Our top priority at Shri Services Oy is the privacy of Our Website visitors and the privacy of the Subscribers to Our Service(s) accessible from https:/www.shri.fi
or Shri Services Oy Group’s Websites. This document includes information that Shri Services gathers, tracks, and uses. We are committed to protecting Your privacy and personal information. In compliance with international and European data security standards and applicable personal data legislation (including the EU General Data Protection Regulations), Shri Services process Your personal information. Definitions of capitalized terms not found in this document can are defined in the Master Subscription Agreement.
Section 1 – Data Controller and Contact Information
1.1 Data Controller. Shri Services Oy is the data controller and processor only limited to the personal information of Website visitors, and Entities who register to use Our Services (Account and Registration Information). For Service Data generated during the Service, the Subscriber is the Data Controller, and Shri Services Oy is the Processor. Our Master Subscription Agreement governs Service Data policies and privacy. For more details, also see the Data Processing Agreement that governs Service Data.
1.2 Contact Information.
In all data protection related matters, data subjects may contact Shri Services Oy by using the following contact information:
Shri Services Oy
Tykistökatu 4 B, 20520 Turku, Finland
Contact person: Kalyan Pasumarthy
Section 2 – Purpose, Scope, and Application of the Policy
This policy describes the collection, use, sharing, and protection of personal information by Shri Services Oy. This policy also defines Your options about Your personally identifiable information’s use, access, and correction. We process Your personal details to satisfy Our contract with You for the use of Our Websites and the Services and to satisfy Our obligations to You under the Master Service Agreement. If We have a separate agreement with You, We will use Our legitimate interest in maintaining and operating Our Websites and supplying You with the Service You have requested.
2.2 Application.Other than Our main Website at www.shri.fi, this Policy governs the privacy matters of the services provided on Our other Websites, namely SHRISAS, SHRIVOICE, and MOITELE.
2.3 Exceptions of Third-party.This Policy does not apply to third-party Websites the links to which may exist on Our Website. Their privacy policies govern the privacy and data protection methods of such Websites. We are not responsible for what is contained in such third party privacy statements, but We encourage You to go through them before interacting with third parties.
2.4 Exception of Service Data.This Policy will not apply to Service Data generated by the Subscriber during the usage of the Services. This rule applies except for Account Information and other information We collect in connection with Your registration or authentication into Our Services. The Master Subscription Agreement governs Service Data, and the Data Protection Agreement governs the rights. This exception of Service Data will not apply to one specific part of Service Data, i.e., Voice Recordings. See section 4.8 for more information on voice recordings.
2.5 Subscriber Responsibility. Subscribers to Our Services are solely responsible for establishing policies for, and ensuring compliance with, all applicable laws and regulations, as well as any privacy policies, agreements or other obligations, relating to the collection of personal information in connection with the use of Our Services by individuals (also referred to as “data subjects”) with whom Our Subscribers interact.
2.6 Scope.We collect information under Our Subscribers’ direction and have no clear interaction with individuals whose personal data We process in connection with the use of Our Services by Our Subscriber. The processing and usage of data obtained through the use of Our Services are limited to the delivery of the Service, which is offered to Subscribers by Shri Services Oy.
You have the right at any time to withdraw Your consent given to Us to process Your data. Still, such withdrawal will not affect the lawfulness of the activities completed when there was active consent before such withdrawal.
Section 4 – Information We collect
4.1 Information provided by You.When You purchase Our Services, You register an Account to gain access to the Services. To provide Our Services and associated Customer Support, We collect Account and Registration Information during the registration process. We are requesting and can collect personal data on You, such as Your name, address, telephone number, e-mail address, instant messaging identification, and credit card information, as well as other relevant details, such as Your company name and Website name when You sign into or use one or more of Our Services (“Account”). We also request and collect personal information from any person You allow to log in and use Our Service in connection with Your account, including an e-mail address and name or alias (an “Agent” or “End-user” as per the Master Subscription Agreement). We also collect personal information from Your account to give You the functionality needed during Your use of the Services. We strictly base the processing of Your personal details on Our legitimate interest. For this Policy, We shall call any information mentioned above “Account Information.” By providing Us with Account Information, You acknowledge that the information You provide is real. You are the owner or otherwise have permission to provide such data to Us.
