Privacy Policy
Privacy and Slope Graphics (hereinafter collectively and individually referred to as "Slope Graphics," "we," "our," or "ours").
Who we are and how to contact us
We are a Finnish graphic industry company, Slope Graphics, operating as a subsidiary of Uproof Oy. We are committed to protecting your privacy and respecting and safeguarding your rights when using this website. This privacy policy applies to the products and/or services we offer on our website www.slopegraphics.fi ("site") and our social media channels. We explain how we collect, process, store, and share information. We adhere to the General Data Protection Regulation (GDPR), which came into effect in May 2016 and is nationally applicable in the EU since May 25, 2018.
This privacy policy does not cover information you submit on other websites, even if we interact with you on those sites. For example, if you post something on Instagram or Pinterest, that information is governed by their privacy policies, and this privacy policy does not apply. If you navigate from our site to third-party service providers like Etsy or Gumroad, the information you provide to them is governed by their respective privacy policies.
You can contact us for privacy-related questions by emailing rosa@slope.fi.
If you are a customer, subscriber, collaborator, or just a visitor to our site, this privacy policy applies to you.
1. Data Controller
Uproof Oy, Slope Graphics
Business ID: 3132756-7
2. Contact Information for Register and Data Protection Matters
Rosa Vuorela
+35844 3038351
rosa@slope.fi
3. Register Name
Customer register, marketing register, and subcontractor and collaborator register.
4. Legal Basis and Purpose of Processing Personal Data
The storage of information in the register is based on either the consent of the individual for data storage or our legitimate interest in collecting information necessary for our business. We collect and store information related to customer relationships or potential new customers based on the needs of our business. The collection of information about potential new customers is based on our business activities, and we gather data either directly or through carefully selected partners.
Your Responsibilities
Read this privacy policy and our website's terms and conditions. If you provide us with information about a third party, you confirm that you have the right to authorize us to process that information on your behalf in accordance with this privacy policy.
What Personal Data We Collect and How We Use It?
The use of the site does not require registration. Individual personal information such as name, address, or email address may be collected via email, messages, or contact forms, and information provided during the ordering process may be stored. Personal information may also be collected and updated from population registers, credit registers, and other similar public and private registers. Additionally, we maintain a register of subcontractors and collaborators to ensure smooth cooperation.
We process personal data for managing customer relationships or other relevant connections, analysis, statistics, the provision and development of services/products, and marketing. Relevant connections include, for example, providing personalized services or processing related to the management of service operations. Our operations are based on legitimate business, so we also comply with EU legislation on the storage of personal data:
-
Information stored about individuals is legal, reasonable, and transparent regarding processing. This means you can access your data at any time.
-
Data has purpose limitation – for example, the information we collect about individuals is tied to specific purposes. We do not disclose your information to external parties unless there is a legitimate reason, such as providing a mailing list to a subcontractor for product delivery. The subcontractor is part of Slope Graphics' collaboration network.
-
We minimize the data we store – we only store necessary and usage-appropriate information.
-
We strive to keep our information accurate and update the register as often as possible and whenever requested by the customer.
-
We limit data retention – data is assigned a lifespan, after which it is automatically or routinely deleted unless there is a legal reason to keep it. The data retention period is 4 years.
-
We store intact and reliable information, verified through backups, for example.
5. Register Data Content
Our customer and marketing registers mainly contain the following information:
-
First name
-
Last name
-
Company name
-
Contact information, such as street address, postal code, city, country, phone number, email address
-
Other text-based information related to the customer relationship
-
Information related to work orders
-
Creditworthiness information
-
Invoicing information, such as invoicing terms and amounts
-
Marketing permission or prohibition
-
Decision-maker information
-
Invoicing details
-
Information collected through cookies
-
Information collected from social media channels
Subcontractor and collaborator registers mainly contain:
-
First name
-
Last name
-
Company name
-
Contact information, such as street address, postal code, city, country, phone number, email address
-
Information related to work orders
-
Invoicing information, such as invoicing terms and amounts
Website and Cookies
To track the usage of Slope Graphics' online services and facilitate and expedite the use of services, Slope Graphics uses cookies. A cookie is a short text file that the web server stores on the user's hard drive. Cookies are used to measure and monitor the use of online services to improve services in the online environment and ensure a good user experience. Users receive a notification about cookies when they visit the Slope Graphics website. If a user chooses to reject cookies by adjusting their web browser settings, they may not be able to fully utilize the online services offered by Slope Graphics.
Analytics in Slope Graphics' Online ServicesWe use only anonymous analytics embedded by the site administrator (Wix) and do not use any third-party analytics. The analytics tool collects information about the pages users visit, the country from which the user is accessing, the type of information that interests users, and the functions included in the online services. This information helps us improve our services. The IP addresses of website visitors and cookies necessary for the functions of the service are processed based on the legitimate interest, for example, to ensure the security of information and collect statistics on website visitors, in cases where they may be considered personal data. Consent is requested separately for third-party cookies if needed.
6. Regular Sources of Information
Information to be stored in the register is obtained from the customer through various means, including messages sent via web forms, email, phone calls, social media services, contracts, customer meetings, and other situations where the customer provides information. Contact information for individuals within companies and other organizations may also be collected from public sources such as websites, directory services, and other companies.
7. Regular Disclosures of Data and Transfer of Data Outside the EU or EEA
Information is not regularly disclosed to other parties without your consent or a legal basis to do so. We may share information with third parties that enable us to provide our products and services, including payment processors like PayPal and Shopify, social media platforms like Instagram, and other third parties like Microsoft One Drive, Notion, and MailChimp for data processing and storage. If you leave our site through links to third-party sites such as Etsy and Gumroad, the information you provide to them is governed by their privacy policies. These links on our site are clearly marked.
We also share information with third parties under the following circumstances:
-
Professional and legal advisors
-
Third parties involved in fraud prevention and detection
-
Law enforcement authorities or other government agencies
Our website is hosted by the Wix.com platform. Wix.com provides us with a web platform to sell our products and services to you. Your information may be stored through Wix.com's data storage, databases, and general Wix.com applications. They store your data on secure servers behind a firewall. Service providers may process data outside the EU/EEA.
8. Principles of Register Protection
In the processing of registers, we exercise care, and information processed through data systems is adequately protected. While we cannot guarantee the security of any information you send to us or receive from us, we take this task seriously and maintain reasonable and appropriate physical, electronic, and procedural safeguards to protect your information. When register data is stored on internet servers, the hardware's physical and digital security is appropriately maintained. The data controller ensures that stored information and critical information for personal data security, such as server access rights, are treated confidentially and only by individuals whose job includes such tasks.
This includes the following measures:
-
Access to accounts with a password and the use of two- or multi-factor identification whenever available
-
Storing electronic data on reputable third-party storage service providers with appropriate protections
-
Restricting access to personal information to individuals who need the information.
-
Using payment service providers that are PCI DSS compliant
-
We do not store your payment information
9. Right to Inspection and Right to Request Data Correction
Everyone in our register has the right to inspect what information we have about them and request the correction of any inaccurate information or the completion of any incomplete information. If a person wishes to check the information stored about them or request corrections, the request must be sent in writing to the data controller at Selkätie 130, 48810 Kotka. We will verify the person's identity with an official identification document to ensure that we are checking the correct person's information. We will respond to the request within the time frame specified by the EU General Data Protection Regulation (usually within one month).