Your privacy is important to us. It is Whistle's (“Stonks Oy” or “Stonks”) policy to respect your privacy regarding any information we may collect from you across our website, Usewhistle.com, and other sites/apps we own and operate.

We only ask for personal information when we truly need it to provide a service to you. We collect it by fair and lawful means and with your knowledge. We also let you know why we’re collecting it and how it will be used. To read more about personal information usage, read our data privacy statement.

We only retain the collected in formation for as long as necessary in order to provide you with your requested service. The personal data stored by us will be protected with commercially acceptable technical and organisational means to prevent loss and theft, as well as unauthorised access, disclosure, copying, use or modification.

We don’t share any personal data publicly or with third-parties, except as described below in Section“Transfer of Information” or when we are required to pursuant to a law.

Our website may link to external sites that are not operated by us. Please be aware that we have no control over the content and practices of these sites, and cannot accept responsibility or liability for their respective privacy policies.

Please note that if you do not provide the requested personal information, we may be unable to provide you with some of your desired services.

Your continued use of our website will be regarded as acceptance of our practices around privacy and personal information. If you have any questions about how we handle user data and personal information, feel free to contact us.

This policy is effective as of 2nd October 2023.

‍

Data Privacy Statement

Privacy is important to us, and we are committed to protecting personal information that is processed in our product and service. This data privacy statement explains our purposes and legal basis for what information we may collect about data subjects, sources of information and how the information is processed.

What personal data does Stonks process?

In order for our customers to fully utilize the service we collect following personal information from active users: name, email, profile picture, reported incidents. In addition, we may your store contact information when you interact with us via our website.

How does Stonks collect the data?

Whistle is a SaaS-software, which uses user input and integration to service providers to collect the personal data. We might use Slack API to get relevant data related to your organization. If you contact us via our website, we receive your personal data directly from you.

How is personal data processed?

Stonks stores and processes the personal data in a cloud database located within EU and uses it to create the Whistle service. We only use data to enrich the usage of our service and do not share it with any third-parties. Processing is limited to have a minimal privacy impact and the processing of personal data is not extended beyond what the data subjects could reasonably expect.

Detailed information about our data records

Controller

Stonks Oy (”Stonks”)
Malagankatu 6 b 47
00220 Helsinki

Contact Person

Aleksi Meldo
aleksi@evergreen.so

Purpose and Legal Basis of Processing Personal Data

Processing of the personal data is based on legitimate interest as stipulated in Article 6(1)f of the General Data Protection Regulation ((EU) 2016/679). Processing is necessary in order to maintain and provide the Whistle service to our customers.

Sources of Personal Data

Stonks collects personal data from the input of the data subject itself and via third-party service APIs (currently Slack).

Categories of Personal Data

Stonks may process the following personal data of the users of Whistle app and its websites:

• Basic contact information (name, company name and email address)

• Slack profile picture url

• Usage related information

  
  

Transfer of Information

The data that Stonks collects from data subjects is not transferred to, or stored at, a destination outside the European Economic Area (“EEA”). Stonks may use external data processors and in order to facilitate the processing of personal data, some of the personal data processed by Stonks may be physically located on third-party servers or devices located within the EEA.

Stonks uses the following third-party service providers in its operations;

• MongoDB – Servers for the databases and data of Stonks;

• Render – Servers and infrastructure for the Whistle app;

• Stripe – Maintains the customer payment information in relation to Whistle app (contact information of the representative of the client’s organisation are transferred from Stonks to Stripe);

  
  

In addition, the personal data may be disclosed to a third party in the event that Stonks is sold to or merged with another business entity.

Personal Data may be disclosed to authorities in cases required by the mandatory local legislation or a court order. Data may also be disclosed if the disclosure is permitted by applicable law or regulation.

Retention of Personal Data

Personal data contained in the database will be retained as long as the client is a customer of Stonks and deleted automatically after one year from the end of the year during which the client has terminated their subscription for the services provided by Stonks. Customer has the right to request for a data erasure for his/her personal data.

Data Protection

The information security of personal data and processing and confidentiality, integrity and usability are ensured with appropriate technical and organisational measures.

