Ostoskori 0

Rakettitiede Oy privacy statement

 

Passenger manifest processing rules

We are careful with the data of our rocket passengers (also known as customers) and the people who happen to fly by our website. In this privacy protection policy, we explain the measures we take to ensure the confidentiality of your data.

We process the data of our customers, potential customers and people who happen to fly by our website. Below, you will find a brief summary, after which you can find further information (sections 1–11).

Summary

We process

  • browsing information generated when you browse our website;

  • contact information, i.e. your name, email address and telephone number (if you have already boarded the Rocket); and

  • customer data, i.e. information necessary for organizing your rocket flight.

We need your data to

  • provide a non-disruptive flight through our website,

  • manage our customer relationship (communication between spacecraft passengers and crew is important) and 

  • market our services, as we know we can offer a wonderful flight and we want to tell you all about it (don’t forget that you can tell us to stop sending you material at any time).

We receive your information when you

  • navigate through our website,

  • subscribe to our newsletter,

  • contact us in other ways or

  • buy a ticket (i.e. become our customer) or

  • when we find it in other public sources (such as your company’s website). This only applies to our potential customers.

We offer cookies for the journey to ensure an uninterrupted flight, i.e. the best possible functionality on our website. You will also receive cookies from our service providers. We understand if you are not hungry, and you can decline the cookies at any time (see section 10 for further information on cookies).

Who else processes your data?

  • Infrastructure: Google

  • Analytics: Google Analytics

  • Customer communication and marketing: Agileday, Hubspot, Leadoo, Niittylä & Kanto, LiidIT and Webinargeek

We erase your data

  • no later than five (5) years after the end of our flight together (customers),

  • no later than two (2) years after we last tried (unsuccessfully ☹️) to tempt you with a flight (marketing) or

  • as soon as you request for your data to be erased, unless we have a compelling reason to continue processing your data. If we do, we will inform you about it.

Privacy protection policy in more detail:

1. Our role in securing your privacy

This privacy protection policy affects you if you

  • use our website,

  • are our customer,

  • work in such an organisation and position that we want to market our services to you or

  • have otherwise given us permission to collect and process your data for purposes such as informing you about our services.

Our responsibilities

We are the controller of your data. This means that, because we collect and store your data, we are also responsible for protecting your privacy and storing your data securely, among other things. We also ensure, to the best of our ability, that the data we store on you is correct and up to date.

Your responsibilities

It is your responsibility to familiarise yourself with this privacy protection policy. If you are a customer, please also check our agreement with you. It may contain additional information about how we collect and process your data.

We may also update this privacy protection policy from time to time. We will notify you of any changes here (see section 11 below). Please check our most recent policy regularly.

If you have questions about anything relating to your privacy or the processing of your data, please don’t hesitate to contact us at yksityisyys@rakettitiede.com (further contact information here).

2. Purpose and basis for the processing of personal data

If you are a user of our website, we use your data to develop and analyse our website’s functions and our business activities, market our services and target our advertisements.

If you are our customer, we process your data for the purposes of customer service, maintaining our customer relationship, customer communication and marketing, as well as developing and planning our business activities via, for example, customer satisfaction and market research surveys.

If you hold such a position within your organisation that you are able to decide on whether or not you company uses our services, we may also process your information for the purposes of marketing our services or, occasionally, purposes such as market research surveys.  If you do not know if we hold any of your data, you can request clarification on whether we process your data at any time. 

Our legitimate interest is the basis for the processing of your data. We may only collect and store your personal data if the data we process and the ways we use said data are proportionate to its purposes. Below is a summary of our assessment of the proportionality of processing data.

Users of our website:  We use analytics tools to improve the experience of browsing our website, develop our website and target advertising. As you are able to prevent your device from downloading cookies from our website via browser settings (and so prevent, for example, our advertisements from being shown to you online), we consider the processing of your data proportionate. 

Our customers: It is in the interest of both us and our customers that we be able to contact them about our services. We consider the processing of personal data for these purposes proportionate.

Our potential customers:  We want to market our services in order to gain new customers. We may occasionally conduct processes such as market research to develop our services. In such cases, you will be able to freely decide whether you want to participate. We consider the processing of data for these purposes proportionate, taking into account the data we process for such purposes, the voluntary nature of participation and your right to opt out of marketing at any time. 

If you feel that the processing of your data is not proportionate, please contact us at yksityisyys@rakettitiede.com (see also section 5 for your right to object to the processing of your data).

3. Duration of processing

The traffic data of our website users is stored for six (6) months. 

We store our customers’ data for the duration of the customer relationship plus two (2) years. After this period, we archive your data and cease to actively process it. The data will be erased permanently from the archive no later than five years after archiving.

We generally store the data of potential customers for two years after the last time we contact them, after which we erase said data.

We determine the storage period of data processed for incidental purposes, such as market research, by how long the data may reasonably be expected to be relevant to our activities.

4. Data we collect

We collect and store the following data:

  • name (from customers and potential customers for the purposes of identification and communication),

  • telephone number (from customers and potential customers for the purposes of communication),

  • email address (from customers and potential customers for the purposes of communication and marketing),

  • employer/organisation and duties/role (from customers and potential customers for the purposes of maintaining the customer relationship and targeting marketing),

  • direct marketing consent or refusal of consent (from customers and potential customers for the purposes of targeting marketing),

  • notes on the customer relationship or customer (from customers for the purposes of managing the customer relationship),

  • order information (from customers for the purposes of managing the customer relationship),

  • IP address (from website users for the purposes of targeting marketing),

  • website traffic data (from the users of our website for the purposes of targeting marketing) and

  • market research data (from participants in market research surveys).

