Privacy Notice

Privacy Notice for Websites and Cookies

QuantrolOx Oy respects your privacy and is committed to protecting your personal data. This Website and Cookie Privacy Notice (“Privacy Notice”) will inform you as to how we process your personal data on our website and through cookies set either on our website or on our services.

The Privacy Notice does not address, and we are not responsible for, the privacy practices of any third parties. QuantrolOx disclaims all responsibility for the processing carried out by third parties, also in cases where our services include hyperlinks or other links to third-party websites or services. Privacy and security are important for us, and we process all personal data with due care and in accordance with applicable laws and regulations.

This privacy notice is provided in a layered format. You can click through to the specific areas set out below.

    1. WHO IS DATA CONTROLLER?
    2. WHAT ARE COOKIES?
    3. WHAT COOKIES DO WE USE AND WHAT INFORMATION DO THE COOKIES WE USE COLLECT?
    4. WHICH THIRD PARTIES DO WE USE?
    5. INFORMATION WE COLLECT AND HOW WE COLLECT IT
    6. THE PURPOSES AND THE LEGAL BASIS
    7. SHARING OF INFORMATION COLLECTED
    8. WHERE DO WE STORE YOUR PERSONAL DATA?
    9. DATA RETENTION
    10. HOW TO EXERCISE YOUR DATA PROTECTION RIGHTS?
    11. CHANGES TO THIS PRIVACY NOTICE

      1. Who is data controller?

      The data controller for the processing described in this notice is:

        • QuantrolOx Finland Oy, Keilaranta 16, 02150 Espoo, Finland (‘QuantrolOx’ ‘we’)

      If you have questions regarding this privacy notice, please contact us by emailing privacy@quantrolox.com.

      2. What are Cookies?

      Cookies are small text files stored on your terminal equipment, such as a computers, tablets, or smartphones, when you browse websites. Cookies contain character strings that enable functions to be performed and contain information on how you have interacted with websites. The purpose of cookies is not to harm your device, nor do they read other information from your equipment’s hard drive or spread viruses. Data can be stored in cookies while you use online services or visit websites, and in between visits.

      Cookies and similar technologies provide various functionalities common to modern websites. Cookies are used widely in both public-sector and commercial websites. They are a key component of safe, efficient, and user-friendly functioning of services based on electronic communication.

      Cookies have different functionalities, and these functionalities also determine whether they are regarded as necessary or non-necessary (voluntary) cookies. Necessary cookies are cookies that are necessary for our website or services to function. These cookies are automatically activated and do not require your consent. Other cookies are not necessary for the website or service to function and require your consent to be activated.

      You can also choose to give your consent only to some voluntary cookies or to withdraw all or some of your consents.

      3. What Cookies do we use?

      There are no targeted cookies on the site.

       

      4. Which third parties do we use?

      When you use our website, third-party cookies, which we do not control, may be stored in your browser. Such cookies may be stored when the website you are visiting uses third-party analytics or marketing automation or embeds content displayed on the website through a third-party website. Consult the privacy and cookie statements of such third parties to find out how these third parties use cookies.

      Name Vendor Purpose Domain Expiry
      YSC Google YouTube sets this cookie to track the views of embedded videos on Youtube pages youtube.com End of each session
      VISITOR_INFO1_LIVE  Google YouTube sets this cookie to measure bandwidth, determining whether the user gets the new or old player interface youtube.com  5 months
       VISITOR_PRIVACY_METADATA Google No description youtube.com 5 month
      CONSENT Google YouTube sets this cookie via embedded YouTube videos and registers anonymous statistical data Youtube.com 2 years
      yt-remote-device-id Google YouTube sets this cookie to store the user’s video preferences using embedded YouTube videos Youtube.com Never
      yt.innertube::requests Google Youtube sets this cookie to register a unique ID to store data on what videos from YouTube the user has seen Youtube.com Never
      yt-remote-connected-devices Google YouTube sets this cookie to store the user’s video preferences using embedded YouTube videos Youtube.com Never
      yt.innertube::nextid Google YouTube sets this cookie to register a unique ID to store data on what videos from YouTube the user has seen Youtube.com Never
      PHPSESSID Formlets This cookie is native to PHP applications. It stores and identifies a user’s unique session ID to manage user sessions on the website. The cookie is a session cookie and will be deleted when all browser windows are closed Formlets.com End of each session

      You can read more about the cookies set by third parties and their privacy policies at their own websites.