4.2 Third-party intermediary for payment services. To facilitate the processing of debit, credit, and other bank cards, a third-party intermediary broker may be used. This Intermediary is not permitted for any reason, except bank card processing on Our behalf, to store, maintain, or use Your billing details. For more information, check the privacy policies of Your payment gateway.
4.3 Mobile Application.To carry out Our service contract with You, We automatically collect details about the computer or mobile model and version of the operating system when You download and use Our Services.
4.5 Logs.We collect and store certain information in log files when You interact with Our sites and services, as is the case with most Websites and services offered online. This information may include internet protocol address, browser type, internet service provider, operating system, date/time information, location, and language preferences information You are searching, device ID numbers for the mobile operator, and configuration of networks. Often, to enhance Our pages, We link personal information to information collected in Our log files.
4.6 Analytics.When You use the Websites, We collect analytical information, like cookies, to help Us develop Our Services to You. We and also exchange anonymized data concerning Your activities on Our Websites with third-party analytics service providers. We also use mobile analytics tools to understand better the features in Your mobile device relating to mobile versions of Our services.
4.8 Voice recordings and Machine Learning.We may collect, store, and process the audio recordings of the voice services to improve Our existing services and to develop new services by using automatic processing techniques like machine learning. AI, machine learning, speech recognition, transcription, voice recognition, or any such voice processing technology may form part of automatic processing techniques. Such automated processing may be carried out by third-party processors with whom these recordings may be shared through valid Processor Contracts and Data Processing Agreements ensuring adequate data protection and privacy standards. Any personal information shared by the data subject willingly on request of the Subscriber or the End-Users within such recordings is not extracted, separately stored, or processed by Shri Services Oy or its partners. Shri Services Oy is not responsible for the personal information requested or collected by its Vendors, Service Receivers, or partners who use its Services. No Subscriber can request copies of the Voice Recordings.
Section 5 – How We use the collected information.
5.1 Legitimate Interest and fulfilling service contract.To carry out Our obligations under Our service agreement to You and based on Our legitimate interests, We may use the information collected about You (including personal information) to provide You with Our Services effectively.
5.2 Specific uses.
In different ways, We use data that We obtain and personal data to provide You with Our Services, including:
- Operate and maintain Our services and applications
- Enhance, customize, and extend Our technologies and services to enhance existing services and to introduce new ones, making use of machine learning.
- Understand and examine how Our software and services are used
- Create new products, programs, functionalities and features
- Contact You or any of Our partners, including for customer services, to provide updates and other information regarding the site, and for marketing and advertising purposes.
- Emails sent to You
- Find and stop fraud
5.3 Legal basis for processing.For individuals from the European Economic Area (‘EEA’), We rely upon the personal information concerned and the context under which We collect it as the legal basis for collecting and using the Personal Data mentioned above. We would usually only collect Your personal information if We are needed to enter into a contract with You (for example to provide You with Our Services), whether We have valid interests in Your processing and do not breach Your data or constitutional rights and freedoms, or if We have Your consent. We may also have a legal duty in certain situations to obtain Your personal data. We will make it clear at the time when We request You to provide Your personal details in compliance with a legal requirement or to enforce a contract with You, and We will advise You of Your duty to provide personal information including consequences on the Services provided if You do not provide Your personal information. Also, We will make it clear to You at the appropriate time why We need to use Your personal information if We are collecting and using Your personal information based on Our legitimate interests. At any time, you can withdraw Your consent if We process personal information in compliance with Your consent.
Section 6 – Sharing of collected information.
6.1 Third-Party Service Providers. For us to provide hosting and maintenance of Our Websites, to develop applications, provide back up services, storage services, and payment processing, We share information, including personal information with third-party services providers. Such service providers from third parties may have access to or process Your personal data to provide Us with such services. We do not authorize Our third-party service providers the use of personal information We share with them any other use. We can also exchange, in collaboration with third parties for marketing purposes, anonymized data relating to Your use of the Services based on Our legal interest in the creation and promotion of services. Nevertheless, You, Your Agents, or End-users will never be named the source of information.
