Privacy Notice

PRIVACY NOTICE FOR NEUROSONIC SOFTWARE AND WEBSITE

Last updated: June 5, 2018

Your privacy is of great importance to Oy Neurosonic Finland Ltd. (Later "Neurosonic"). We have created this Privacy notice to provide you with information on how we process your personal data when you use the Neurosonic website, the Neurosonic application and Neurosonic devices.

Personal Data Processed by Neurosonic

When you communicate with Neurosonic:

When you are in business with our customer support via email, telephone, online or in person, we collect personal data, such as your name, mailing address, phone number, email address and contact information; and information about the Neurosonic products you may own, such as their model and date of purchase. To get better in serving you, subject to applicable laws, we may also record and review conversations with our customer support, and analyze any feedback provided to us through voluntary customer surveys.

PURPOSE AND LAWFUL BASIS:

We use this information to provide you with customer and product support and to monitor the quality and types of customer and product support we provide to our customers. The legal ground for processing this information for these purposes is Neurosonic’s legitimate interests in providing quality product support.

When making a purchase from Neurosonic:

When you make a purchase from Neurosonic website or directly from one of our representatives, we collect your name, address and phone number. We do not see or store your credit card information. For payments we use a third party service provider, Checkout Finland and Finago Oy's Procountor. We recommend you to check out both Checkout Finland's privacy policy and Procountor's privacy policy.

PURPOSE AND LAWFUL BASIS:

We collect your name, address and phone number, to be able to fulfill your order and to make it possible for you to finalize your order. Lawful basis for using these information in these cases is a contract. We also process your personal information when detecting fraud behaviour. Lawful basis for your personal information usage in this case is that it is of Neurosonics best interest to cover Neurosonic and our customers from fraud behaviour or from someone trying such.

When using a Neurosonic device:

For time being, when you are using a Neurosonic device with Neurosonic application, the only data we process is the analytics data mentioden below in chapter “Cookies and Similar technologies”.

Different types of Recipients of Personal Data

Other service providers:

Marketing email service

Neurosonic uses cloud services from Mailchimp to assist in sending emails. This service tracks the activities associated with emails, such as whether they were opened, whether links in the emails were clicked on, and whether purchases were made following clicks on those links. Neurosonic uses this data to analyze the level of engagement with its emails. We suggest you to familiarize yourself with Mailchimps Privacy Policy.

Webshop platform

We also use cloud service from third party to run our webshop. This service provider is called Shopify. From here you can find Shopify's privacy policy.

Payment providers

For payments we use a third party service provider, Checkout Finland and Finago Oy's Procountor. We recommend you to check out both Checkout Finland's privacy policy and Procountor's privacy policy.

Other disclosures:

We may disclose personal data about you to others: (a) if we have your valid consent to do so; (b) to comply with a valid subpoena, legal order, court order, legal process, or other legal obligation; (c) to enforce any of our terms and conditions or policies; or (d) as necessary to pursue available legal remedies or defend legal claims.

We may also transfer your personal data to an affiliate, a subsidiary or a third party in the event of any reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of Neurosonic’s business, assets or stock, including, without limitation, in connection with any bankruptcy or similar proceeding, provided that any such entity that we transfer personal data to will not be permitted to process your personal data other than as described in this Privacy Notice without providing you notice and, if required by applicable laws, obtaining your consent.

From where do we receive information?

We receive data primarily from the following sources: from the data subject himself, from the population register, from the authorities, from credit information agencies, from contact information service providers and from other similar reliable sources.
For the purposes described in this privacy notice, personal data may also be collected and updated from publicly available sources and based on information received from authorities or other third parties within the limits of the applicable laws and regulations. Data updating of this kind is performed manually or by automated means.

To whom do we disclose data and do we transfer data outside of EU or EEA?

We do not disclose data from the register to external parties.
We use subcontractors listed in this privacy notice that process personal data on behalf of and for us.

