Livion Oy PRIVACY POLICY

Effective date: October 22, 2018

This privacy policy describes those principles, under which we collect and process personal data relating to our business and offering of our services. This includes also the Livion Key, Room Robot and Key Detector service. A person’s name, email address, photo and all other data that relate to an identified or identifiable person is considered personal data. We collect and process personal data in accordance with this privacy policy, so we ask you to read this carefully.

Livion may also be sometimes in the role of a data processor to its customers, the data controllers. This is the case especially with Livion Key, RoomRobot and Key detector services. In these situations the customer is the data controller, when it decides what data is entered into the service and how it is used. Livion processes such data for each specific customer’s benefit only, based on written agreements and in accordance with applicable laws.

Controller

The data controller relating to processing of personal data pursuant to this privacy policy is (hereinafter also “Livion”, “us” or “we”):

Livion Oy

Business ID: 2417101-5
PL 10
67101 Kokkola
FINLAND
Email: asko.lamminen@livion.fi
Tel: +358 400 919351
https://livion.fi
https://livionkey.com

If you have any questions, requests or comments in privacy issues, you can contact us by using the above contact details.

We collect, store and process personal data relating to our customers, employees (incl. potential customers and job candidates) and shareholders for predefined purposes. We also always make sure that there is at least one legal basis for processing personal data. The main purposes and the applicable legal basis for processing personal data are:

Provision and delivery of our services to businesses and organizations

  • We collect and process personal data for providing the service and fulfilling contractual obligations.
  • This contains for instance normal customer relationship management and communication tasks, project execution, invoicing, collection of payments, warranty issues and handling contact requests and feedback.
  • We may also process personal data for prospecting potential customers.

The legal basis for this processing is a contract between us and the customer (or preparations for a contract) as well as our legitimate interest.

Offering online based Livion Key, RoomRobot and Key Detector services

  • We collect and process personal data for offering and providing Livion Key, RoomRobot and Key Detector services to its customers and users. Use of Livion Key, RoomRobot and Key Detector requires a contract and creation of a user account.
  • We process personal data relating to Livion Key, RoomRobot and Key Detector services also in connection with contact and support requests.

The legal basis for this processing is a contract between us and the customer relating to use of Livion Key, RoomRobot and Key Detector services (or preparations for a contract) as well as our legitimate interest.

Marketing and communication

  • We may process personal data for customer communication and notifications.
  • We may also execute customer satisfaction studies or other questionnaires with our customers.
  • We process personal data also for direct marketing purposes, for personalizing advertising and content as well as for developing customer and user segments.
  • Based on our legitimate interest we may also send you email marketing messages. In certain situations we may execute direct marketing based on your consent, and we will always ask for it if required by applicable laws. You may withdraw your consent at any time. Even if marketing would not require your consent, you can always prohibit direct marketing targeted to you.
  • We may use third party services for customer communications and marketing activities.
  • Customer testimonials are published based on consent.

The legal basis for this processing is especially our legitimate interest, sometimes also a person’s consent.

Analysing the services and developing our business

  • We aim to constantly develop the service. This requires analyzing and monitoring the use of the service. This concerns especially the Livion Key, RoomRobot and Key Detector services.
  • We also use personal data for improving the quality of the services, for resolving technical issues and for data security purposes.
  • We may also use third party service providers for analysis and monitoring purposes. e.g Analysing and sw tools, not people.

The legal basis for this processing is especially our legitimate interest.

  • We may also use personal data for fulfilling legal obligations (e.g. book-keeping, tax obligations, employment law obligations), responding to legal claims or preparing them, fraud prevention and detection and also if required by a court or an authority.

The legal basis for this processing is fulfilling legal obligations, partly also our legitimate interest.

Recruitment and human resources management

  • We process personal data also in recruiting situations and for fulfilling normal human resources management tasks, including those required by law or due to employment contracts.
  • In recruiting situations we process personal data for preparing an employment contract and based on a person’s consent.
  • With consent we may also process job applicant’s personal data from other sources than from the person itself (e.g. references).

The legal basis for this processing is a contract (employment contract) as well as fulfilling legal obligations, sometimes also consent.

What personal data we collect?