6.2 Testimonials. We may publish testimonials from time to time on Websites containing personal information. We always get Your permission and Your testimonial for posting Your name. Please contact us at email@example.com if You would like to update or delete Your testimonial.
6.3 Compliance Law Enforcement. In some instances, to comply with the requirements of national security or law enforcement, We might be required to reveal personal information in response to legal requests from public authorities. We may disclose personal data in response to legal proceedings or defend Ourselves against legal claims.
6.4 Your Consent. If We have Your permission to do so, We will share Your personal information with third parties.
Section 7 – International Transfers
7.1 Transfer Policies. We will not share with a third party Your personal information unless it is necessary, for Our professional or legitimate business needs or as required or authorized by law, to fulfill Your request. When We transfer Your personal information to third parties or service providers, the right arrangements are made to ensure that the data processing is correct and secure per the applicable data protection law. We can transfer, store, and access such personal information from all over the world to facilitate Our global operations, including from other countries that Shri Services Oy operates in or has customers. Consequently, Your personal details stored outside the EEA and in non-EU countries that do not qualify for the same degree of data security as the EU through an adequacy decision. In this case, for example, by entering standard contractual terms for the transmission of information as approved by the European Commission (Art. 46 GDPR), We shall ensure that Your personal information is offered an adequate level of protection or ask You for Your prior consent for such foreign transfers.
7.2 Safeguards for Transfers. We have introduced protections to ensure that Your personal information is adequately secured when transmitted to countries outside the EEA, by considering decisions by the European Commission regarding the suitability of a recipient Non-EU country and using the Standard Contractual Clauses of the European Commission for the transfer of personal data internationally. Additionally, Shri Services Oy will not pass Your details to the United States and Switzerland and will therefore not engage in EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework or their replacement legal frameworks.
Section 8 – Notice to End-Users.
8.1 Our services are for enterprises to use.
When You receive Our Services through Our Subscribers, this Subscribing entity is Your personal data controller. The questions and requests concerning End-users data privacy should originally be sent to the Subscriber. Shri Services Oy shall not be responsible for the internal privacy and protection practices of Our Subscribing organizations. We encourage Our Subscribers to provide adequate protection to the personal data of End-users. Subscribers of Shri Services Oy can:
- Restrict, suspend or discontinue End-Users Services access;
- Access End-Users profile and personal information;
- Access and export End-Users processed personal information;
- Modify End-Users personal details, like End-Users profile.
Section 9 – Data retention
9.1 Data Retention.Since Shri Services Oy is the data controller for personal information related to Account Registration, We maintain the information that We collect to continue providing Our Services to fulfill Our Service contract to You. Once Our legitimate business needs to handle Your personal data ends with all associated obligations relating to providing You with Services, We will safely delete Your personal data and not further process it until the removal of Your information is feasible.
Section 10 – Your rights under GDPR
10.1 Your rights.If GDPR protections apply to You or Your data, You have the following rights.
The right to access – You have the right to request copies of Your personal data. We may charge You a small fee for this service.
The right to rectification – You have the right to request that We correct any information You believe is inaccurate. You also have the right to request that We complete the information You believe is incomplete.
The right to erasure – You have the right to request that We erase Your personal data under certain conditions.
The right to restrict processing – You have the right to request that We restrict the processing of Your personal data under certain conditions.
The right to object to processing – You have the right to object to Our processing of Your personal data under certain conditions.
The right to data portability – You have the right to request that We transfer the data that We have collected to another organization, or directly to You, under certain conditions.
If You make a request, We have one month to respond to You. If You would like to exercise any of these rights, please contact us at firstname.lastname@example.org
Section 12 – Children’s Rights
12.1 We prioritize to provide children with protection while using the Internet. We promote the evaluation, tracking by parents, and guardians of their online activities. No sensitive identifiable information is knowingly obtained from kids under the age of 13 by Shri Services Oy. We strongly encourage You to contact us immediately if You think Your child has provided this type of data on Our Website or service; We shall do Our best to remove this information quickly from Our records or contact Our relevant Subscriber.