Privacy Policy

Crosskey adheres guidelines based on the EU’s General Data Protection Regulation (GDPR).Privacy of the personal, user and customer data on Crosskey premises, systems and services is one of the key aspects to secure data assets processed in Crosskey organization. Crosskey does not use any personal data in any other way than securing the promised service level for customers or fulfilling lawful or legitimate interests. Personal data is not stored longer than required and is not used in marketing.

As a rule,personal data is not handled or transferred outside the European Union or the European Economic Area. If handling or transferring personal data outside the European Union or the European Economic Area is required, it is done addressing applicable legal obligations.

Data Privacy Impact Assessments (DPIA) are conducted annually or when deemed necessary to ensure that all the regulations are taken into account in Crosskey services, systems and products. Crosskey can be contacted using contact details and providing subject for inquiry. For further information see section “Data subject rights” below

‍

Purpose of processing personal data

Crosskey collects information provided by you in the responses, and your name and e-mail address when response is not anonymous. The information is used based on data subject’s consent and Crosskey’s legitimate interests to communicate and to improve our service.

Collected personal data will be used for the purposes specified in this privacy policy. Crosskey will not use your personal data for any additional purpose, such as to profile those who respond, unless Crosskey has informed you about such purpose and,when applicable, has your permission to do so. Furthermore, Crosskey will only keep your personal data as long as necessary in order to achieve the purpose it was collected for or as required in order to comply with any mandatory retention periods under applicable law.

‍

Information sources

Crosskey collects, stores and uses the following categories of personal data that you give us directly or indirectly when responding to an invitation:

• Information about your name and email, if response is not anonymous
• Personal data provided in response form

‍

Information disclosure

Crosskey discloses information collected about you in connection with your response:

• To our service provider Microsoft; https://privacy.microsoft.com/en-gb/privacystatement
  • In order to administer the service for surveys (Microsoft Forms)

Due to the technical solution used to handle the data, some data may be physically located on the servers of external data processors and managed using a technical connection. As a rule personal data is not handled or transferred outside the European Union or the European Economic Area. If handling or transferring personal data outside the European Union or the European Economic Area is required, it is done addressing applicable legal obligations.Except as provided in this privacy policy, we will not provide your information to third parties.

‍

Security of your personal data

Crosskey will take adequate security measures to prevent any accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to your personal information. Personal information provided is stored to secure servers that are protected by technical systems.

‍

‍

Data subject rights

Any person whose details are kept on record has the right pursuant to GDPR to verify the information on file and withdraw given consent at any time. A person whose details are kept on record has the right to restrict processing, require correction, amendment or removal of any personally identifiable information in the register which, taking into account the purpose for which the information is processed, is inaccurate, unnecessary, incomplete or out of date. A personal so has a right to receive a copy of such information that was provided to Crosskey directly by the person (data portability). Should a specific request be denied, the person will be provided with a written statement regarding the matter.

On your right of access or portability request, please mention that the request concerns the registry data in Crosskey website. Requests can be submitted in writing by signed mail, e-mail or contact sheet on home page to the following addresses:


Crosskey Banking Solutions Ab Ltd
EU ID FI 19066720
Data Privacy Officer

privacy@crosskey.fi

https://www.crosskey.fi/contact/
+358 (0) 204 29 022

Elverksgatan 10
22100 Mariehamn
FINLAND

Data subject has the right to lodge a complaint with a supervisory authority, in particular in the Member State of his or her habitual residence, place of work or of an alleged infringement of the GDPR.