We collect, store and use personal data mainly relating to our customer contacts (including potential customers), employees, job candidates and shareholders for purposes defined in this privacy policy.

Information about customers and potential customers, such as:

  • name of the contact person or user (Livion Key, RoomRobot, Key Detector), contact details and user account (Livion Key, RoomRobot, Key Detector);
  • job title or position;
  • agreements made;
  • offers, email correspondence and customer communications;
  • information given in connection with support and contact requests;
  • information required for invoicing; and
  • marketing opt-out’s / opt-in’s.

Information about employees, such as:

  • name and contact details;
  • job title or position;
  • education;
  • skills;
  • work history;
  • information required for payment of salaries and withholding taxes; and
  • projects done.

Information about job applicants, such as:

  • name and contact details;
  • skills;
  • work history; and
  • resume and application.

Information about shareholders, such as:

  • name and contact details; and
  • share of ownership.
  • user name and contact details;
  • data entered by user;
  • possible camera pictures;
  • event logs;
  • anonymised usage statistics.
  • user name and contact details;
  • key ID (e.g id code);
  • data entered by user;
  • wifi network information;
  • temperature, humidity and/or carbon dioxide values;
  • movement detection (is there movement or not);
  • key detection, are keys in the apartment or not (in the range of ca.10-15m ) ;
  • amount of data which has been used;
  • anonymised usage statistics.

From which sources we collect data?

Customers and potential customers

Data is collected mainly from the person itself when making an agreement.

We may also use Google Analytics or other similar analytics services to monitor and analyze our website use.

Data is also collected and created during the customer relationship, but mainly concerning the customer companies, not persons.

When prospecting new customers we may also receive information from events, seminars or through corporate websites, LinkedIn or by using lead generation services providers. We may also get data from other external or public sources and registers.

Employees and job applicants

Data is collected mainly from the person itself or with consent from other sources (e.g. LinkedIn, personality and suitability test results). Some data is also generated or created during the employment. Relating to employees, we may also receive data from tax authorities as well as pension and insurance companies.

Livion Key, RoomRobot ja Key Detector services

Livion Key, RoomRobot ja Key Detector service related usage data is collected when service is used.

Who processes personal data and is it transferred to anyone?

People within our organization have access to the personal data for the purposes of performing their work tasks. Access to data may be restricted based on customers or projects. Within the organization, access to HR data is more restricted than customer data.

We may also subcontract some personal data processing (e.g. cloud services used for storing data; email marketing and customer communication; accounting; invoicing and payment methods). These services providers are in a contractual relationship with us and they do not usually have a right to process the data for any other purposes than for our benefit. When it concerns the Livion Key, RoomRobot and Key Detector services personal data is only processed by us.

We may also provide personal data to a third party due to a legal obligation or requirement by an authority or a court, for responding to or preparing legal actions, or based on a person’s consent. We may also provide personal data to a third party if we are involved in a business sale, transaction or restructuring.

Is personal data transferred outside the EU?

Personal data is primarily processed inside the EU, but as data is stored mainly in electronic form, some of the cloud services we use may locate outside the EU (e.g. Google Cloud). If personal data is transferred outside the EU, we make sure that the transferee is located in a country with adequate safeguards (as decided by the EU commission from time to time), the transferee is Privacy Shield certified (if a US-based company) or the transfer occurs by using model clauses published by the EU commission. In the case of the Livion Key, RoomRobot and Key Detector services personal data is inside the EU.

Livion as a data processor

Livion may also be sometimes in the role of a data processor to its customers, the data controllers. This is the case especially with Livion Key, RoomRobot and Key Detector services. In these situations the customer is the data controller, when it decides what data is entered into the service and how it is used. Livion processes such data for each specific customer’s benefit only, based on written agreements and in accordance with applicable laws.

For how long is data stored?

We will not store personal data for a longer period than is necessary for its purpose or required by contract or law. The retention periods for personal data may vary based on its purpose and the situation. The retention periods may also be based on laws (e.g. accounting, tax laws, employment contracts act). If consent was the only basis for processing personal data, the data may be deleted after a person withdraws her consent. We may also update data from time to time. Data about Livion Key users are stored as long as there is a valid contract in force. Thereafter data is deleted usually at the latest 1 year after termination or expiration of the contract. For technical and data retention purposes some data may be stored in our backup files even after that.

