PRIVACY
POLICY
Last update: February 28, 2023
This policy of processing of personal data (Privacy Policy) is composed in accordance with the requirements of the Tietosuojalaki, dated 05/12/2018, set up by the Ministry of Justice of Finnish Republic as well as with the standards, set by the Directives of the Council of Europe on General Data Protection Regulation (GDPR), and defines order of processing of personal data and measures to ensure safety of personal data of GEOPHONE GROUP INTERNATIONAL Oy (further referred to as “the Operator”, “we” or “us”).
This policy of processing of personal data shall be an integral part of the License Agreement with the User (https://mkartapp.com/eula ) and shall define the rules of processing of personal data, which the Operator can collect from the Users (further referred to as “the User”, or “you”) in relation to the usage by the User of the service “mKart”, when visiting web-sites https://mkart.fi/, https://mkartapp.com/, https://mkartweb.com/ and/or using software of the Operator under the brand of “mKart” and others (further referred to as “the Service”), including defining the types of the information being collected, means and methods of collecting information, purposes, measures of protecting information, as well as the rights of the User in relation of his/her Personal information.
The Operator shall make it his most important aim and condition of his business to respect human and civil rights and freedoms when processing their personal data, including protection of rights of personal and family privacy from unauthorized access and disclosure.
This policy of the Operator towards processing of personal data (further referred to as “the Policy”) applies to all information, which the Operator can receive about the visitors of the web-sites https://mkart.fi/, https://mkartapp.com/, https://mkartweb.com/ and when using the Service.
1. General definitions, used in the Policy
1.1. Automated processing of personal data – processing of personal data with the aid of computer technology;
1.2. Blocking of personal data – temporary termination of processing of personal data (excluding cases, when the processing is necessary for clarification of personal data);
1.3. Web-site – array of graphic and information materials, as well as programs for ECM and databases, providing accessibility of these materials in the Internet network at the web addresses https://mkart.fi/, https://mkartapp.com/, https://mkartweb.com/ ;
1.4. Information system of management of personal data — array of personal data, contained within databases, as well as information technologies and technical means, providing processing of personal data;
1.5. Anonymization of personal data — actions, as a result of which it should be impossible without using additional information to define ownership of personal data as that of specific User or other subject of personal data;
1.6. Processing of personal data – any action (operation) or array of actions (operations), performed with the aid of automation means or without usage of such means with the personal data, including collection, recording, systematization, accumulation, storage, clarification (updating, changing), extraction, usage, transfer (distribution, provision, access), anonymization, blocking, deletion, destruction of personal data;
1.7. The Operator – government body, municipal authority, legal body or individual person, unassisted or together with others organizing and (or) performing processing of personal data, as well as defining purposes of processing of personal data, scope of personal data, subject to processing, actions (operations), performed with the personal data;
1.8. Personal data – any information, related directly or indirectly to defined or definable User of the web-sites https://mkart.fi/, https://mkartapp.com/, https://mkartweb.com/ ;
1.9. Provision of personal data – actions, directed to disclosure of personal data to specific person or specific scope of persons;
1.10. Cross-border transfer of personal data – transfer of personal data to the territory of foreign state to a regulatory authority of foreign state, to a foreign individual person or to a foreign legal body;
1.11. Destruction of personal data – any actions, as a result of which the personal data are destructed irrevocable and without ability to later restore the content of personal data in the informational system of personal data and (or)as a result of which the physical media, on which personal data are stored, are destructed.
The User hereby shall give consent to the Operator for processing of his/her Personal information under the terms and conditions of this Privacy Policy. The actions of the User, directed towards the usage of the Service, shall be considered as acceptance without modification of the terms and conditions of this Privacy Policy and the conditions of processing of his/her Personal information, specified therein. The Operator strongly urges the User to read this Privacy Policy and to make sure, that you fully understand and agree to the Privacy Policy, prior to starting using our Service. Unless you have read in full, have understood everything and accept the terms and conditions of this Privacy Policy, you shall immediately stop using the Service.
The User shall warrant, that, in accordance with the jurisdiction of the User, the User have reached the age, allowing the User unassisted to give consent for processing his/her personal information (or is of 16 years of age, whichever is greater) or that the User is able to confirm in specified order and form the required permit from the person, keeping parental responsibility over the User.
We emphasize, that in accordance with the law, you are not obliged to provide us any information, however the provision of such information is the compulsory condition for usage of our Service. Hereby you confirm, warrant and agree, that any information, which you provide to the Operator, is provided by your own freely expressed will, is the specific, univocal and and corresponds to the wish of usage of your data for the purposes, described below.
You may withdraw consent for processing of your personal information at any time,this way the Operator strives to provide the easiest procedure of withdrawal of the consent, as well as provision of such consent. The withdrawal of the consent shall not affect the legitimacy of the processing based on the consent before the withdrawal of such consent.
2. TERMS AND DEFINITIONS
2.1. Personal information – any information on specific or specifiable individual person, being in according to the Agreement the User of the Service.
2.2. The Agreement – License Agreement between the User and the Operator for usage of the Service, available at the address https://mkartapp.com/eula , accepted in accordance with the applicable procedure by the User, and effective for the User and the Operator by the legally binding force.
