act (523/1999, as amended) and other mandatory provisions and rulings relating to per-sonal data and privacy.
The purpose of the Service is to allow timeous and accurate communication of security alerts and infor-mation to individuals travelling around the world as well as to their respective organizations.
The Service is highly dependent on the information and personal data uploaded to the Service by the Us-ers/Customers (“Service Data”). The Service Data may in particular include identification and contact de-tails, information about Users (for Customers), information about organization (for Users), emergency con-tacts, health information, user experience, messages of the User/Customer in question, as well as the geo-graphical location data of individual Users. Use of the Service by an individual User requires acceptance of the User Terms of the Service, and, by the Customer, acceptance of the General Terms of the Service.
For the purposes of providing the Service, Portus, and its subcontractors acting under the responsibility of Portus, may store, process or disclose the Service Data on a global basis to third parties, such as security information service providers or authorities. In particular, Service Data may be disclosed third parties in order to use that data in case of an emergency and thereby provide the best possible help to the User in question.
Due to the nature of the Service, Portus cannot and does not monitor the accuracy of Service Data and the processing of Service Data may take place in accordance with the policies followed by the respective third parties. Customary information security regarding the Service is provided by Portus or its subcontractors, but the use of the Service takes place solely at the risk of each individual User/Customer. For this purpose, each User/Customer decides the nature and scope of the Service Data, and assumes full responsibility for the accuracy of the respective Service Data as well as of the fact that he/she has the necessary consents and permissions to upload such Service Data, in accordance with the User Terms and General Terms of the Service.
In addition to the Service Data, Portus stores, collects and processes certain information and personal data of Users/Customers – such as identification and contact details, information about Users (for Customers), information about organization (for Users), User names, passwords and information produced by the User – in connection with and for the purposes of the Service (“User Information”). In respect of the User Infor-mation, we are the data controller for the purposes of the Finnish Data Protection Act (523/1999, as amended) and the respective data file description, as required by the Finnish Data Protection Act, is found below:
DATA FILE DESCRIPTION
This document also constitutes a File Description for the purposes of Sections 10 and 24 of the Finnish Per-sonal Data Act (523/1999; as amended).
1. The Controller
Portus Ltd (Business Identity Code 2429982-8)
FI-00180 Helsinki, Finland
2. Contact Details regarding Privacy
3. Name of the Data File
The user and customer register of the Service (“Data File”)
4. Purpose of Processing Personal Data
User Information is used only to the extent necessary in order to enable the normal operation, customer communication and general maintenance and development of the Service. In addition, the contents of the Data File may be used to marketing and to general communication between Portus and the User/Customer. The marketing functions play minor role in the Service and the User/Customer can prohibit marketing at any time by sending an email to the address mentioned above.
The Service is governed by the User Terms of the Service, which every new User shall accept upon register-ing to the Service, and by the General Terms of the Service, which every new Customer shall accept before being granted an access to the Service.
5. Data Content
For Users, the Data File contains the basic information of each user account, i.e. the name of the user, lan-guage, nationality, platform information, contact information (email, street address, phone number), the password of the account and the user name. Moreover, the necessary information to customer service, such as feedback, communication history and possible direct marketing bans may be stored in the Data File.
For Customers, the Data File contains the basic information of each customer account, i.e. the name of the customer, nationality, platform information, contact information (email, street address, and phone num-ber), the password of the account and the user name, as well as basic information about Users linked to the Customer, i.e. the names of the Users and their contact information. Moreover, the necessary information to customer service, such as feedback, communication history and possible direct marketing bans may be stored in the data file.
The personal data of the Users is stored for a period that is necessary for the maintenance of the Service and the customer relationship. Use of the Service is not possible without certain information, such as user name and password. Portus, however, removes the personal data upon request. All requests of prohibition and deleting the personal data should be sent to the email address mentioned above.
6. Regular Sources of Information
7. Data Disclosure
8. Protection of the Data File
The Data File is protected by technical and physical safeguards. The databases are protected against securi-ty breaches by firewalls, passwords and by other technical means. In addition, the databases and their backups are located in locked facilities. Only certain named employees of Portus, or employees of its sub-contractors who process the data on behalf and for the benefit of Portus, have access to the Data File. The Data File can be accessed only via individual user rights granted specifically for this purpose.
9. Review, Prohibition and Rectification Right
In accordance with the Finnish Personal Data Act, each User/Customer has the right to access his/her data file in order to review the information concerning him/her recorded in the Data File. Moreover, the Us-er/Customer as data subject has the right to prohibit Portus from disclosing or processing his/her personal data, and request for rectification of any erroneous data. In most occasions, the contents of the Data File may be accessed, reviewed and updated by each User/Customer by accessing their account in the Service. However, you may also address requests meant in this chapter by sending an email to the address men-tioned above.
10. Other Rights of the User Regarding the Processing of Personal Data
In addition to the above, the User/Customer has the right to prohibit Portus from processing his/her per-sonal data for purposes of direct advertising, distance selling, other direct marketing, market research and opinion polls. The request for a prohibition should be sent to the email address mentioned above.