1. Data Controller

Resonia Oy
Business ID: 3011786-7
Address: Salomonkatu 17B, 00100 Helsinki
Email: asiakaspalvelu@resonia.fi

2. Contact Person for Register Matters

Name: Jörgen Weckström
Email: asiakaspalvelu@resonia.fi

3. Name of the Register

Resonia’s customer and marketing register

4. Data Subjects

– Representatives of client companies
– Private individuals whose data is processed in connection with debt collection assignments
– Partners and service providers
– Website users (cookies, analytics)

5. Purpose and Legal Basis for Processing Personal Data

Personal data is processed for the following purposes:
– Managing debt collection assignments
– Customer relationship management and communication
– Fulfillment of contracts and statutory obligations
– Website analytics and development
– Marketing communications (only with consent) Legal bases for processing:
– Contract (GDPR Article 6.1.b)
– Legal obligation (e.g. Accounting Act, Debt Collection Act)
– Consent (e.g. direct marketing and cookies)
– Legitimate interest (e.g. maintaining the customer relationship)

6. Data Content of the Register

The register may contain the following information:
– Name, address, phone number, email address
– Personal identity number (in debt collection matters)
– Invoice and payment details
– Contract details
– IP address and browsing behavior on the website

7. Regular Sources of Data

– Information provided by the customer or partner
– Public registers (e.g. ytj.fi, Population Information System)
– Technical data collected from website usage (cookies, analytics)

8. Regular Disclosures and Transfers of Data

Data may be disclosed to:
– Authorities within the limits permitted by law
– Providers of invoicing and debt collection systems
– Providers of IT security and IT services
Personal data will not be disclosed to third parties for marketing purposes without consent.

9. Transfer of Data Outside the EU or EEA

Personal data is generally not transferred outside the EU or EEA.
In exceptional cases, EU-approved safeguards such as standard contractual clauses are used.

10. Data Security

– Data is stored in technically secured systems
– Access to data is restricted and protected with personal access rights
– Firewalls, encryption, and other technical safeguards are in use
– User activities are monitored with log data

11. Data Retention Period

– Invoicing and debt collection data: retained for 6 years (Accounting Act)
– Personal data: deleted no later than 2 years after the end of the customer relationship, unless the law requires longer retention
– Cookie and analytics data: retained according to the cookie policy

12. Rights of the Data Subject

The data subject has the right to:
– Access their own data and request corrections
– Request deletion or restriction of processing
– Object to processing based on legitimate interest
– Withdraw consent (e.g. marketing)
– File a complaint with the Data Protection Ombudsman (www.tietosuoja.fi)
Requests are generally processed within 30 days.

13. Cookies

The website uses cookies to improve the user experience. Types of cookies used:
– Necessary cookies (for basic site functions)
– Analytics cookies (visitor tracking)
– Functional cookies (e.g. language selection)
– Marketing cookies (only with consent)
Users can manage cookies through their browser settings.