2.3. The Service – software, including explicitly the software manufactured by the Operator under the brand of “mKart” and others, as well as marine navigation and land navigation service for routing, mounted on the Internet network at the web-sites https://mkart.fi/, https://mkartapp.com/, https://mkartweb.com/. The Service includes, but is not limited to the array of marine navigation , land navigation and road information, texts, graphical elements, design, images, photo and video and other results of intellectual activity, as well as the programs for ECM, contained in the information system, providing access of such information on the Internet at the network addresses https://mkart.fi/, https://mkartapp.com/, https://mkartweb.com/ .
2.4. The User – individual person or legal body visitor of the web-sites https://mkart.fi/, https://mkartapp.com/, https://mkartweb.com/ and/or user of the Service of the Operator, who has accepted the Agreement https://mkartapp.com/eula and is using the Service.
All other terms and definitions to be found in the text of the Policy, shall be construed in accordance with the other rules regulating the usage of the Service, with developed in the Internet network and applicable legislation, regulating the processing of the personal data.
3. PERSONAL INFORMATION SUBJECT TO COLLECTION
In our business we are governed by the current legislation of the Finnish Republic in the sphere of processing of personal data, as well as the standards, set forth by the Directives of the Council of Europe on General Data Protection Regulation (GDPR).
In accordance with the principle of “minimizing the data” the Operator collects Personal information only in the scope, which should be enough for the comfortable usage of the Service and reaching the purposes of collection of such information.
During the process of usage of the Service by the User we collect two types of the Personal information: Personal information and Anonymized information.
3.1. Personal information. Such information includes individual information, which identifies specific User, and which the User provides to us during the Registration.
The compulsory types of Personal information, which are necessary for using the Service, include:
· e-mail;
Additionally, you may provide on your own:
· phone number;
The specified information is not obligatory for receiving the access to the Service and is transferred to us by your own wish, but we would like to note, that such information remarkably simplifies the interoperability with the Service. This way the phone number shall allow us to react to your inquiries in more timely manner.
3.2. Anonymized information. Anonymized information – is the information, which does not identify the specific User, and it is collected automatically during Registration and usage of the Service.
Anonymized data of Users, collected with the aid of Internet statistics services, serve for collection of information on actions of Users at the site, for improvement of site's quality and its contents.
Anonymized information may include:
4. WAYS OF COLLECTION OF PERSONAL INFORMATION
4.1. The legal foundation of collection of Personal information shall be the agreement of the User for collection of information in accordance with sub-closure A of closure 1 of article 6 of the Directive of the Council of Europe on General Data Protection Regulation.
4.2. Personal information shall be collected by us during the Registration of the User in the Service. Registration in the Service may progress in standard form with User entering and/or sending of the Personal information unassisted via special forms, situated at the sites https://mkart.fi/, https://mkartapp.com/, https://mkartweb.com/ or through the account in the social networks, upon which the Personal information shall be automatically transferred from the account in the social networks.
4.3. Filling-in appropriate forms and/or sending their personal data to the Operator, the User shall signify his/her agreement with this Policy.
4.4. We shall process anonymized data about the User in such case, when it is permitted in the User's browser settings (the storage of the cookie files and the usage of JavaScript technology are activated).
4.5. Anonymized information shall be collected by us in the process of your usage of the Service.
5. PURPOSES OF COLLECTION AND PROCESSING OF PERSONAL INFORMATION
The Operator shall use the Personal information for the following purposes:
5.1. Provision of access to the Service and its further operation.
5.2. Provision of access to the information and/or content of the web-site.
5.3. Provision of information to the User by means of sending e-mails.
5.4. Development of the Service, improvement of its usability and configuration of specific parameters, on the basis of general or individual preferences, experience of usage or complications, appearing during User's sessions.
5.5. Provision of technical support, feedback, including forwarding of notifications, requests and information, related to the usage of the Service (notifications on upgrades, information on security, changes of our rules and conditions of usage of the Service).
5.6. Creating summarized statistical information, including analytics and monitoring of tendencies of usage of the Service and Users’ actions in the Service.
5.7. E-mail marketing for your e-mail address or for your mobile phone, notifications on products, services, campaigns, events and other news and information, which, by our opinion, would be interesting for the User. We may send you the marketing information. The User always may refuse receiving marketing and information messages, forwarding to the Operator the letter at the e-mail address support@mkart.fi with the note of “Refusal to receive notifications on new products and services and special offers”.
5.8. Prevention of fraud or violation of applicable laws, especially, for location, investigation and prevention of frauds and other unlawful activity and protection of rights and property of the Operator, other users and third parties.
5.9. For observance of any applicable law.
Personal information of the User shall not be used for the purposes other than specified above.
The User shall confirm that the purposes of usage of his/her Personal information correspond to his/her interests, and the consent for our processing of Personal information, expressed by the User at the start of using the Service, shall be given for each purpose of processing, specified in the clause 3.1 of the Agreement.
6. DISCLOSURE OF PERSONAL INFORMATION
6.1. The Operator shall not disclose Personal information to the third parties, excluding cases, when:
· The User expressed direct and specific consent for disclosure of his/her Personal information.
· such transfer of information is necessary for using the Service by the User, or for compliance with the License Agreement or other binding documents, regulating the relationship between the Operator and the User.