      Vendor Privacy notice
      Google https://policies.google.com/technologies/cookies?hl=en-US
      Formlets https://formlets.com/privacy/#Cookies

       

      5. Information we collect and how we collect it

      In the following, we will tell you which types of personal data we may collect about you and how we collect it. In section 6, we have in a table explained the purposes for which we process your personal data and the lawful bases we rely on.

      We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:

      A. Identity Data includes your surname and last name, and photograph
      B. Contact Data includes your email or other online contact information, telephone number and address.
      C. Consent data includes data on consents you have given for cookies or electronic marketing when you sign-up for our email list.
      D. Technical Data includes User’s IP address, browser type and version, preferred language, geographical location using IP address, operating system and computer platform, the full Uniform Resource Locator (URL) clickstream to, though, and from our Services, including date and time; and areas of our services you have visited. Technical data also includes data on necessary cookies, which are expected by you, such as remembering preferences.
      E. Cookie data includes data on non-necessary cookies. We need your consent for processing these cookies. Please see more specific descriptions of the cookies we use in section 3.

      The identity (A), contact (B), and consent (C) data is provided directly by you through the website. The technical (D) and cookies (E) data is collected directly from your use of our website and interaction within it.

       

      6. The purposes and the lawful basis

      We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

      Where you have given your consent cf. GDPR Article 6 (1) (a).

      To take steps prior to enter into a contract at your request or to perform a contract with you cf. Article 6(1)(b) GDPR.

      Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests cf. GDPR Article 6 (1) (f).

      We have set out below, a description of all the ways we plan to use your personal data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate.

      Purpose/Activity Type of data Lawful basis for processing including basis of legitimate interest

      To operate our website including keeping our site safe and secure and offering you information on our services as well as to offer you the possibility to:

      ·       contact us and give feedback

      		 (D) Technical We have a legitimate interest to maintain our website and use necessary cookies to provide you the experience you explicitly request.

      For performance of a contract with you

      We may process your personal data to carry out our obligations arising from any contracts entered into between you and us and to provide you with the information, products and services that you request from us

      (A) Identity

      (B) Contact

       

      		 Processing is necessary for the performance of a contract with you.

      For quality improvement and trend analysis

      We may process your personal data to improve our site to ensure that content is presented in the most effective manner for you and for your computer

      (D) Technical

      (E) Cookie

       

      		 With your consent.

      For statistical and analytical purposes

      We may gather Technical and Cookie Data and anonymous and aggregate data to generate reports and statistics. We may use statistics and reports for sales and marketing purposes.

      (D) Technical

      (E) Cookie

       

      		 With your consent.

      Direct marketing

      We process personal data for the purposes of direct marketing, such as sending of newsletters or similar marketing material. Users can unsubscribe from receiving such material at any time.

      (A) Identity

      (B) Contact

      (C) Consent

      		 Your consent for receiving direct marketing.

      Direct marketing

      We may provide you with information about other goods and services we offer that are similar to those that you have already purchased. We may also provide our customer companies with other information about the goods and services we offer.

      (A) Identity

      (B) Contact

       

      		 We have a legitimate interest to offer our products to you.

      7. Sharing of information collected

      We may share your personal data with any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries for the specified purposes described in section 6. We base this processing on our legitimate interest to transmit personal data within the QuantrolOx group for internal administrative purposes, such as for the purposes of using centralized IT systems and alignment of business operations and strategies.

      We do not disclose personal data with third parties outside of QuantrolOx’s organization unless one of the following circumstances applies:

        • when required by law we may disclose your personal data to public authorities such as tax authorities, and law enforcement authorities
        • we may assign your personal data, to any person or entity that acquires all or substantially all our business, stock or assets, or with whom we merge.
        • when it is necessary for the purposes listed in section 6
        • when we have your explicit consent for sharing the data outside QuantrolOx’s organization for other reasons than those mentioned above.
        • when we believe in good faith that disclosure is necessary to establish or exercise our legal rights or defend against legal claims, protect your safety or the safety of others, investigate fraud, or respond to a government request.

