Privacy Statement

This document describes how Plan Brother collects and processes your personal data if you are:

  • our active customer; or
  • potential customer (prospect); or
  • you use our web-based services (user)

 

 

1. Administrator and contact details

Plan Brothers Ltd. (Business ID 1942073-4 Finnish Trade Register)

Annankatu 27 A, 00100 Helsinki, FINLAND

Tel: +358 20 131 0611

e-mail: arttu.vesterinen@planbrothers.io

2. Purpose of processing

Active Customers

  • maintenance and development of customer relations
  • marketing of Plan Brothers’ services
  • development of the Plan Brothers’ business and customer service related to this
  • taking into consideration customers’ wishes, developing customer service and targeting offered services
  • invoicing you, processing your payments and managing the billing

Prospects

  • marketing of Plan Brothers’ services

Users

  • providing, maintaining and improving our products and services
  • controlling unauthorized use or abuse of the Services and our other products and services, or otherwise detecting, investigating or preventing activities that may violate our policies or be illegal
  • analyzing trends, administering or optimizing the Services, monitoring usage or traffic patterns (including to track users’ movements around the Services) and gathering demographic information about our user base as a whole
  • tracking the performance of the services and investigating the issues and problems

3. Information content

Active customers

  • basic customer information, such as:
    • first and last name
    • contact information (such as email, address, phone number)
    • password (stored encrypted)
    • user permissions
    • user preferences (such as language)
  • Payment information such as your credit card information, billing and mailing address, and other payment-related information
  • Technical, Usage and Location Information such as IP address from which you access the Services, date and time, information about your browser, operating system and computer or device, pages viewed and items clicked
  • the customer’s consent regarding email, SMS and other automated systems used in direct marketing

Prospects

  • basic customer information, such as:
    • first and last name
    • contact information (such as email, address, phone number)
  • Information when you interact with our advertisements and other content on third-party sites

Users

  • basic customer information, such as:
    • first and last name
    • Username
    • contact information (such as email, address, phone number)
    • password (stored encrypted)
    • user permissions
    • user preferences (such as language)
  • Technical, Usage and Location Information such as IP address from which you access the Services, date and time, information about your browser, operating system and computer or device, pages viewed and items clicked

4. Source of personal data

Customers

Information regarding the customer is received with their consent from the customer themselves.

Prospects

Personal data can be collected, stored, and updated from public sources.

Users

We may automatically collect information from our users that in certain circumstances may constitute personal data. For more information on automatically collected data, please see our Cookie Policy.

5. Lawfulness of processing

Active customers

  • Consent and performance of contract
  • Legitimate interest of Plan Brothers

Prospects

  • Legitimate interest of Plan Brothers
    • Contacting for marketing purposes

Users

  • Consent and performance of contract
  • Legitimate interest of Plan Brothers
    • IT Security

6. Categories and recipients

Data is available to employees of Plan Brothers who need to access the data while performing their duties in accordance with this privacy policy.

Information will not be disclosed outside the company. However, we use certain technical sub-processors of personal data that are listed in www.planbrothers.io/subprocessors. We have ensured that all of our service providers comply with the privacy and data protections laws and regulations.

7. Transfer of data to third countires

Plan Brothers uses certain technical sub-processors of personal data, some of which are located outside the EU. Our sub-processors  are listed at www.planbrothers.io/subprocessors. Such transfers are based on Article 45 of the Data Protection Regulation (Privacy Shield Framework) and all sub-processors are located within the US and are part of the privacy shield framework.

Please visit https://www.privacyshield.gov/ for more information on the  Privacy Shield framework.

8. Period for which the data will be stored

Active customers

  • Personal data is processed as long as the Service agreement between the parties is valid. Upon expiration or termination of the agreement, personal data will be passively stored for 180 days as stipulated in section 6.3 of the terms of service, after which Plan Brothers has the responsibility to permanently delete all personal data.
  • If you are no longer our customer and you have prohibited us from contacting you, we store that information in our Marketing Register.

Prospects

  • We remove any unnecessary personal data from our Customer and Marketing Register every six (6) months.
  • From our email-marketing list, you are able to opt-out via the opt-out link found in the email.

Users

  • As long as the user is registered in the service.
  • Some logs that contain personally identifiable information such as server access logs are retained for two years to allow delayed forensic analysis.

9. Rights of the data subject

The data subject rights of Customer:

  • request access from Plan Brothers to data subject’s personal data;
  • request rectification of data subject’s personal data;
  • where processing is based on consent, withdraw the consent for the processing of the personal data;
  • request erasure of personal data, unless we have legitimate interest or other basis to store your data;
  • require Plan Brothers to restrict the processing of data in the cases referred to in Article 18 of the Data Protection Regulation;
  • object to the processing of data subject’s personal data
  • lodge a complaint with the supervisory authority stated at section 9.

Disclosure to the person requesting it always requires that the identity of the requester can be reliably verified.

10. Supervisory authority

Tietosuojavaltuutetun toimisto

Address: Ratapihantie 9, 6. krs, 00520 Helsinki

Postal address: PL 800, 00521 Helsinki

Switchboard: 029 56 66700

Fax: 029 56 66735

e-mail: tietosuoja(at)om.fi

11. Cookies

We use cookies and similar technologies to collect information. For more information, please see Our Cookie Policy.