Data protection statement

1. GENERAL

1.1. Feelback Oy complies with the applicable legislation on personal data processing and data protection.

1.2. Feelback Oy adheres to both the EU General Data Protection Regulation (2016/679) and its local rules and regulations. For this reason, Feelback Oy handles information on all its customers in the EU/EEA. Personal data will not be processed outside the European Economic Area (EEA) unless specifically agreed in writing with the customer.

2. DATA PROTECTION

2.1. All the information that Feelback Oy collects is stored exclusively in secure server environments in the EU. The data processing agreement between Feelback Oy and the server environment used by the service provider ensures that the information is not processed in violation of the security clearance.

2.2. All project data and registers stored on Feelback Oy’s servers are handled in confidence. All data is stored securely and will only be processed by personnel participating in the project. Anyone with access to personal data will handle them only in accordance with the agreement and instructions established with the customer.

2.3.  Feelback Oy uses technical and organisational precautions to ensure the security of customers and participants. Such precautions include saving data exclusively to secure user name and password protected servers. Electronic data is stored in systems that are protected from outside access attempts by firewalls. Written materials, such as summaries, are stored in electronic access-controlled offices.

2.4. The servers of data collection software used by Feelback Oy are placed in the service provider’s facilities. Feelback Oy and the service provider have a valid confidentiality agreement. The servers are designed as storage space for server systems requiring high reliability; they provide a technically advanced and secure environment for server services.

2.5. Research reports, personal data, and collected data can be sent using a secure connection.

3. HANDLING OF PERSONAL DATA

3.1. Feelback Oy does not use personal data for any purpose other than the one specified in the project. No personal data will be associated with the received responses unless the respondent has given their permission for this.

3.2. Feelback Oy requires commitment from every employee and partner to unconditional confidentiality on the issues that they become aware of in the context of their cooperation. If necessary, separate confidentiality agreements with customers and/or partners are prepared.

3.3. Feelback Oy retains personal information on secure, protected servers. Personal data will only be retained for the agreed period and will be destroyed after the project has ended.

3.4.  Insofar as Feelback Oy uses its subcontractors to process personal data, employees of the subcontractor’s project are subject to the same conditions as Feelback Oy’s own personnel.

3.5. Feelback Oy will ensure that personnel handling personal data receive the correct training for processing such data.