Privacy Policy

This Privacy Policy explains how Biohealth Europe Oy (business ID: 3451696-1) processes personal data, what data is collected, how it is used and shared, and how you can influence this processing. This policy complies with the EU General Data Protection Regulation (GDPR). We reserve the right to update or change this policy at any time.

1. Contact Information & Data Controller

Data Controller:
Biohealth Europe Oy (3451696-1)

Data Protection Officer/Contact Person:
Sean Bergeheim
Email: info@biohealth.fi

2. Processing and Purpose of Personal Data

2.1 Basis for Processing

We process your personal data lawfully, fairly, and transparently. We only collect and use your information if we have a lawful basis, including:

• Your explicit permission for a specific purpose.

• Necessity for the performance of a contract or for taking steps at your request before entering a contract.

• Legitimate interests (as long as they do not override your rights), such as investigating abuses, conducting research or statistical analysis, or protecting our legal rights.

• Compliance with legal obligations.

• Necessity due to a threat to life, health, or injury.

2.2 Purposes for Processing

We collect and process personal data for various purposes, including:

• Recruitment and employment relationships.

• Managing customer relations and providing customer service.

• Maintaining and enhancing customer and partnership relationships.

• Fulfilling contractual obligations.

• Marketing and targeted communications.

• Research and statistical analysis.

• Handling reservations and orders for products and services.

• Quality assurance, security, abuse prevention, risk management, and fraud prevention.

• Business planning and product development.

• Usage tracking and processing warranty information.

2.3 Types of Data Collected

We may collect the following types of personal data:

• Personal and company information.

• Contact, billing, and payment information.

• Customer relationship and contract details.

• Product and order information.

• Customer feedback, communications, and complaints.

• Marketing consents and information related to online behavior.

3. Lawful Disclosure and Transfer of Data

3.1 Data Security Measures

We take appropriate technical and organizational measures to secure your data. This includes:

• Using firewalls, passwords, and other generally accepted security practices.

• Storing manual records in locked facilities.

• Processing data only with trusted service providers who maintain strict access controls.

3.2 Disclosure to Third Parties

We do not share your data with third parties without your consent, except when required by law or for contractual purposes with service providers or subcontractors. In such cases, we ensure that data is processed in accordance with legal requirements and under confidentiality agreements.

3.3 International Data Transfers

We do not transfer your personal data outside the EU or EEA.

4. Retention of Personal Data

4.1 Retention Period

Your personal data is stored for two years after the end of our customer relationship, unless you request earlier deletion. After this period, data is deleted or anonymized within three months. We reserve the right to adjust the retention period and will notify you if it changes.

4.2 Profiling and Automated Decisions

We may use personal data for profiling if a lawful basis exists. We do not use your data for fully automated decision-making.

5. Rights of the Data Subject

As a data subject, you have the following rights:

5.1 Right of Access

• You can request access to your personal data in writing or electronically.

5.2 Right to Correction and Deletion

• You have the right to request correction of any inaccurate or incomplete data and to request deletion of your personal data.

5.3 Data Verification and Rectification

• We actively work to ensure that your data is correct, complete, and up-to-date.

5.4 Data Portability

• You may request that your data be transferred to another controller.

5.5 Right to Restrict Processing

• You can request restrictions on how your data is processed under certain circumstances.

5.6 Right to Object

• You have the right to object to the processing of your data for specific purposes, including direct marketing.

5.7 Right to Withdraw Consent

• If your data processing is based on consent, you can withdraw your consent at any time without affecting previously processed data.

5.8 Right to Complain

• If you believe your data protection rights have been violated, you may lodge a complaint with a supervisory authority.

5.9 Submitting Requests

• All requests regarding your data rights should be submitted electronically to our Data Protection Officer. We will verify your identity and process your request promptly. If we cannot fulfill your request, we will inform you in writing.

This Privacy Policy, along with our Privacy Policy and any related notices, forms the complete agreement on the processing of your personal data by Biohealth Europe Oy.

If you have any questions or concerns regarding this policy, please contact us at the details provided above.