This privacy statement describes how MyHID Oy (“MyHID” or the “company”) processes your personal data. When processing your personal data, we comply with the EU’s General Data Protection Regulation and other data protection legislation applicable to our operations. If necessary, MyHID may make changes to this privacy statement. This privacy statement was devised on 16 March 2022.
MyHID Oy, business ID 3179450-1
Address: Harjukatu 4 A 29, 40100 Jyväskylä, Finland
2. Person responsible for register-related matters
Tuula Pitkänen, Managing Director,
The company does not have a separate data protection officer.
3. Names of registers
Customer register: MyHID Oy
User data register: MyHomesID.app service
4. Purpose and basis of the processing of personal data
In addition to the above, the processing of personal data may be based on the data subject's consent, when the data subject has given their consent to electronic direct marketing or other processing for which MyHID has separately requested consent. In connection with marketing communications carried out on the basis of consent, MyHID may communicate to the data subject, for example, about its new products and services, the new functions and features available for these and about other similar matters.
5. Data content of the register
The customer register contains the following information:
Contact information, such as the data subject's name, e-mail address, telephone number, address, and language
Customer relationship-related information (e.g. contact requests, meetings, communications)
Potential consents and prohibitions
The user data register contains the following information:
- name, e-mail address, and telephone number of the user
- dates of the user’s payments and necessary use cases
- statistics on service use cases (e.g. number, date)
6. Retention period for personal data
MyHID keeps personal data related to the customer relationship in the registers until the customer relationship with the customer can be considered terminated. The end date is 5 years from the date of the last service contact. The retention of customer data or potentially multiple customers’ data for sales and marketing purposes is assessed at regular intervals. Unnecessary and outdated data shall be erased upon checking of the data or when it is otherwise deemed necessary or has been requested by the person.
Once the service subscription has ended, the personal data will be erased from the user data register.
7. Personal data sources
The personal data used in the customer data register is obtained directly from the person (the representative of the customer of MyHID Oy) themselves or through communication with the person.
The personal data is stored in the user data register by the customer themselves. Use case statistics are compiled with an automatic function included in the service.
8. Disclosure and transfer of data outside the EU or the European Economic Area in accordance with the Regulation
In addition, we may disclose personal data to the authorities in situations where legislation requires it. To the extent permitted by law, data may be transferred outside the EU or the EEA, but only if the necessary safeguards are in place. The register is maintained on servers located in the EU or the European Economic Area.
9. Description of the principles of protection of the registers
The information contained in the registers can only be accessed and used by those MyHID employees and partners who have the right to access it for purposes related to their work. To access the system, each user of the register must enter the specified usernames and the correct password. There is a non-disclosure agreement in place with the employees and partners.
10. Right of access to the data of the data subject (right of inspection)
The data subject has the right to inspect their own personal data stored in the personal data register and to receive copies thereof. The inspection request must be sent as described in section 13. The identity of the recipient is verified upon disclosure of the information.
11. Right of the data subject to rectification or erasure of data or restriction of processing and right of objection
The controller, on its own initiative or at the request of the data subject, shall correct, erase, or supplement personal data in the register that is inaccurate, unnecessary, incomplete, or outdated for the purpose of processing. In order to exercise the right of inspection and to rectify the information, a customer must contact us using the addresses in Section 13. A person shall have the right to request the erasure of their data from the marketing list, in which case MyHID will no longer send them customer or marketing messages.
12. Right to lodge a complaint with a supervisory authority
The data subject has the right to lodge a complaint regarding defects in the processing of personal data with the supervisory authority responsible for data protection issues, which in Finland is the Data Protection Ombudsman,
13. Contact requests
In all matters related to the processing of personal data and in situations related to the exercise of personal rights, the data subject must contact MyHID.
a) By mail to:
Harjukatu 4 A 29
40100 Jyväskylä, Finlanf
b) By sending an email to
MyHID may ask the data subject to specify their request in writing and, if necessary, the data subject's identity may be verified before taking any further action.