Privacy policy

Register and Privacy Statement

This is IDR Oy’s Registry and Privacy Statement in accordance with the EU General Data Protection Regulation (GDPR) regarding the use of the website Prepared on 14 May 2021. Latest change 5 June 2023.

1. Registrar
Hämeentie 3, 5th floor
00530 Helsinki

2. The contact person responsible for the register
Matti Lehmus,

3. Register name
Homepage user register.

4. Legal basis and purpose of personal data processing
According to the EU’s General Data Protection Regulation, the legal basis for processing personal data is the person’s consent through the Cookiebot service. The purpose of processing personal data is to analyze the web traffic of the company’s website and to correctly allocate development actions.

5. Data content of the register
No personal data is automatically stored through the homepage. The Google Analytics GA4 version in use does not store the user’s IP address. If the website user sends personal information to IDR via forms, the information is stored in the CRM system used by the company ( Information to be recorded in the register is: person’s name, position, company/organization and contact information (phone number, e-mail address, address).

6. Regular sources of information
The information to be recorded in the register is obtained from messages sent by the user via www forms, in which the user wants to provide their information.

7. Regular transfers of data and transfer of data outside the EU or EEA
Personal data will not be disclosed to other parties or transferred outside the EU or EEA.

8. Principles of registry protection
Special attention is taken when processing the register and the used information systems are properly protected. The registrar ensures that stored data as well as server access rights and other critical personal data are handled confidentially and disclosed to only those employees whose job description requires such access.

9. Right of inspection and right to demand correction of information
Every person in the register has the right to check their information stored in the register and demand the correction of any incorrect information or the completion of incomplete information. If a person wants to check the information stored about them or demand correction, the request must be sent in writing to the person in charge of the register.

10. Other rights related to the processing of personal data
A person in the register has the right to request the removal of personal data about them from the register (“right to be forgotten”). Requests must be sent in writing to the controller.