· when such transfer of information is necessary for the Service operation and its functionality (transfer of information to the hosting, communications and the network of delivery (distribution) of content, services for data protection and cyber security, billing and services of payment processing, services of location and prevention of fraud, web-analysis, distribution of electronic mail, and monitoring of the Service status, including measurement of performance and optimization of data, marketing and advertising services), third parties (receivers of the Personal information) may receive or in other way have access to the Personal information of the User, in full or in part – depending on the role and purposes of each such person in the support of operability of the Service and its improvement; more over, they may use the received information only for the purposes specified in this Policy.
· transfer of Personal information shall be done in accordance with the applicable law and by the requests of authorized subjects of receptions of such information (court requests and requests of law-enforcement authorities), when the Operator is entrusted with the disclosure of such information, if we rely in good faith on the fact, that the law requires of us that we should behave in such a way.
· the transfer of rights of property or control over all or part of the Service to the new owner is happening.
· transfer of Personal information shall be done for the purposes of providing the possibility of protection of our rights and legitimate interests or rights and interests of the third parties in cases, when the User violates this Privacy Policy or other binding documents, regulating the relationship between us and the User, and applicable laws. The cases specified above shall not be treated as unauthorized disclosure of personal information, as such actions are directed towards the implementation of purposes of processing of Personal information.
6.2. We shall never sell Personal information of the Users to the third persons.
6.3. Information shall be transferred exclusively in strict adherence to this Privacy Policy and within the bounds of the applicable law.
7. STORAGE TERRITORY AND CROSS-BORDER TRANSFER OF PERSONAL INFORMATION
7.1. The Operator shall store and process Personal information of visitors of the sites https://mkart.fi/, https://mkartapp.com/, https://mkartweb.com/ and users of the Service in Finnish Republic and the European Union. Storage and processing of Personal information of Users shall be done either directly by us, or with assistance of the third parties, specializing in storage of information, provided that such parties shall protect and store Personal information in accordance with this Privacy Policy.
7.2. In cases, when you are the resident of the jurisdiction, which imposes the obligations of “localization of data” or “residence of information” (i.e. requires, that Personal information of the residents shall be contended within territorial borders of this jurisdiction), we provide storage of your Personal information within such territorial borders, provided that we such obligation would be imposed on us.
7.3. We strive to protect and store Personal information of Users in accordance with the international industry standards and shall not accept for consideration regulatory requirements inferior to those under User’s jurisdiction.
7.4. In case we and the User reside in different jurisdiction, receiving access or using Services or in any other way providing us his/her Personal information, the User shall agree for the process and transfer of information to the country of our incorporation, upon which we shall warrant, that we shall take appropriate measures for protection of Personal information about the User in accordance with this Privacy Policy and the applicable law.
7.5. Cross-border transfer of personal data at the territory of foreign states, not meeting the requirements, specified above, may be done only in case of the availability of consent in written form of the subject of personal data for the cross-border transfer of his/her personal data and/or performance of contract, the party of which the subject of personal data constitutes.
7.6. Personal data of Users shall be stored exclusively on electronic media and shall be processed using automated systems, unless non-automated processing of personal data is necessary in relation to satisfying the requirements of legislation.
8. USING TRACKING TECHNOLOGIES
8.1. Operator shall use specific technologies of control and tracking to support, provide and improve the operation of our Service on regular basis, and to provide the User with comfort usage of the Service. By default we use several such technologies for the purposes of authentication of session of work and User, security, for storing preferences of the User (for example, in relation to language by default and settings), stability of connection, monitoring of our Service performance and marketing campaigns, as well as for providing and improving of our Services.
9. USER RIGHTS
As part of our Privacy Policy each User shall have the following rights in relation of his/her Personal information:
9.1. Right of access to his/her Personal information. To ensure the performance of this right the Service provides special section in the Account, where all Personal information of the User received by us is specified. The User may go to the section with Personal information and familiarize yourself with the information, which we currently have. By request of the User we provide full list of Personal information, which we have collected about the User, legal reason and purposes of processing, categories of Personal information, list of the third parties, to which Personal information has been or will be disclosed, for which time period Personal information will be stored, as well as the measures of protection of Personal information. The answer shall be given within reasonable time frames in accordance with the applicable law.
9.2. Right of correction. The User shall at any given time have the right to rectify his/her Personal information on their own through the Account, should for one reason or another the User face problems with rectifying Personal information, the User may forward appropriate request to our e-mail address support@mkart.fi with the note “Update of personal data”, we shall rectify the data within reasonable time. Taking into account the purposes of processing, the Subject of data shall have the right for incomplete Personal data, specifying only compulsory types of Personal information necessary for performance of access to the Service.
9.3. The right to withdraw consent for processing of Personal information. The User shall have the right to withdraw his/her consent at any given time. The withdrawal of the consent shall not affect the legitimacy of the processing based on the consent before the withdrawal of such consent. The Service shall provide the possibility to withdraw the consent in similarly easy way as it was provided. So, the User shall have the possibility at any given time to forward us the request to delete the Account, forwarding to the Operator the notification via electronic mail service at the e-mail address of the Operator support@mkart.fi with the note “Withdrawal of the consent for processing of personal data”, — we shall delete the Account within reasonable time after receiving the appropriate request. Take note, that you may rectify, update or delete specific parts of Personal information on your own. When rectifying Personal information or withdrawing the consent by the User, we shall notify about the fact all the third parties, having the access to the Personal information of the User.
