Privacy Notice
MoniDose Oy's privacy practices and personal data processing in accordance with the EU General Data Protection Regulation (GDPR).
Our Commitment to Privacy
We are committed to protecting your privacy and processing your personal data responsibly and transparently. This notice explains how we collect, process, and protect your data.
1. Data Controller and Contact Information
MoniDose Oy (hereinafter "MoniDose" or "we") acts as the data controller when processing personal data of our website users. We are committed to protecting your privacy and complying with applicable data protection legislation in the processing of personal data.
Our contact information:
MoniDose Oy
Business ID: 3478744-6
Turuntie 3
37830 Akaa
Finland
For privacy matters, you can contact us at:
Email: privacy@monidose.fi
Phone: +358 50 547 2782
2. Application of the Privacy Notice
This privacy notice applies to the processing of personal data on our website monidose.fi. The notice covers data collected through the website and related processing activities. This notice does not apply to third-party websites or services that may be referenced from our site.
3. Personal Data Processed
We collect and process only such personal data that is necessary for the operation of our website and handling contact requests.
3.1 Contact Form Data
- Name (required)
- Email address (required)
- Organization (optional)
- Message content and timestamp
3.2 Demo Request Form Data
- Name (required)
- Email address (required)
- Organization (required)
- Role in organization (required)
- Phone number (optional)
- Preferred demo date (optional)
- Additional information (optional)
4. Purposes and Legal Bases for Processing Personal Data
We process your personal data for the following purposes on the following legal bases:
4.1 Legitimate Interest
We process personal data based on our legitimate interest for the following purposes:
- Responding to contact requests
- Processing demo requests
- Implementing customer communications
- Developing our services
4.2 Consent
Based on your consent, we may process your data for:
- Sending newsletters (if separately subscribed)
- Marketing communications (if separately approved)
5. B2B Professional Outreach Communication
We send targeted communication to professional roles in healthcare, wellbeing services counties (hyvinvointialueet), social & health care organisations and educational institutions about our free assessment tools that may be useful in the recipient's professional work. The following terms apply specifically to this processing.
5.1 What data we process and where from
We process only publicly available professional contact information:
- Name and professional role (title)
- Work email address and organisation
Source: Information is collected only from official organisational websites, public staff directories and similar public sources. We do not process personal email addresses (e.g. Gmail, Hotmail).
5.2 Legal basis for processing
The legal basis for processing is legitimate interest (GDPR Art. 6(1)(f)). We have assessed that communicating with a healthcare professional about free, directly role-relevant tools is proportionate to the data subject's privacy interests:
- Communication is directed only at the professional role, not personal characteristics
- Content is directly relevant to the role (medication-safety tools)
- Communication is one-off — we do not run ongoing campaigns
- Recipients can object to communication at any time without justification
5.3 Retention period
Contact information is retained in the outreach list for a maximum of 24 months, or until the recipient requests removal — whichever comes first.
5.4 Right to object to direct marketing (GDPR Art. 21(2))
You have the right at any time to object to the processing of your personal data for direct-marketing purposes, without any need to justify your request. After such objection, we will no longer process your data for this purpose.
How to object or request removal:
- Reply to the received message with the word "unsubscribe" (or "poista")
- Or send an email to privacy@monidose.fi
- Requests are processed within 24 hours at the latest
6. Retention Period for Personal Data
We follow the following principles in storing personal data:
Contact form data:
12 months from message submission
Demo request data:
24 months from request receipt
Marketing communications consents:
Until consent is withdrawn
At the end of the retention period, we delete or anonymize personal data in a secure manner, unless there is another legal basis for retaining the data.
7. Data Security
We implement appropriate technical and organizational measures to protect personal data. These include, among others:
SSL/TLS encryption in all network traffic
Data encryption at rest and in transit
Access control and authorization restrictions
Regular security updates
Staff privacy training
8. Data Subject Rights
Under the EU General Data Protection Regulation, you have the following rights:
Right of access to data
Right to rectification of data
Right to erasure ("right to be forgotten")
Right to restriction of processing
Right to data portability
Right to object
Right to withdraw consent
You can exercise your rights by contacting us by email at privacy@monidose.fi. We aim to respond to your requests within one month of receiving the request.