Star IT Oy, Business ID: 2410042-8, hereafter ”Star IT”
Tel. +358 9 4257 8220
Purpose of data collection
Star IT collects and processes personal data for business need including:
- Customer service
- Communication with persons connected to business
Personal data is not used for profiling nor for automatic decision making.
Stored and processed personal data
Star IT does not under this policy collect, store or process any sensitive personal data that falls under special categories of personal data as described in Article 9 of EU General Data Protection Regulation (hereafter “GDPR”)
Categories of personal data being processed:
- Contact information
- History of relations and communications between data subject and StarIT
- Date of birth
- Other information provided by data subject, such as profession, education or public sources where more personal information is available.
Regular sources of information
Star IT obtains personal information of data subjects mainly from data subjects themselves via web site forms, email, phone, social media, contracts, meetings and other similar means. Personal data may also be received from third parties if those parties are authorized to transfer data subbjects’ personal data to StarIT
Retention of personal data
Star IT may retain personal data for as long as applicable laws permit or require. However, as a guideline, Star IT removes any personal data deemed no longer needed for business purposes unless prohibited by law.
Regular transfer of personal data and transfer of personal data outside EU or EEA.
Securing personal data
Personal data is handled with care and industry best practice measures are implemented to prevent unauthorized access of personal data. Access rights to personal data are granted only for those who need access and are trained to handle it securely.
Rights of data subjects
Data subjects have right to get personal data stored for review and they have right to have incorrect or incomplete data corrected. Data subjects may also request removal of all personal data (“right to be forgotten”) or request limiting processing of personal data. Any request regarding personal data must be done in writing and StarIT may require proof of identity. Star IT responds to personal data requests within timeframe mandated in GDPR, typically 30 days.