9.4. Right of wiping (“right of falling into oblivion”). The User shall have the right to demand, and we shall perform the wiping of Personal information of the User without undue delay, when:
· Personal information is not necessary anymore for the purposes, for which it was collected;
· subject of data withdraws the consent for processing of his/her Personal information, which constitutes the reason of its collection;
· personal data were processed illegally;
· personal data should be erased in accordance with the law.
9.5. Right of portability of data. The User shall have the right for receiving his/her Personal information in structured, usually used and machine-readable format. The User may receive all Personal information, collected by us at any time, in structured form, by forwarding the appropriate request to the technical support service. The User shall have the right to pass his/her Personal information directly from one controller to the other, if it is technically possible.
10. PERSONAL INFORMATION STORAGE TIME
We store your Personal information during all time of using Service (validity of your Account) or until such time, when we shall not need these data for provision of Service or, when the bigger time period is specified for this (if we shall store it longer under the applicable law or it is done for settlement of disputes in relation to our Users, prevention of fraud and improper use and/or protection of our legitimate interests).
11. SAFETY OF INFORMATION
11.1. We hereby shall give warrant, that we take all necessary and sufficient, in accordance with the applicable law, organizational and technical measures for protection of Personal information of the User from illegal or accidental access, destruction, changing, blocking, copying, distribution, as well as other illegal actions with the information by the third parties. In our business we use common industry standard for protection of Personal information of the User and strive to fully protect and provide privacy of Personal information. Protection of Personal information was implemented by default at design level of the Service during its development. Safety measures include firewall, pseudonymization, data encryption, data mitigation, processing systems tolerance to failure, ability to timely restore availability and access to Personal information in case of physical or technical incident, control of physical access to the centers of data processing, as well as control of authorization tights for access to data. We regularly monitor our systems for possible weaknesses and attacks, evaluation of efficiency of technical and organizational safety measures in relation to Personal information, and constantly seek new ways and providers of services for further improvement of safety of our Service and protection of privacy of our Users. All third parties getting access to Personal information and participating in providing of access to the Service for the User abide to similarly strict safety measures in relation to Personal information.
11.2. However, we can not guarantee the absolute protection, and thus urge you to use caution, set strong password for your account and avoid providing any sensible information, the disclosure of which may cause you significant harm.
11.3. Should any privacy of Personal information compromise occur, we shall take all measures within our power for damage control or mitigation of any negative consequences, as well as immediately notify authorized supervisory bodies and the User about such incident, specifying all available information about privacy compromise. Facts of such incidents shall be recorded in the special register of incidents, which we shall maintain in accordance with the applicable law.
11.4. In this Policy the privacy of Personal information compromise shall be considered security violation, leading to accidental or illegal destruction, loss, changing, unauthorized disclosure or access to the transferred or processed Personal information.
12. CHANGES AND INTERPRETATION OF PRIVACY POLICY
12.1. This Privacy Policy, its interpretation and any claims and disputes, related to it, shall be regulated, interpreted and applied exclusively in accordance with our incorporation, not taking into account current principles of law of conflict.
12.2. Hereby you agree, that any arising disputes are subject to resolution exclusively by the courts at the place of our incorporation.
12.3. We shall have the right to make changes to the Privacy Policy at any given moment. Should we decide, that introduced changes are significant (at our own conscientious discretion), we shall notify you about this fact prior to the moment these changes should go into effect.
12.4. We recommend you to periodically view this page to get up-to-date information about our Privacy Policy. Unless otherwise expressly provided, our last revision of Privacy Policy is applicable to all information, that we have of you.
13. INTERACTION WITH OPERATOR AND RESPONSES TO USER’S REQUESTS
13.1. Should you have any questions about this Privacy Policy, please, contact us via electronic mail by sending your messages at the address support@mkart.fi .
13.2. Also you can forward a letter at our address
in Finland: Ristiniementie 24, C11, 02320, ESPOO, Finland.
13.3. We shall response to your request within reasonable time or the time period specified in the applicable law.
13.4. In cases, when this Policy or applicable law obliges us to provide copies of information or any documents, we shall provide them in a single copy free of charge, for any other requested copies we shall have the right to charge reasonable fee, based on office expenses. Should you make a request by electronic means, and unless otherwise expressly requested by you, we provide the response in the widely used electronic format.
13.5. Should the requests of the Users be obviously irrational or excessive, especially because of their repeated nature, we shall have the right to charge reasonable fee, taking into consideration office expenses of providing information or refuse to act on the request.
13.6. Should we have reasonable doubts in relation to the identity of the person, making a request, we may request to provide additional information, necessary to confirm the identity of the User.
13.7. This document shall reflect any changes of the policy of processing of personal data by Operator. The Policy shall remain in force without limit of time until its replacement by the new version.
13.8. Up-to-date version of the Policy is freely available on the Internet at the network address https://mkartapp.com/privacy-policy
POLICY
Last update: February 28, 2023
This policy of processing of personal data (Privacy Policy) is composed in accordance with the requirements of the Tietosuojalaki, dated 05/12/2018, set up by the Ministry of Justice of Finnish Republic as well as with the standards, set by the Directives of the Council of Europe on General Data Protection Regulation (GDPR), and defines order of processing of personal data and measures to ensure safety of personal data of GEOPHONE GROUP INTERNATIONAL Oy (further referred to as “the Operator”, “we” or “us”).