All databases and information systems are accessible only with individual and personal login information (username and password). The rights to access database are restricted, so that the information can only be viewed and processed by persons whose duties such processing is a part of and are required to do so. The customers and users of our service may only have access to their own personal data which is made available to them.

Rights of data subject

You as a data subject whose personal data is governed by the EU General Data Protection Regulation, have certain rights with respect to your personal data and this section of the privacy policy is intended to provide you with information on your rights.

The EU General Data Protection Regulation grants you the following rights in relation to your personal data to the extent that your data has been recorded into our database.

If you wish to exercise your rights, please submit all requests and inquiries on data protection to the following address aleksi@evergreen.so.

Information and access to personal data

The data subject has the right to receive information on what data is being collected, the purposes of processing for which the personal data is used as well as the legal basis for the processing and the recipients or categories of recipients of the personal data, if any.

If your data is recorded in the Whistle database, its processing shall be governed by this privacy policy.

Right of access

The data subject has the right to obtain from Stonks information on whether or not their personal data are being processed, and, where that is the case, the data subject has the right to access  such personal data.

Stonks will confirm to you if your data is included in our services, what data may be identified in relation to you, and provide you with information on the original source of your personal data.

Right to rectification

The data subject has the right to rectify inaccurate personal data concerning him or her. Taking into account the purposes of the processing, data subject shall have the right to have incomplete personal data completed, including by means of providing a supplementary statement.

Right to erasure

The data subject has the right to request erasure of personal data with respect to the personal data processed by Stonks if there is no longer a legal basis for processing of personal data. Despite the request for erasure, the data may not be erased if there is a valid legal basis for processing the data, or if Stonks is obliged to process personal data for the establishment, exercise or defense of legal claims.

If you want to request and delete your data, please contact us via email at aleksi@evergreen.so

Right to file a complaint

You may also file a complaint to the supervisory authority, if you consider that the processing of personal data violates the relevant data protection legislation in force at times. The national supervisory authority in Finland is Data Protection Ombudsman(tietosuoja@om.fi).

Cookies

Cookies are small text files that are stored in your computer’s memory and hard drive when you visit certain web pages. They are used to enable websites to function or to provide information to the owners of a website.

The purpose of this policy is to inform You on how Stonks uses cookies on its website and how You can manage and control the use of cookies on Your computer or device.

In general terms, Stonks uses cookies on our websites for the following purposes:

Analytical purposes: Stonks uses analytical cookies to recognize, measure and track visitors to its websites. This is necessary to develop the way the website functions, by determining whether site visitors can find information easily, orby identifying the aspects of websites that are of the most interest to them, for example. Stonks uses currently Google Analytics for this purpose.

Usage preferences: Some cookies on the websites are activated when visitors to make a choice about their usage of the website. Our websites then use the settings preferences of the user in relation to future visits. This allows Stonks to tailor the experience on the website to the individual user.

Session management: The software that runs this website uses cookies for technical purposes needed by the internal workings of the servers. For instance, Stonks uses cookies to distribute requests among multiple servers, authenticate users and determine what features of the site they can access, verify the origin of requests, keep track of information about a user’s session and determine which options or pages to display in order for the site to function.

Functional purposes: Functional purpose cookies store information that is needed by the applications to process and operate. For example, where transactions or requests within an application involve multiple workflow stages, cookies are used to store the information from each stage temporarily, in order to facilitate completion of the overall transaction or request.

Third party cookies

When you visit the Whistle website, You may receive cookies that are set by third-parties. These may include cookies set by Google Analytics, for example as described above. Stonks does not control the setting of these third-party cookies, so it is  recommended that you check the third-party websites for more information about their use of cookies and how to manage them.

Amending cookie preferences

You may delete cookies from your computer at any time. The instructions for removing cookies from your computer or mobile device depend on the operating system and web browser you use. Please note, however, that withdrawing your agreement to the use of cookies on our websites will mean that certain functionalities are not usable or are more difficult to use.

The site www.allaboutcookies.org includes instructions for managing cookies on many commonly used browses, or you may consult the vendor documentation for your specific software.