Privacy Policy & Terms Of Use

About Maria 01

Startup Maria Oy (2760866-5) (“Maria 01”, “we”, “us”) operates the www.maria.io website (the “Webpage”), where Maria 01 provides office space for startups and event hosting premises (collectively the “Services”) at Lapinlahdenkatu 16, 00180, Helsinki.

Startup Maria Oy respects your privacy and is dedicated to protecting the privacy of persons using the Services. Under the General Data Protection Regulation (2016/679), Maria 01 is liable for the processing of personal data as a controller. “Personal data” refers to any information relating to a natural person (“data subject”) that can identify the natural person directly or indirectly, e.g. name and address but also additionally possible location data or IP addresses.

This privacy policy describes how we process Personal data, e.g. what kinds of Personal data we collect, for which purposes the Personal data is used, and to which parties the Personal data can be disclosed. More precisely, we will process Personal data for various purposes, when you use the services.

Controller and contact information

Maria 01
Email: privacy@maria.io
Lapinlahdenkatu 16
00180 Helsinki
Finland

Purposes and legal basis for processing Personal Data

We process only such Personal data that is relevant and necessary for the purpose it has been collected or obtained for, and we process the Personal data in compliance with laws and regulations.

Personal data set out below will be processed for the following purposes:

Provision of the Services

We use Personal data to provide the Services and the maintenance of the Services, customer relationship management and customer support. The processing of Personal data for these purposes is based on the necessity for the fulfillment of our agreement with you and our legitimate interest to provide you with a customized experience that is tailored to your preferences.

Marketing

You may subscribe to our marketing email. When Personal data is used for sending you our electronic marketing, such communications will be based on your consent (opt-in) which you can withdraw at any time. However, Maria 01 can send direct marketing regarding services similar to the one you have acquired from us by using the electronic contact information you have provided. You also have the right to object to this kind of marketing, and it is possible to do it in advance (opt-out) as well.

Tracking and automated decision-making including profiling 

We track behavior on the Website for service development and to offer you a better user experience. We also utilize the data for marketing and internal development. We also use third-party data analytics services. See separate Cookie Policy.

Information security 

Personal data is processed for preventing, detecting, and remediating potentially prohibited or illegal activities. Additionally, Personal data is also processed in order to protect data and property. Personal data can be used for investigating possible security incidents, crimes or damages. Processing related to security and safety is based on a statutory obligation or Maria 01’s legitimate interest such as protection of our property. This includes our right to check video surveillance footage of Maria 01 campus for any suspected breach of conduct or vandalism of the property.

Legal obligations 

We also process Personal data to comply and fulfil our legal duties and obligations. Thus, the processing is based on statutory obligation.

For processing activities that are based on a legitimate interest, we have carefully balanced such legitimate interest with your right to privacy and concluded that our interest outweighs your rights and freedom, and it is likely that it would be acceptable to you for us to process your Personal data this way.

Consent

How to give consent

When Personal data is used for sending you our electronic marketing or we use your photo from our events in our external communication, the processing will be based on your consent (opt-in). Furthermore, when we collect your Personal data, you can give your consent for processing your Personal data for certain purposes.

Withdrawal of consent

You have the right to withdraw your consent at any time regarding further processing of your Personal data. The consent can be withdrawn by contacting the organization by email privacy@maria.io or by using an unsubscribe link in our marketing emails. We will comply with such a request unless there is other legitimate ground to process the Personal data.

Personal Data processed and data sources

The following Personal data from the data subjects will be processed:

Data regarding tenancy

  • Contact information (name, telephone number(s), email address)
  • Company Legal information
  • Communication data
  • Applications
  • Access data
  • Parking Permit
  • PIN-code for doors
  • Visitor data
  • Video surveillance
  • Dietary Needs

Consultation

  • Contact information

Marketing and communication

  • Contact information
  • Photo and video
  • Role and title
  • Gender

Event enrollment

  • Contact information
  • Dietary preferences

Electronic identification data: 

  • Internet Protocol (IP) address and general location based on IP-address
  • Username and user ID
  • Type of the device
  • More information regarding our use of cookies is provided in our cookie policy

Financial characteristics 

  • Credit/debit card details
  • Bank account number

We do not collect or process any special categories of Personal data such as racial or ethnic origin or political opinions.

The Personal data is collected from the following sources:

  1. Information you provide us when signing up to use the Services
  2. Automatically collected information when you use our products and services
  3. Information from third parties

When your company is already in the HubSpot database, we will update your data by using data from HubSpot.

If you have connected your user account with us to a social media channel such as YouTube, Instagram, Twitter, Facebook or LinkedIn, we receive similar information related to your interactions with the Services from such channels. We use cookies and similar technologies to collect this data. More information regarding our use of cookies is provided in our cookie policy.

Retention of Personal Data

Personal Data collected shall be retained for a period necessary to fulfill the purposes outlined in this privacy policy unless a longer retention period is required by the law. Thereafter, the Personal data will be deleted within a reasonable timeframe or rendered anonymous.

Personal data and retention periods are listed below:

Personal DataRetention period or criteria used to determine the period
Data regarding tenancy– 2 years after the end of the tenancy agreement 

– tenancy applications two months after receiving the application

– video surveillance data

Financial characteristics– two years after the last payment transaction
Marketing and communication– until person has opted out
Consultation– two years after consultation
Event enrollment– one year after the event
Partnership contracts– two years after the contract has ended

Disclosures, transfers and recipients of Personal Data

In accordance with this privacy policy, we may outsource the processing of Personal Data to service providers or subcontractors within the EU/EEA, such as IT suppliers and accountancy offices. Maria 01 provides adequate contractual obligations to ensure that Personal Data is processed in a proper and lawful manner.