This policy of processing of personal data shall be an integral part of the License Agreement with the User (https://mkartapp.com/eula ) and shall define the rules of processing of personal data, which the Operator can collect from the Users (further referred to as “the User”, or “you”) in relation to the usage by the User of the service “mKart”, when visiting web-sites https://mkart.fi/, https://mkartapp.com/, https://mkartweb.com/ and/or using software of the Operator under the brand of “mKart” and others (further referred to as “the Service”), including defining the types of the information being collected, means and methods of collecting information, purposes, measures of protecting information, as well as the rights of the User in relation of his/her Personal information.
The Operator shall make it his most important aim and condition of his business to respect human and civil rights and freedoms when processing their personal data, including protection of rights of personal and family privacy from unauthorized access and disclosure.
This policy of the Operator towards processing of personal data (further referred to as “the Policy”) applies to all information, which the Operator can receive about the visitors of the web-sites https://mkart.fi/, https://mkartapp.com/, https://mkartweb.com/ and when using the Service.
1. General definitions, used in the Policy
1.1. Automated processing of personal data – processing of personal data with the aid of computer technology;
1.2. Blocking of personal data – temporary termination of processing of personal data (excluding cases, when the processing is necessary for clarification of personal data);
1.3. Web-site – array of graphic and information materials, as well as programs for ECM and databases, providing accessibility of these materials in the Internet network at the web addresses https://mkart.fi/, https://mkartapp.com/, https://mkartweb.com/ ;
1.4. Information system of management of personal data — array of personal data, contained within databases, as well as information technologies and technical means, providing processing of personal data;
1.5. Anonymization of personal data — actions, as a result of which it should be impossible without using additional information to define ownership of personal data as that of specific User or other subject of personal data;
1.6. Processing of personal data – any action (operation) or array of actions (operations), performed with the aid of automation means or without usage of such means with the personal data, including collection, recording, systematization, accumulation, storage, clarification (updating, changing), extraction, usage, transfer (distribution, provision, access), anonymization, blocking, deletion, destruction of personal data;
1.7. The Operator – government body, municipal authority, legal body or individual person, unassisted or together with others organizing and (or) performing processing of personal data, as well as defining purposes of processing of personal data, scope of personal data, subject to processing, actions (operations), performed with the personal data;
1.8. Personal data – any information, related directly or indirectly to defined or definable User of the web-sites https://mkart.fi/, https://mkartapp.com/, https://mkartweb.com/ ;
1.9. Provision of personal data – actions, directed to disclosure of personal data to specific person or specific scope of persons;
1.10. Cross-border transfer of personal data – transfer of personal data to the territory of foreign state to a regulatory authority of foreign state, to a foreign individual person or to a foreign legal body;
1.11. Destruction of personal data – any actions, as a result of which the personal data are destructed irrevocable and without ability to later restore the content of personal data in the informational system of personal data and (or)as a result of which the physical media, on which personal data are stored, are destructed.
The User hereby shall give consent to the Operator for processing of his/her Personal information under the terms and conditions of this Privacy Policy. The actions of the User, directed towards the usage of the Service, shall be considered as acceptance without modification of the terms and conditions of this Privacy Policy and the conditions of processing of his/her Personal information, specified therein. The Operator strongly urges the User to read this Privacy Policy and to make sure, that you fully understand and agree to the Privacy Policy, prior to starting using our Service. Unless you have read in full, have understood everything and accept the terms and conditions of this Privacy Policy, you shall immediately stop using the Service.
The User shall warrant, that, in accordance with the jurisdiction of the User, the User have reached the age, allowing the User unassisted to give consent for processing his/her personal information (or is of 16 years of age, whichever is greater) or that the User is able to confirm in specified order and form the required permit from the person, keeping parental responsibility over the User.
We emphasize, that in accordance with the law, you are not obliged to provide us any information, however the provision of such information is the compulsory condition for usage of our Service. Hereby you confirm, warrant and agree, that any information, which you provide to the Operator, is provided by your own freely expressed will, is the specific, univocal and and corresponds to the wish of usage of your data for the purposes, described below.
You may withdraw consent for processing of your personal information at any time,this way the Operator strives to provide the easiest procedure of withdrawal of the consent, as well as provision of such consent. The withdrawal of the consent shall not affect the legitimacy of the processing based on the consent before the withdrawal of such consent.
2. TERMS AND DEFINITIONS
2.1. Personal information – any information on specific or specifiable individual person, being in according to the Agreement the User of the Service.
2.2. The Agreement – License Agreement between the User and the Operator for usage of the Service, available at the address https://mkartapp.com/eula , accepted in accordance with the applicable procedure by the User, and effective for the User and the Operator by the legally binding force.
2.3. The Service – software, including explicitly the software manufactured by the Operator under the brand of “mKart” and others, as well as marine navigation and land navigation service for routing, mounted on the Internet network at the web-sites https://mkart.fi/, https://mkartapp.com/, https://mkartweb.com/. The Service includes, but is not limited to the array of marine navigation , land navigation and road information, texts, graphical elements, design, images, photo and video and other results of intellectual activity, as well as the programs for ECM, contained in the information system, providing access of such information on the Internet at the network addresses https://mkart.fi/, https://mkartapp.com/, https://mkartweb.com/ .
