Updated 25th May 2018
Multim Ltd processes your personal data under the conditions of the GDPR while also taking into account the current Personal Data Act (523/1999) or any effective data protection legislation. This data protection policy may be updated from time to time by releasing a new version, so please check this data protection policy regularly on our website.
0600 301 030 (99snt/min)
Jani Rajala, CEO
We collect and process your personal data to be able to conduct business and to provide the services you have ordered, to target marketing and to otherwise serve you. The personal data we collect may be used for managing customer relationships, for keeping statistics on the usage of our services, for enhancing and researching the user experience and for other re-search with the aim of improving our website or services. We may also analyse customer feedback. The personal data may also be used for customer relationship communications and for managing marketing and contacts. We may also use the data for the purposes of conversion tracking and targeted marketing.
We process your personal data according to the requirements of the GDPR. Processing is legitimate, reasonable and transparent. Processing of your personal data may be based on a contract, your consent, our legitimate inter-ests or legal obligations. Our legitimate interests may include, but are not restricted to, communication with you, direct marketing including direct marketing after the customership has ended and targeted marketing.
Your personal data is only processed for the purpose it has been collected. Personal data collected for the same purposes may be combined and personal data may be connected to other pieces of data gathered through the means of analytics for being able to e.g. target marketing.
We try to keep the amount of personal data we store about you as small as possible. We also try to make sure the personal data is accurate. We do not disclose your personal data to other parties, unless we have an appropriate reason to do so, for example while registering a domain name for you, marketing purposes or other activities relevant to running our business.
We may collect the following data:
We also collect data that is created using the services. This may include:
Additionally, we may collect other data we have received from you based on your consent.
Our sources of data may include yourself, e.g. when you are in dealing or in contact with us, use our services, use our website or subscribe to our news-letters. We may also collect data about you by observing the usage of our services. Sources of data may also include, but are not restricted to, email, contact form, customer service chat or logs.
Our external sources of data may include e.g. publicly available registers, commercial marketing registers or equivalents and different kinds of services, e.g. Facebook, Twitter, Google AdWords, Google AdSense and LinkedIn.
We may also utilize data deduced from other data collected about you, e.g. observations, conclusions and deductions, that may include e.g. your likely areas of interests.
We may disclose data from our registers to e.g. partners or subcontractors within the limits allowed and obliged by the legislation currently in effect.
Data may also be disclosed to e.g. investigate a suspicious payment transaction with our payment intermediaries. Additionally, ordering a domain name personal data (name, contact person, organisation, phone number, email, company ID, VAT code or equivalent, social security number, birth date) needs to be disclosed to third parties as required by the domain name regis-tries as domain names are, by default, registered to direct ownership of the customer. The data may also be to transmitted to third party services for the purposes of conversion tracking and targeted marketing.
The data may be transmitted outside the European Union and the European Economic Area if required for the purposes of providing the services and for the purposes of marketing and communications. The data that may be transmitted includes name, organisation name and email address. Prior to disclosing the data, we confirm the processor meets the requirements set in the GDPR. Registering domain names data disclosed may also include other pieces of data in addition to the aforementioned, to the extent required to provide the services you have ordered. In certain cases the controller of the domain name registry may be located outside the Union in a country data protection regulation of which does not meet the requirements of the GDPR. In these case the data needs to be disclosed to the controllers of the domain name registries given you have ordered a top-level domain registration of which requires this.
We delete your personal data either automatically or manually when the personal data is not relevant for the purposes presented in this data protection policy. For example, personal data processed based on your consent is stored and processed as long you have not withdrawn your consent. Personal data processed based on legal obligations is stored and processed as long as those legal obligations require (e.g. accounting data). Accordingly, personal data stored and processed based on a contract is deleted after a reasonable amount of time, usually about three months, after the contract or the contracts have been terminated, when those data is not anymore necessary for the purposes of billing, for being able to continue contract or for other purposes. Data processed based on our legitimate interests is stored and processed as long as the legitimate interests are valid.
Personal data in other forms than electrical is stored in locked cabinets. Only persons, whose work assignments so require, have access to the cabinets.
Personal data in digital form is protected using passwords, by limiting access and by using encrypted connections and email. Personal data is only pro-cessed in unencrypted email if you provide us data that way. By default, we request you to provide personal data securely through our control panels.
We only store intact and reliable personal data. Intactness and coherency is ensured by the means of maintaining backups.
You have the right to get a copy of the personal data we have stored about you. You may request this copy from the control panel or by contacting us. We may require you to proof your identity to execute the request. If you make a new request in less than a year from the previous one, we may charge a fee based on our price list for executing the request.
You can update your basic per-sonal data by logging in to our control panels. If needed, you may send a rectification request using the contact methods found on our website. If the rectification request is sent by other means than by directly through our ser-vice, you will need to provide us information so that we can reliably identify you. This information may include your name, address, phone number, email address and customer number. Right to give or cancel your consent: if we are processing your personal da-ta based on a consent you have given, you have the right to give a new con-sent or cancel the consent you have given anytime.
If we are processing your personal data based on a consent you have given, you have the right to give a new consent or cancel the consent you have given anytime.
You have the right to ask us delete the personal data we have stored about you if 1) there is no need for the data considering the original purpose of collection 2) you cancel the consent, in which case the personal data processed based on that will be deleted 3) your personal data has been processed illegally 4) the personal data has to be removed to com-ply with a legal obligation 5) the personal data has been collected to offer in-formation society services to a child.
You may have to right to object the processing of your personal data when the processing is done for the performance of a task carried out in the public interest or for the purposes of the legitimate interests pursued by us. If the personal data is processed for the purposes of direct marketing, you have the right to object the processing for this purpose anytime.
You may have to right to restrict the processing of your personal data in situations mentioned in Article 18 of the GDPR.
You have the right to receive the personal data you have provided us in a structured, commonly used and machine-readable format and to transmit those data to another controller if the data is processed based on a consent or a contract.
You have the right to lodge a complaint with a supervisory authority if you believe the processing of your personal data to be against the GDPR.
A cookie is a small text file sent to the user’s browser by the server. The cookie is saved on the user’s hard drive. Cookies are used to ensure proper functioning of the service and they are needed e.g. to enable login function-ality. Additionally, cookies are used to for marketing purposes, to generate traffic statistics, to research the usage of, track and enhance the user inter-face, the user experience and the service. Cookies are used to ensure user-friendliness of the service. They may also be used by services run by third parties, including e.g. user tracking and marketing.