Cookies and Similar Technologies

Website:

To help analyze how you navigate the Neurosonic website, we, with assistance from third-party analytics service providers, collect certain information when you visit our site. This information includes IP address, geographic location of the device, browser type, browser language, date and time of your request, time(s) of your visit(s), page views and page elements (e.g., links) that you click. We may use cookies, pixel tags, web beacons, clear GIFs or other similar tools on our site or in our email messages to assist us in collecting and analysing such information. We use this information to provide better, more relevant content on our site, to identify and fix problems, and to improve your overall experience on our site.

If you do not want information collected through the use of these technologies, there is a simple procedure in most browsers that allows you to automatically decline many of these technologies, or to be given the choice of declining or accepting them.

If you reside in the European Union or other jurisdiction that requires us to obtain your consent to use cookies on our sites, then you will have an opportunity to manage your cookie preferences on the sites; except that certain cookies are required to enable core site functionality, and you cannot choose to disable those cookies.

Neurosonic application:

We also collect data from users about their usage of Neurosonic application. The types of analytical information that are collected include the date and time the app accesses our servers, app version, the location of the device, language setting, what information and files have been downloaded to the app, user behavior (e.g., features used, frequency of use), device state information, device model, hardware and operating system information, and information relating to how the app functions. Neurosonic uses this data to improve the quality and functionality of the Neurosonic application; to develop and market products and features that best serve you and other users; and to help identify and fix app stability issues and other usability problems as quickly as possible.

The lawful basis for processing this analytical information is our legitimate interest in understanding how our customers interact with our products, apps and websites so we can enhance the user experience and functionality of our products, apps and websites.

Here are examples of third-party providers of analytics and similar services we currently use:

ANALYTICS SERVICES:

Children

Our Service is not directed or suitable for children under the age of 18. We do not knowingly collect any Personal Data from children under 18. If you are aware of a user under the age of 18 using the Service, please contact us immediately. We reserve the right to delete any account if we suspect the account holder is a child under the age of 18.

Changes in the Privacy Notice

Should we make amendments to this privacy notice we will place the amended statement on our website, with an indication of the amendment date. If the amendments are significant, we may also inform you about this by other means, for example by sending an email or placing a bulletin on our homepage. We recommend that you regularly visit out webpage and notice possible amendments to this privacy notice. review these privacy protection principles from time to time to ensure you are aware of any amendments made.

How do we protect the data and how long do we store them?

Only those of our employees, who on behalf of their work are entitled to process customer data, are entitled to use a system containing personal data. Each user has a personal username and password to the system. The information is collected into databases that are protected by firewalls, passwords and other technical measures. The databases and the backup copies of them are in locked premises and can be accessed only by certain pre-designated persons.

We store the personal data for as long as is necessary considering the purpose of the processing.

We regularly assess the need for data retention in light of the applicable legislation. In addition, we take reasonable measures to ensure that the personal data in the register is not incompatible, obsolete or inaccurate considering the purpose of the processing. We rectify or delete such information without delay.

Data Controller

Oy Neurosonic Finland Ltd,
Rantakatu 3., FI-90100 Oulu, Finland
privacy@neurosonic.fi

Who can you be in contact with?
All contacts and requests concerning this privacy notice must be submitted in writing or in person to the person mentioned above.

What are your rights as a data subject?

As a data subject you have a right to inspect the personal data concerning yourself, which is stored in the register, and a right to require rectification or erasure of the data, provided that the request has a legal basis. You also have a right to withdraw or change your consent.
As a data subject, you have a right, according to EU’s General Data Protection Regulation (applied from 25.5.2018) to object processing or request restricting the processing and lodge a complaint with a supervisory authority responsible for processing personal data.
For specific personal reasons, you also have the right to object to profiling and other processing operations, when the processing of your data is based on our customer relationship with you. In connection with your request, you will need to identify the specific situation, based on which you object to the processing. We can refuse the request of objection only on legal grounds.
As a data subject you have the right to object to processing at any time free of charge, including profiling in so far as it relates to direct marketing.

In case of any privacy related questions : privacy@neurosonic.fi