Livion Key, RoomRobot ja Key Detector services

Livion Key, RoomRobot ja Key Detector service related usage- and event data is deleted or anonymised at the latest 1 year after data has been gathered.

How is data stored and kept secure?

Personal data is stored primarily in electronic form and it is secured in accordance with general industry standards and practices. We consider and keep personal data confidential. Access to personal data is also protected with user-specific logins, passwords and user rights. Our premises are also safe and secure.

Is it mandatory to provide us personal data? What happens if you don’t provide it?

It is not mandatory for potential customers and job applicants to give us personal data, but then again if we do not receive sufficient information we may not be able to process their request or job application.

When making contracts, we need certain minimum data to conclude an agreement and for fulfilling contractual obligations. Livion Key, RoomRobot and Key Detector users need to provide us with certain minimum data, as the use of the service requires a personal user account and identification of the user.

In employment relationships we need personal data to fulfill contractual and legal obligations.

What rights do you have?

Managing user data (Livion Key, RoomRobot ja Key Detector) Livion Key users may log into the service and see some of the data we have about them and possibly update the data.

Withdraw your consent If we process personal data based on your consent, you can at anytime withdraw your consent by notifying us, for instance by contacting us using the contact details provided above.

Access to data You have the right to have confirmed if we are processing your personal data and also to know what data we have about you. In addition, you have right to some supplemental information described in the law about the processing activities.

Right to have errors corrected You have the right to request that we correct any inaccurate or outdated personal data we have about you.

Right to prohibit direct marketing You have the right to request that your personal data is not processed for direct marketing purposes by contacting us using the contact details provided above.

Right to object processing If we process your personal data based on public interest or our legitimate interest, you have the right to object processing of your data, to the extent that there is no such significant other reason that would override your rights or the processing is not necessary for handling legal claims. Please notice that in this situation we may not be able to serve you anymore.

Right to restrict processing In certain situations you have the right to require that we restrict processing of your personal data.

Right to data portability If we process your personal data based on your consent or fulfilling of a contract, you have the right to require transfer of the data you have provided to us to another services provider in a commonly used electronic format.

How can you use your rights?

You can execute and use your rights by contacting us, for instance by using the contact details provided above. Remember also that we need to verify your identity. If you consider that the processing of your personal data is not lawful, you can always also make a notification to a supervising authority (tietosuojavaltuutettu).

Cookies on Livion website

We use cookies and third party applications on our website to provide the best possible user experience for our website visitors, analyze the use of our website, run our online software and services as well as for targeting content and advertising on our website or on third party channels, such as search engines and social media.

What are cookies?

Cookies are small text files that are placed on a web user’s computer and are designed to hold a modest amount of data particular to a user and a website. Cookies give us information how users use our website. We may use cookies to develop our website and services, analyze website use as well as target and optimize marketing efforts. If you do not wish to receive cookies, you may set your web browser to disable them. This is done usually in the “settings” page of your website browser and selecting the “private browsing” mode or “incognito” option. You may also from time to time delete the cookies stored on your device. Please note that most browsers accept cookies automatically. If you disable cookies, you should understand that certain services at our website may not function correctly.

Usually it is not possible to recognize a person or the user of the website from the data contained in cookies, but if you have previously registered as a user on our website or we otherwise have already personal data about you, the data from the cookies may be incorporated with such data. Therefore, sometimes data in the cookies may be considered as personal data.

Third party cookies and applications on our website

When using our website, we may run third party applications and certain third party services providers may store cookies on your device for the purposes of website and marketing analytics and development as well as targeting of content and advertising. These may include services providers such as Youtube, Google Analytics, Facebook and other similar services providers and marketing networks. Some of these may be located outside the EU. More information about the cookie and privacy policies of these services providers can be found from their website. We are not responsible on their data processing practices.

Can this privacy policy be updated?

We may make updates to this privacy policy when our operations change or develop. Also changes in law may make it necessary to update this privacy policy. The changes become valid once we have published them in the form of an updated privacy policy. Therefore, please visit this page and read this privacy policy from time to time.