      We may share information, including personal information, with our trusted third-party service providers that we use to provide services to us and process your data on our behalf and under our instruction. These third-party service providers may have access to or process your personal information for the purpose of providing these services for us. We do not permit our third-party service providers to use the personal information that we share with them for any other purpose than in connection with the services they provide to us. These third-party service providers may include IT service providers; analytics and search engine providers that assist us in the improvement and optimisation of our site; hosting service providers; cyber security service providers; credit reference agencies for the purpose of assessing your credit score where this is a condition of us entering into a contract with you; and marketing service providers. We may share your information with selected third parties including:

      We have entered into data processor agreements with our data processors.

      8. Where do we store your personal data?

      The data that we collect from you may be transferred to and stored at a destination outside the European Economic Area (“EEA”). It may also be processed by staff operating outside the EEA who work for us or for one of our suppliers. Such staff may be engaged in, among other things, the fulfilment of your order, the processing of your payment details and the provision of support services. However, to ensure that your personal data receive an adequate level of protection, we have ascertained that sufficient safety measures have been implemented to allow for the transfer, including where the European Commission have deemed the country to provide an adequate level of protection for personal data, or by use of specific safeguards such as contracts approved by the European Commission (Standard Contractual Clauses) which give personal data essentially equivalent protection as it has in the EEA.

      All information you provide to us is stored on our secure servers. Any payment transactions will be encrypted using SSL technology. Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

      If you require further information about our data processors established outside the EEA and the safety measures in place to allow for the transfer of personal data, you can request it from us by sending your request to us using the contact details in section 1.

       

      9. Data retention

      QuantrolOx does not store personal data longer than is legally permitted and necessary for the purposes of providing the services or the relevant parts thereof. The storage period depends on the nature of the information and the purposes of processing.

      Retention times per data group:

      Identity Data

      2 years after last interaction

      Contact Data

      2 years after last interaction

      Consent Data

      Until consent is withdrawn, but max. 3 years.

      Technical Data

      1 year after last interaction

      Cookie Data

      We use both session-specific cookies and persistent cookies. You can find the retention times of all cookies in section 3.

        • Session-specific cookies are stored in the memory for the duration of the session and are deleted when the user has closed the browser.
        • Permanent cookies are stored on the hard drive of the user’s computer and are kept for a certain period or until the user deletes the cookies.

      10. How to exercise your data protection rights

      You have certain options available to you when it comes to your personal data. Below is a summary of those options, how to exercise them. Please note that some of these options are legal basis -specific, meaning that they can only be used when personal data processing is based on a specific legal basis.

      Under certain circumstances, you have the right to:

      • Request to know whether we process your personal data
      • Request to access your personal data. This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
      • Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
      • Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it.
      • Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal data for direct marketing purposes.
      • Request the restriction of processing of your personal data. This enables you to ask us to suspend the processing of personal data about you, for example if you want us to establish its accuracy or the reason for processing it.
      • Request the transfer of your personal data to another party (also known as data portability). Please note that you do not have this right when processing is based on legitimate interest. 
      • Where our processing is solely based on your specific consent you have the right to with-draw your consent at any time. Such withdrawal will not affect the lawfulness of processing based on consent before its withdrawal.

        If you wish to exercise any of the data protection rights that are available to you then please email us using the contact information provided under section 1 of this privacy notice and we will action your request in accordance with applicable data protection laws.

        You have the right to complain to your local data protection authority if you are unhappy with our data protection practices. In Finland you can lodge a complaint with the Office of the Data Protection Ombudsman at Notification to the Data Protection Ombudsman . In Europe please see https://edpb.europa.eu/about-edpb/about-edpb/members_en and in the UK Information Commissioner’s Officer https://ico.org.uk/global/contact-us/.

         

        11. Changes to this Privacy Notice

        This Privacy Notice may be updated from time to time to reflect changing legal, regulatory, or operational requirements. We encourage you to periodically consult our Privacy Notices for the latest information on our privacy practices.