5. Your rights

You have the following rights concerning your data. If you wish to exercise your rights, please contact us on the matter at yksityisyys@rakettitiede.com.

Right to access and rectification

You have the right to access your data. You have the right to request clarification on whether we are processing your data if you do not know whether we are doing so. If you notice that your data contains errors or is incomplete, you can request that we correct it.

Right to object

You have the right to object to our processing of your personal data, which is based on our legitimate interest, at any time because of a specific reason related to your personal situation. In this case, we can also restrict the processing of your data upon your request (see below) until the issue has been resolved. We may only resume the processing of your data if you provide consent for such processing or if we have a justified reason to do so.

Right to restriction of processing

You have the right to request that we restrict the processing of your data if

  • the data is, in your opinion, erroneous;

  • we are, in your opinion, processing your data illegally, but you do not want the data to be erased entirely;

  • we no longer require your data for its original purpose, but you require it for the purposes of preparing, presenting or defending a legal claim; or

  • you have objected to the processing of your data (requested that we do not process it in any way), but we are still considering our final decision.

Withdrawing consent to direct marketing

If you do not want us to contact you via telephone, email or other methods for the purpose of marketing our services, you can request that we cease doing so. If you do, we will no longer market our services to you. Please note that, if you do not wish to see our advertisements online, you can prevent them from appearing by changing your browser’s cookie settings.

Right to erasure

If you feel that the processing of some of your information is not necessary for our purposes, you have the right to request that we erase the data in question. We will process your request, after which we will either erase the data in question or provide a justified reason for why we cannot do so. You have the right to lodge a complaint with the Data Protection Ombudsman (instructions for lodging a complaint). You also have the right to demand that we restrict the processing of the disputed data until the matter is resolved.

Right to lodge a complaint

You have the right to lodge a complaint with the Data Protection Ombudsman if you feel that we are in breach of valid data protection legislation when processing your personal data (instructions for lodging a complaint).

6. Regular data sources

Website users: The analytics and marketing tools on our website collect browsing information regarding the use of our website.

Customers: We generally receive our customers’ information from the customer themselves in connection with communications, product orders, requests for offers or trials and other corresponding interactions. We may also use public sources by, for example, searching for the contact information of a person belonging to our customer organisation on said organisation’s website.

Potential customers: We collect information from public sources about such companies and company representatives that, according to our estimate, may be interested in our services. In addition, we also receive the data of potential customers through communications, newsletter subscriptions, requests for offers or trials and other corresponding interactions.

7. Disclosures

We are constantly mapping out potential customers. Additionally, our staff, such as our accountant, may receive our customers’ personal data.

We use tools and services to store data, including personal data, in our day-to-day operations. We have agreed upon the rules of processing personal data with all the parties that have access to it and ensured that they abide by data protection legislation.

Our service providers

  • Infrastructure: Google

  • Analytics: Google Analytics

  • Customer communication and marketing: Agileday, Hubspot, Leadoo, Niittylä & Kanto, LiidIT and Webinargeek

We have the right to use the services of third parties in our customer communications and marketing. We may transfer your personal data (please refer to section 4) to third parties for these purposes. The third parties that we use are required to comply at least with the requirements of the EU General Data Protection Regulation (GDPR) when processing your personal data.

8. Transfer of data outside the EU

Our service providers may transfer data outside the EU/EEA to the United States.

United States – Privacy Shield

All our service providers that transfer personal data to the United States are part of the Privacy Shield Framework between the EU and the United States. The purpose of the framework is to ensure that the data of Europeans is processed securely in the United States. Service providers certified to the framework ensure that data is processed in accordance with high European data security and privacy standards. You can view a list of certified service providers here: www.privacyshield.gov/list.

9. Principles of register security

The safe processing of your data is important to us. We protect your data by, for example, the following means:

  • Your data cannot be viewed by anyone who does not need to view it for the purposes of their work.

  • Access to your data requires a personal user ID and password.

  • We use encryption to protect all data transfers.

  • Your data is stored on secure servers. The servers are secured effectively against both remote and physical access.

  • Our information system is secured by firewalls and other technical solutions.

  • The data is backed up regularly.

10. Cookies

Our website uses cookies. Cookies are small passive text files that pose no threat to your device or files.

How do cookies work?

When you visit our website, we send your device a cookie. Cookies are used to ensure the security, performance and user-friendliness of the service. For example, cookies help us identify frequent visitors, make it easier for users to log in and create aggregate data on users. Using this feedback, we are able to continuously improve our products and services and do things such as offering our customers personalised services. Additionally, cookies help us show you the most appropriate and interesting advertisements. They also prevent the same advertisements from appearing repeatedly.

Cookies allow us to gather information, such as

  • the user’s IP address,

  • time,

  • pages visited,

  • type of browser,

  • what web address the user was redirected from,

  • what server the user has come from and 

  • what domain name the user has come from.

Please note that this information is entirely anonymous in the form we receive it, and we cannot see who has used our website by viewing it.

You can prevent the use of cookies if you wish

Web browsers usually accept cookies by default. However, you can choose to modify your browser settings at any time and, for example, 1) prohibit the downloading of new cookies and 2) delete cookies that have already been downloaded to your device.

You can find further information about targeted advertising based on browsing data at the website Your Online Choices.
Please note that, if you do not allow cookies, our website may not display correctly or its use may be more difficult.

11. Changes

Changes to this privacy protection policy will be listed here. 

Updated 1 October 2024