Othalafehu

A blog about the formation of the law, the Scandinavian legal system

Privacy Policy

This application collects certain personal data from its users.

Types of data collected
Among the types of Personal Data that this Application collects on its own behalf or through third parties are the following: Cookie, Usage Data, phone number, first name, last name, company name, address, state, email address, city and website.

Full details of each type of Personal Data collected can be found in the relevant sections of this privacy policy or in the specific explanatory texts displayed prior to Data collection.

Personal Data may be freely provided by the User or, in the case of usage data, automatically collected when using this Application.

Unless otherwise indicated, all Data requested by this Application are mandatory and failure to provide them may make it impossible to provide the services of this Application. In the cases where this Application specifically states that some Data are not mandatory, Users may not provide this Data without affecting the availability or functioning of the Service.

Users who are not sure which Personal Data are mandatory can contact the Owner.
The possible use of Cookies – or other tracking tools – by this Application or by the owners of third party services used by this Application is for the purpose of providing the Service requested by the User, in addition to any other purpose described in this document and in the Cookie Policy, if any.

Users are responsible for any Third Party Personal Data received, published or provided through this Application and confirm that they have the consent of the third party to provide such Data to the Owner.

Method and place of data processing
PROCESSING METHODS
The Owner takes appropriate security measures to prevent unauthorized access, disclosure, alteration or destruction of the Data.
The processing of the Data will take place by means of computer and/or telematic tools in compliance with procedures and organizational regimes strictly adequate to the purposes indicated. In addition to the Data Controller, in some cases, some managers involved in the operation of this Application (administration, commercial, marketing, legal office, system administration) or external parties (such as third party technical service providers, postal couriers, hosting providers, IT companies, communication agencies) appointed, if necessary, by the Data Controller as Data Processors may have access to the Data. An updated list of these parties can be requested from the Owner at any time.

LEGAL BASIS FOR PROCESSING
The Owner may process Personal Data relating to Users if one of the following conditions applies:

  • Users have given their consent for one or more specific purposes. Note: Under some legislation, the Controller may be permitted to process Personal Data until the User objects to such processing (“opt-out”), without having to rely on consent or any of the following legal bases. This does not apply, however, when the processing of Personal Data is subject to European data protection legislation;
  • the provision of the Data is necessary for the performance of the agreement with the User and/or any pre-contractual obligations arising therefrom;
  • the processing is necessary for the performance of a legal obligation to which the Data Controller is subject;
  • the processing is connected to a task that is carried out in the public interest or in the exercise of official powers conferred on the Controller;
  • the processing is necessary for the purposes of a legitimate interest pursued by the Controller or a third party.

In any case, the Controller will be happy to help explain the specific legal basis that applies to the processing and, in particular, whether the provision of personal data is a legal or contractual requirement, or a requirement necessary for the conclusion of a contract.

LOCATION

The processing of the Data will take place at the Controller’s operating sites and at any other location where the parties involved in the processing are located.

Depending on the location of the User, the transfer of the Data may involve the transfer of the User’s Data to a country other than the User’s country. To learn more about the processing location of such transferred Data, Users may refer to the section containing detailed information on the processing of Personal Data.

Users also have the right to know the legal basis for the transfer of Data to a country outside the European Union or to any international organization under public international law or established by two or more countries, such as the United Nations, as well as the security measures taken by the Data Controller to protect their Data.

If such a transfer takes place, Users can learn more by reading the relevant sections of this document, or request information from the Data Controller using the information provided in the contact section.

RETENTION PERIOD
Personal Data is processed and stored for as long as necessary in accordance with the purpose for which it was collected.

Thus:

Personal data collected for purposes related to the performance of a contract between the Controller and the User will be retained until such contract is fully performed.

The Controller may be authorized to retain Personal Data for a longer period of time if the User has consented to such processing, provided that such consent has not been revoked. In addition, the Controller may be required to retain Personal Data for a longer period of time if this is necessary to comply with a legal obligation or by order of the authorities.

Upon expiration of the retention period, the personal data will be deleted. Therefore, the right of access, the right to erasure, the right to rectification and the right to data portability cannot be exercised after the expiration of the retention period.