The privacy policy of third parties will govern all use of Personal data provided to third parties in accordance with this privacy policy. Upon request, we will provide additional information about the processors of Personal Data and other recipients.

We may share Personal Data in connection with any merger, sale of our assets, or a financing or acquisition of all or a portion of our business. In exceptional cases, Personal data may be disclosed to third parties if required under any applicable law or regulation or an order by competent authorities, and to investigate possible infringing use of the services as well as to guarantee the safety of the services.

Transfers outside eu/eea

By using cookies Your Personal Data may be transferred to countries outside the EU/EEA, including the United States. More information regarding our use of cookies is provided in our cookie policy.

Protection of Personal Data

We commit to follow the security provisions of applicable data protection regulations, as well as to process Personal Data in compliance with good processing practices. We have taken adequate technical and organizational measures to protect Personal Data. We store the Personal data with limited access rights and secure IT environments. The IT environments are protected with firewalls and other adequate security techniques, and advanced monitoring is done 24/7. Our personnel and processors that process Personal Data are obliged to keep Personal Data strictly confidential. Access to Personal Data is only granted to the employees that need it to perform their work tasks. The employees have personal IDs and passwords. In the case of any data breach, we will inform the authorities and users/data subjects of the data breach according to applicable information security and data protection regulation(s).

Rights of the Data subjects and supervisory authority

The data subjects have the rights set out in the applicable data protection legislation

Right of access and right of inspection
You have the right to obtain confirmation from us as to whether or not Personal data concerning you is being processed. You have the right to inspect and view data concerning you and, upon a request, the right to obtain the data in a written or electronic form.

Right to rectification and right to erasure (right to be forgotten)
You have the right to demand the rectification of inaccurate Personal data concerning you and to have incomplete Personal data completed. You also have the right to require us to delete your Personal data. We also delete, correct and complete incorrect, unnecessary, incomplete or outdated data on our own initiative when we notice such data.

Right to data portability and to object and restrict processing
You have the right to receive the Personal data that you have provided to us in a structured, commonly used and machine-readable format and, if desired, transmit your data to another controller. You have the right to request the restriction of processing of your Personal data in accordance with the conditions set out in the data protection legislation. We will also restrict the processing of your Personal data if we cannot correct or delete incorrect data, or if there is any uncertainty related to request to erase your data. You have the right to object to the processing of your Personal data for certain purposes. For example, you may object to your Personal data being used for marketing purposes.

Right to withdraw consent
If the processing of your Personal data is based on your consent, you have the right to withdraw your consent at any time. The withdrawal does not affect the lawfulness of processing based on consent before its withdrawal. You can deny any direct marketing and withdraw your consent regarding electronic direct marketing by following the instructions received in connection with the marketing communication (e.g., in the marketing email or sms).

How to exercise the rights of the data subjects
After receiving all the required information for your request (including confirmation of identity), we will start the processing of your request. We will do our best effort to process your request within a period of one (1) month. We may reject requests that are unreasonably repetitive, excessive, or manifestly unfounded.
Right to lodge a complaint with the supervisory authority
In case you consider our processing activities of your Personal Data to be inconsistent with the general data protection regulation (GDPR) (EU) 2016/679, you have the right to complain with a data protection supervisory authority.

Changes to this privacy policy
We may make changes to this privacy policy at any time, whenever necessary. All changes here will be made available on our website at www.maria.io. This privacy policy has been published on 26 January 2022.

Change history
Version number 1.0
Change description –
Date 26 Jan 2022

Terms and conditions

Please read these Terms and Conditions (“Terms”, “Terms and Conditions”) carefully before using the www.maria.io website  operated by Startup Maria Oy. Your access to and use of the Service is conditioned on your acceptance of and compliance with these Terms. These Terms apply to all visitors, users and others who access or use the Service. By accessing or using the Service you agree to be bound by these Terms. If you disagree with any part of the terms then you may not access the Service.

Membership applications

If you wish to become a member you can send us a membership application. You will be asked to supply certain information regarding your company. Your application will only be processed if the application information submitted contains all the information needed. Your application can be either accepted or rejected according to our requirements. We reserve all the rights to accept or decline an application. The information you provide is confidential and only seen by  Maria 01 staff.

Event bookings

If you wish to host your event at Maria 01 you are required to fill out the form on the website with detailed information of your event. We reserve the right to decide upon our interest to grant you the booking. The information you provide is confidential and only seen by  Maria 01 staff.

Newsletter subscription

The Newsletter  Subscription section is meant for those wanting to receive monthly updates about Maria 01. You must provide your first name, email and the group you belong to. You can unsubscribe and request your data to be deleted at any time.

Links to other websites

Our Service may contain links to third-party web sites or services that are not owned or controlled by Startup Maria Oy. Startup Maria Oy has no control over, and assumes no responsibility for, the content, privacy policies, or practices of any third party web sites or services. You further acknowledge and agree that Startup Maria Oy shall not be responsible or liable, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with use of or reliance on any such content, goods or services available on or through any such web sites or services.

Changes

We reserve the right, at our sole discretion, to modify or replace these Terms at any time. If a revision is material we will try to provide at least 30 (change this) days’ notice prior to any new terms taking effect. What constitutes a material change will be determined at our sole discretion.

Contact us

If you have any questions about these Terms, please contact us. Our email is hello@maria.io