1. Controller:
MyPotentia (UAE Licence No: CN-3855130), PO Box 93644, Abu Dhabi, United Arab Emirates
2. Contact person:
Entrepreneur, Founder Susanna Merikanto-Timonen
e-mail: [email protected]
phone: +971 50 4456081
3. The Name of the Registry:
Customer register
4. Basis and purpose of processing personal data:
Personal data is processed to identify the data subject to execute the agreement between the data subject and the data controller, with the consent of the data subject, in connection with the ordering, contact, transactions, reporting, marketing, and other related measures to customer service.
5. An agreement to which the data subject is a party:
The registry contains the following information about customers:
6. Regular data sources
The content of the register consists of public information provided by the customer and / or the customer organization itself or on the customer organization’s website.
7. Right to request access to personal data:
The information will not be disclosed to any third party.
8. Transfer of personal data outside the EU of the EEA:
Personal information is stored on Microsoft’s cloud storage service, allowing data to be transferred outside the EU or the European Economic Area as required by the EU Data Protection Regulation (GDPR).
Google Analytics is available on the MyPotentia website to collect statistics on website visits. No personally identifiable information is collected. Data collected from Google Analytics cookies may be stored outside the EU.
9. Principles of protecting personal data:
a. Manual material:
In a locked closet, manual material, i.e. supervision and coaching agreements and the entrepreneur’s notes, are kept on the entrepreneur’s premises. Personal data will be kept in the register for ten years after the end of the customer relationship. The entrepreneur’s written and coded manually processed documents will be appropriately disposed of upon termination of the customer relationship.
b. information processed by the computer:
The company protects the information system’s information and the entrepreneur’s notes with appropriate measures using the equipment and security programs. A firewall and other technical measures protect the computer. A login code and anti-virus software protect the mobile device.
10. Rights of the data subject:
The data subject has the right to know what information has been collected about them. If the registrant wishes, they can check them by sending a check request from the e-mail address in the register to [email protected].
11. Right to have information rectified:
The data subject has the right to demand the correction of incorrect personal data and, if necessary, to request the deletion of their data from the register. Repair and removal is done by sending a request from the e-mail address in the register to [email protected].
12. Other rights related to the processing of personal data:
The information in the register is not used for purposes other than those mentioned above.
13. Amending the privacy policies:
This privacy statement may be updated from time to time, for example, as legislation changes. This GDPR was last updated on April 20th, 2022.