Privacy policy

Be Frsh Privacy Policy (GDPR-compliant)

Effective date: February 1, 2022
Last updated: April 30, 2025

1. Data Controller

Be Frsh Oy
Business ID: 3341905-1
PL 72, 01511 Vantaa, Finland
Email: info@befrsh.com

2. Contact for Registry Matters

Joonas Raddah
Email: info@befrsh.com

3. Name of the Register

Be Frsh Customer Register

4. Legal Basis and Purpose of Data Processing

The legal basis for processing personal data under the EU General Data Protection Regulation (GDPR) is:

  • Consent (explicit, informed, freely given)

  • Contractual obligation (e.g., order fulfillment)

Data is processed for purposes such as:

  • Customer communication

  • Order fulfillment and customer service

  • Marketing (only with consent)

We do not use your data for automated decision-making or profiling.

5. Data Content of the Register

The register may include:

  • Full name

  • Position (if relevant)

  • Company/Organization (if applicable)

  • Contact details (phone number, email address, postal address)

  • Order and customer relationship history

6. Regular Data Sources

Data is collected directly from the customer via:

  • Web forms

  • Email or phone communication

  • Social media

  • Agreements, meetings, or similar interactions

For business contacts, information may also be collected from public sources such as websites, directories, or partner companies.

7. Regular Disclosures and Data Transfers Outside EU/EEA

We do not regularly disclose personal data to third parties. Data may be transferred to a third party only if agreed upon with the customer.

Some data may be processed outside the EU/EEA (e.g., by service providers). Data will not be transferred to the United States without the customer's explicit consent.

8. Data Security Principles

We take appropriate care in handling your personal data. Data stored digitally is protected with proper access control, firewalls, and secure infrastructure.

Only employees whose job description includes handling personal data are authorized to access the register.

9. Right to Access and Rectify

Every person in the register has the right to:

  • Access their data

  • Request correction of inaccurate or incomplete data

Requests must be submitted in writing to the Data Controller. Identity verification may be required. We respond within one month, in accordance with GDPR.

10. Other Rights Related to Data Processing

You have the right to:

  • Request erasure of your data ("right to be forgotten")

  • Restrict processing under certain conditions

  • Object to processing (in certain situations)

All requests must be submitted in writing to the Data Controller. Identity verification may be required. We will respond within the timeframe set by the GDPR (typically within one month).

If you have any questions about your data or this policy, please contact us at info@befrsh.com.