1. Data controller
Third Rock Finland Oy (2758301-5)
Eteläinen Makasiinikatu 4
00130 Helsinki
2. Person responsible for the register data
Leo Stranius
3. Name of the register
Third Rock’s marketing register
4. Grounds for and purposes of processing personal data
The processing of personal data is based on Third Rock’s legitimate interest. The purpose of processing personal data is to communicate about Third Rock’s activities. The register will be sampled for Third Rock’s email and telephone marketing activities.
5. Data content of the register
– Name
– E-mail address
– Telephone number
– Organisation and position
– Address details of the organisation
6. Regular data sources
Personal data may be collected and updated from publicly available public sources. It may also be obtained from the data subject themselves, for example, when subscribing to Third Rock’s newsletter or registering for events.
7. Principles for the protection and onward transfer of register data
Access to the data is restricted to those persons employed by Third Rock and its subcontractors whose job duties require them to process the data. Data is protected in an appropriate way: computers and systems are protected by technological solutions. Data is not passed on to third parties.
8. Transfer of data outside the European Union or the European Economic Area
We use the MailChimp service to send our newsletters and data within MailChimp may be transferred outside the EU or EEA. For more information on MailChimp’s privacy policy, see mailchimp.com/legal.
Personal data is protected by MailChimp as required by the Personal Data Act and the GDPR.
You can edit your data at any time via the link at the end of the newsletter you receive by email or unsubscribe from the newsletter via the link at the end of the newsletter.
Personal data will not be transferred outside the EU and the European Economic Area (except for the MailChimp service mentioned above).
9. Rights of the data subject
The data subject has the right, in accordance with the applicable data protection legislation, at any time:
– to be informed of the processing of their personal data;
– the right to know what data relating to him/her are recorded in the register;
– to obtain the rectification of inaccurate or incorrect personal data and the completion of the data;
– request the erasure of their personal data.
The data subject must submit a request to exercise the above rights by e-mail or in writing to the company’s head office. The controller may refuse to execute the request on the grounds provided for by the applicable law.
10. Data retention period
The personal data contained in the register will be kept for as long as necessary to fulfil the purpose for which they were collected in accordance with this Privacy Policy.
11. Deletion of data
Data in the register may be deleted at the request of the individual. The request may be made to the e-mail address below or in writing to the company’s head office. If you wish to be removed from our marketing register, please send your request to: [email protected]
12. Changes to this policy
Third Rock may make changes to this Privacy Policy and related information. Third Rock recommends that data subjects review this Privacy Policy periodically to be aware of any changes that may be made to it.
This Privacy Policy was last updated on September 1, 2021.