2.4. The User – individual person or legal body visitor of the web-sites https://mkart.fi/, https://mkartapp.com/, https://mkartweb.com/ and/or user of the Service of the Operator, who has accepted the Agreement https://mkartapp.com/eula and is using the Service.
All other terms and definitions to be found in the text of the Policy, shall be construed in accordance with the other rules regulating the usage of the Service, with developed in the Internet network and applicable legislation, regulating the processing of the personal data.
3. PERSONAL INFORMATION SUBJECT TO COLLECTION
In our business we are governed by the current legislation of the Finnish Republic in the sphere of processing of personal data, as well as the standards, set forth by the Directives of the Council of Europe on General Data Protection Regulation (GDPR).
In accordance with the principle of “minimizing the data” the Operator collects Personal information only in the scope, which should be enough for the comfortable usage of the Service and reaching the purposes of collection of such information.
During the process of usage of the Service by the User we collect two types of the Personal information: Personal information and Anonymized information.
3.1. Personal information. Such information includes individual information, which identifies specific User, and which the User provides to us during the Registration.
The compulsory types of Personal information, which are necessary for using the Service, include:
· e-mail;
Additionally, you may provide on your own:
· phone number;
The specified information is not obligatory for receiving the access to the Service and is transferred to us by your own wish, but we would like to note, that such information remarkably simplifies the interoperability with the Service. This way the phone number shall allow us to react to your inquiries in more timely manner.
3.2. Anonymized information. Anonymized information – is the information, which does not identify the specific User, and it is collected automatically during Registration and usage of the Service.
Anonymized data of Users, collected with the aid of Internet statistics services, serve for collection of information on actions of Users at the site, for improvement of site's quality and its contents.
Anonymized information may include:
- information, received, using cookie, pixel tags,web beacons, tools of analysis in browser and Web server logs, as well as other similar technologies and tools, such as Internet statistics services (Yandex.Metric and Google Analytics and others);
- information on devices, which the User uses for access to the Service, including the type of OS, model of the device, type of browser, system settings, including information on the language used by the User's system, geodata (country/region specification), timezone of the User's device, carrier company;
- action logs, stored at the server, which record IP-addresses of the devices, which the User uses for interaction with the Service, time of access, sequence of actions of the User in the Service, information on session, including response time, loading errors;
- information from User’s account in the social network (depending on privacy settings, specified by the User for his/her social network account), this way we may receive information on your interests and preferences, as well as access to your photo;
- location information (in foreground and background modes) for routing from the current location purpose;
- other information, not identifying the User, depending on permissions provided by you.
4. WAYS OF COLLECTION OF PERSONAL INFORMATION
4.1. The legal foundation of collection of Personal information shall be the agreement of the User for collection of information in accordance with sub-closure A of closure 1 of article 6 of the Directive of the Council of Europe on General Data Protection Regulation.
4.2. Personal information shall be collected by us during the Registration of the User in the Service. Registration in the Service may progress in standard form with User entering and/or sending of the Personal information unassisted via special forms, situated at the sites https://mkart.fi/, https://mkartapp.com/, https://mkartweb.com/ or through the account in the social networks, upon which the Personal information shall be automatically transferred from the account in the social networks.
4.3. Filling-in appropriate forms and/or sending their personal data to the Operator, the User shall signify his/her agreement with this Policy.
4.4. We shall process anonymized data about the User in such case, when it is permitted in the User's browser settings (the storage of the cookie files and the usage of JavaScript technology are activated).
4.5. Anonymized information shall be collected by us in the process of your usage of the Service.
5. PURPOSES OF COLLECTION AND PROCESSING OF PERSONAL INFORMATION
The Operator shall use the Personal information for the following purposes:
5.1. Provision of access to the Service and its further operation.
5.2. Provision of access to the information and/or content of the web-site.
5.3. Provision of information to the User by means of sending e-mails.
5.4. Development of the Service, improvement of its usability and configuration of specific parameters, on the basis of general or individual preferences, experience of usage or complications, appearing during User's sessions.
5.5. Provision of technical support, feedback, including forwarding of notifications, requests and information, related to the usage of the Service (notifications on upgrades, information on security, changes of our rules and conditions of usage of the Service).
5.6. Creating summarized statistical information, including analytics and monitoring of tendencies of usage of the Service and Users’ actions in the Service.
5.7. E-mail marketing for your e-mail address or for your mobile phone, notifications on products, services, campaigns, events and other news and information, which, by our opinion, would be interesting for the User. We may send you the marketing information. The User always may refuse receiving marketing and information messages, forwarding to the Operator the letter at the e-mail address support@mkart.fi with the note of “Refusal to receive notifications on new products and services and special offers”.
5.8. Prevention of fraud or violation of applicable laws, especially, for location, investigation and prevention of frauds and other unlawful activity and protection of rights and property of the Operator, other users and third parties.
5.9. For observance of any applicable law.
Personal information of the User shall not be used for the purposes other than specified above.
The User shall confirm that the purposes of usage of his/her Personal information correspond to his/her interests, and the consent for our processing of Personal information, expressed by the User at the start of using the Service, shall be given for each purpose of processing, specified in the clause 3.1 of the Agreement.
