Privacy Policy - MedicubeX

1. Introduction

This privacy policy describes how MedicubeX processes personal data. We are committed to protecting the privacy of our customers, employees, and other stakeholders and to complying with applicable data protection legislation, including the EU General Data Protection Regulation (GDPR).

2. Data Controller

Data Controller: MedicubeX Oy

Contact information:

Address:

c/o Terkko Health Hub,

building 14

Haartmaninkatu 4,

00290 Helsinki

CEO Vili Kostamo:

Phone number: +358 44 300 1617

Email address: vili.kostamo@medicubex.com

3. Grounds and Purposes of Personal Data Processing

We process personal data on the following grounds and for the following purposes:

  • Contract: Managing customer relationships, delivering products and services.

  • Legal obligations: Accounting, taxation, and other statutory obligations.

  • Legitimate interest: Marketing, maintaining customer relationships, and developing business operations.

4. Personal Data Processed

We process the following personal data:

  • Contact information (name, address, phone number, email address)

  • Customer relationship data (order history, payment information)

  • Employee data (personal identification code, salary information)

MedicubeX does not collect personal data or health information of e-Health Station users. For this information, we recommend contacting the data controller (healthcare service provider, e.g., wellbeing services county) if necessary.

5. Personal Data Retention Period

We retain personal data only for as long as necessary to fulfill the purposes for which it is processed or to comply with statutory obligations.

6. Disclosure of Data

We may disclose personal data to third parties in the following cases:

  • Service providers (e.g., accountant, IT services)

  • Authorities (statutory obligations)

  • Other partners (e.g., logistics partners).

7. Rights of the Data Subject

The data subject has the following rights:

  • The right to access their personal data

  • The right to rectification of data

  • The right to erasure ("right to be forgotten")

  • The right to restriction of processing

  • The right to data portability

8. Data Security

We have implemented appropriate technical and organizational measures to protect personal data against unauthorized processing and accidental loss.

9. Cookies

We only use technically necessary cookies on our website. We use the Squarespace service for the maintenance of our website, which requires the use of a “Crumb” cookie to prevent cross-site request forgery. You can read more about other usage-dependent cookies that may be technically necessary and therefore used in the Squarespace service documentation.

10. Contact Us

If you have any questions or concerns regarding the processing of personal data, you can contact us using the contact information provided above.

11. Changes to this Privacy Policy

We reserve the right to change this privacy policy. We will re-evaluate and update the privacy policy if our operations change in a way that requires it. We review the privacy policy at least once a year. We will notify you of any changes on our website.