6. DISCLOSURE OF PERSONAL INFORMATION
6.1. The Operator shall not disclose Personal information to the third parties, excluding cases, when:
· The User expressed direct and specific consent for disclosure of his/her Personal information.
· such transfer of information is necessary for using the Service by the User, or for compliance with the License Agreement or other binding documents, regulating the relationship between the Operator and the User.
· when such transfer of information is necessary for the Service operation and its functionality (transfer of information to the hosting, communications and the network of delivery (distribution) of content, services for data protection and cyber security, billing and services of payment processing, services of location and prevention of fraud, web-analysis, distribution of electronic mail, and monitoring of the Service status, including measurement of performance and optimization of data, marketing and advertising services), third parties (receivers of the Personal information) may receive or in other way have access to the Personal information of the User, in full or in part – depending on the role and purposes of each such person in the support of operability of the Service and its improvement; more over, they may use the received information only for the purposes specified in this Policy.
· transfer of Personal information shall be done in accordance with the applicable law and by the requests of authorized subjects of receptions of such information (court requests and requests of law-enforcement authorities), when the Operator is entrusted with the disclosure of such information, if we rely in good faith on the fact, that the law requires of us that we should behave in such a way.
· the transfer of rights of property or control over all or part of the Service to the new owner is happening.
· transfer of Personal information shall be done for the purposes of providing the possibility of protection of our rights and legitimate interests or rights and interests of the third parties in cases, when the User violates this Privacy Policy or other binding documents, regulating the relationship between us and the User, and applicable laws. The cases specified above shall not be treated as unauthorized disclosure of personal information, as such actions are directed towards the implementation of purposes of processing of Personal information.
6.2. We shall never sell Personal information of the Users to the third persons.
6.3. Information shall be transferred exclusively in strict adherence to this Privacy Policy and within the bounds of the applicable law.
7. STORAGE TERRITORY AND CROSS-BORDER TRANSFER OF PERSONAL INFORMATION
7.1. The Operator shall store and process Personal information of visitors of the sites https://mkart.fi/, https://mkartapp.com/, https://mkartweb.com/ and users of the Service in Finnish Republic and the European Union. Storage and processing of Personal information of Users shall be done either directly by us, or with assistance of the third parties, specializing in storage of information, provided that such parties shall protect and store Personal information in accordance with this Privacy Policy.
7.2. In cases, when you are the resident of the jurisdiction, which imposes the obligations of “localization of data” or “residence of information” (i.e. requires, that Personal information of the residents shall be contended within territorial borders of this jurisdiction), we provide storage of your Personal information within such territorial borders, provided that we such obligation would be imposed on us.
7.3. We strive to protect and store Personal information of Users in accordance with the international industry standards and shall not accept for consideration regulatory requirements inferior to those under User’s jurisdiction.
7.4. In case we and the User reside in different jurisdiction, receiving access or using Services or in any other way providing us his/her Personal information, the User shall agree for the process and transfer of information to the country of our incorporation, upon which we shall warrant, that we shall take appropriate measures for protection of Personal information about the User in accordance with this Privacy Policy and the applicable law.
7.5. Cross-border transfer of personal data at the territory of foreign states, not meeting the requirements, specified above, may be done only in case of the availability of consent in written form of the subject of personal data for the cross-border transfer of his/her personal data and/or performance of contract, the party of which the subject of personal data constitutes.
7.6. Personal data of Users shall be stored exclusively on electronic media and shall be processed using automated systems, unless non-automated processing of personal data is necessary in relation to satisfying the requirements of legislation.
8. USING TRACKING TECHNOLOGIES
8.1. Operator shall use specific technologies of control and tracking to support, provide and improve the operation of our Service on regular basis, and to provide the User with comfort usage of the Service. By default we use several such technologies for the purposes of authentication of session of work and User, security, for storing preferences of the User (for example, in relation to language by default and settings), stability of connection, monitoring of our Service performance and marketing campaigns, as well as for providing and improving of our Services.
9. USER RIGHTS
As part of our Privacy Policy each User shall have the following rights in relation of his/her Personal information:
9.1. Right of access to his/her Personal information. To ensure the performance of this right the Service provides special section in the Account, where all Personal information of the User received by us is specified. The User may go to the section with Personal information and familiarize yourself with the information, which we currently have. By request of the User we provide full list of Personal information, which we have collected about the User, legal reason and purposes of processing, categories of Personal information, list of the third parties, to which Personal information has been or will be disclosed, for which time period Personal information will be stored, as well as the measures of protection of Personal information. The answer shall be given within reasonable time frames in accordance with the applicable law.
9.2. Right of correction. The User shall at any given time have the right to rectify his/her Personal information on their own through the Account, should for one reason or another the User face problems with rectifying Personal information, the User may forward appropriate request to our e-mail address support@mkart.fi with the note “Update of personal data”, we shall rectify the data within reasonable time. Taking into account the purposes of processing, the Subject of data shall have the right for incomplete Personal data, specifying only compulsory types of Personal information necessary for performance of access to the Service.
9.3. The right to withdraw consent for processing of Personal information. The User shall have the right to withdraw his/her consent at any given time. The withdrawal of the consent shall not affect the legitimacy of the processing based on the consent before the withdrawal of such consent. The Service shall provide the possibility to withdraw the consent in similarly easy way as it was provided. So, the User shall have the possibility at any given time to forward us the request to delete the Account, forwarding to the Operator the notification via electronic mail service at the e-mail address of the Operator support@mkart.fi with the note “Withdrawal of the consent for processing of personal data”, — we shall delete the Account within reasonable time after receiving the appropriate request. Take note, that you may rectify, update or delete specific parts of Personal information on your own. When rectifying Personal information or withdrawing the consent by the User, we shall notify about the fact all the third parties, having the access to the Personal information of the User.
9.4. Right of wiping (“right of falling into oblivion”). The User shall have the right to demand, and we shall perform the wiping of Personal information of the User without undue delay, when:
· Personal information is not necessary anymore for the purposes, for which it was collected;
· subject of data withdraws the consent for processing of his/her Personal information, which constitutes the reason of its collection;
· personal data were processed illegally;
· personal data should be erased in accordance with the law.
9.5. Right of portability of data. The User shall have the right for receiving his/her Personal information in structured, usually used and machine-readable format. The User may receive all Personal information, collected by us at any time, in structured form, by forwarding the appropriate request to the technical support service. The User shall have the right to pass his/her Personal information directly from one controller to the other, if it is technically possible.
10. PERSONAL INFORMATION STORAGE TIME
We store your Personal information during all time of using Service (validity of your Account) or until such time, when we shall not need these data for provision of Service or, when the bigger time period is specified for this (if we shall store it longer under the applicable law or it is done for settlement of disputes in relation to our Users, prevention of fraud and improper use and/or protection of our legitimate interests).
11. SAFETY OF INFORMATION
11.1. We hereby shall give warrant, that we take all necessary and sufficient, in accordance with the applicable law, organizational and technical measures for protection of Personal information of the User from illegal or accidental access, destruction, changing, blocking, copying, distribution, as well as other illegal actions with the information by the third parties. In our business we use common industry standard for protection of Personal information of the User and strive to fully protect and provide privacy of Personal information. Protection of Personal information was implemented by default at design level of the Service during its development. Safety measures include firewall, pseudonymization, data encryption, data mitigation, processing systems tolerance to failure, ability to timely restore availability and access to Personal information in case of physical or technical incident, control of physical access to the centers of data processing, as well as control of authorization tights for access to data. We regularly monitor our systems for possible weaknesses and attacks, evaluation of efficiency of technical and organizational safety measures in relation to Personal information, and constantly seek new ways and providers of services for further improvement of safety of our Service and protection of privacy of our Users. All third parties getting access to Personal information and participating in providing of access to the Service for the User abide to similarly strict safety measures in relation to Personal information.
11.2. However, we can not guarantee the absolute protection, and thus urge you to use caution, set strong password for your account and avoid providing any sensible information, the disclosure of which may cause you significant harm.
11.3. Should any privacy of Personal information compromise occur, we shall take all measures within our power for damage control or mitigation of any negative consequences, as well as immediately notify authorized supervisory bodies and the User about such incident, specifying all available information about privacy compromise. Facts of such incidents shall be recorded in the special register of incidents, which we shall maintain in accordance with the applicable law.
11.4. In this Policy the privacy of Personal information compromise shall be considered security violation, leading to accidental or illegal destruction, loss, changing, unauthorized disclosure or access to the transferred or processed Personal information.
12. CHANGES AND INTERPRETATION OF PRIVACY POLICY
12.1. This Privacy Policy, its interpretation and any claims and disputes, related to it, shall be regulated, interpreted and applied exclusively in accordance with our incorporation, not taking into account current principles of law of conflict.
12.2. Hereby you agree, that any arising disputes are subject to resolution exclusively by the courts at the place of our incorporation.
12.3. We shall have the right to make changes to the Privacy Policy at any given moment. Should we decide, that introduced changes are significant (at our own conscientious discretion), we shall notify you about this fact prior to the moment these changes should go into effect.
12.4. We recommend you to periodically view this page to get up-to-date information about our Privacy Policy. Unless otherwise expressly provided, our last revision of Privacy Policy is applicable to all information, that we have of you.
13. INTERACTION WITH OPERATOR AND RESPONSES TO USER’S REQUESTS
13.1. Should you have any questions about this Privacy Policy, please, contact us via electronic mail by sending your messages at the address support@mkart.fi .
13.2. Also you can forward a letter at our address
in Finland: Ristiniementie 24, C11, 02320, ESPOO, Finland.
13.3. We shall response to your request within reasonable time or the time period specified in the applicable law.
13.4. In cases, when this Policy or applicable law obliges us to provide copies of information or any documents, we shall provide them in a single copy free of charge, for any other requested copies we shall have the right to charge reasonable fee, based on office expenses. Should you make a request by electronic means, and unless otherwise expressly requested by you, we provide the response in the widely used electronic format.
13.5. Should the requests of the Users be obviously irrational or excessive, especially because of their repeated nature, we shall have the right to charge reasonable fee, taking into consideration office expenses of providing information or refuse to act on the request.
13.6. Should we have reasonable doubts in relation to the identity of the person, making a request, we may request to provide additional information, necessary to confirm the identity of the User.
13.7. This document shall reflect any changes of the policy of processing of personal data by Operator. The Policy shall remain in force without limit of time until its replacement by the new version.
13.8. Up-to-date version of the Policy is freely available on the Internet at the network address https://mkartapp.com/privacy-policy