top of page

Privacy Policy

 Last updated: 3 April 2024

​

This is Waves Psychological Consulting's register and privacy policy.

This Privacy Policy describes how Waves Psychological Consulting ("we," "us," or "our") collects, uses, and discloses personal data when you visit our website www.wavespsy.com (the "Website") and use our services. We are committed to protecting your privacy and handling your personal data responsibly and in compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR).

1. Name of the register

​

Waves Psychological Consulting client register

 

2. The register keeper and the contact person responsible for the register

​

Waves Psychological Consulting (3277325-1)

Esa Aalto

Lammaspesimentie 25, 20960 Turku, Finland

Info@wavespsy.com

+358 4578341628

​

If you have any questions or concerns about this this register, Privacy Policy, or our privacy practices, please get in touch with us.

​

3. Information we collect

​

  1. Personal information: We collect the information you provide to us voluntarily when using our services, such as: name, email address, contact information, payment card details, and billing address. We may also collect sensitive health and financial information and personal information if provided and required to provide our services.

  2. Payment Information: Payment information provided during transactions is processed and stored securely by Wix Payments. You can find their privacy policy here.

  3. Social Media Login Data: If you choose to log in to our services using social media authentication, we may collect information associated with your social media account, such as your username and profile information.

  4. Automatically Collected Data: We also collect certain information automatically when you visit our Website, including:

  • Usage data: Information about your interactions with our Website, such as pages visited, time spent on each page, and actions taken.

  • Device data: Information about your device, such as device type, operating system, and browser type.

  • Location data: Information about your approximate location, based on your IP address or other location-based data.

​

4. How we process your data

​

We only process your personal data for legitimate purposes and in accordance with applicable data protection laws. We do not use your personal data for automated decision-making or profiling that produces legal effects concerning you or similarly significantly affects you without your explicit consent.

​​​

We collect and process your personal data for various purposes, including:

  1. Providing Services: We use your personal data to deliver the services you request from us, such as scheduling appointments, providing psychological consultations, and facilitating communication between you and our team.

  2. Account Management: Your personal data is used for account creation and management purposes, including verifying your identity, maintaining your account preferences, and providing customer support.

  3. Payment Processing: If you make purchases through our website, we collect and process your payment information to facilitate transactions and fulfill your orders. This includes securely transmitting your payment details to our third-party payment processors.

  4. Communications: We may use your personal data to communicate with you about your account, appointments, transactions, and other service-related matters. This may include sending you notifications, updates, and reminders via email, SMS, or other channels.

  5. Improving Services: We analyse usage data and feedback to evaluate and improve the quality, effectiveness, and performance of our services. This helps us enhance your experience, tailor our offerings to your needs, and develop new features and functionalities.

  6. Personalization: We may use your personal data to personalize your experience on our website and tailor our services to your preferences and interests. This may include recommending relevant content, services, or offers based on your usage history and interactions with our platform.

  7. Legal Compliance: We may process your personal data to comply with applicable laws, regulations, legal obligations, or court orders, and to respond to lawful requests from law enforcement agencies or government authorities.

  8. Security and Fraud Prevention: Your personal data is used to protect the security and integrity of our website, prevent fraudulent activities, unauthorized access, and other unlawful activities, and to safeguard the rights, property, and safety of our users and our organization.

  9. Marketing and Promotions: With your consent, we may use your personal data to send you promotional materials, newsletters, special offers, and other marketing communications about our services or third-party products and services that may be of interest to you.

  10. Research and Analytics: We may anonymize and aggregate your personal data for research, statistical analysis, and business intelligence purposes to better understand user demographics, preferences, trends, and behaviors, and to inform our strategic decision-making and marketing efforts.​

​

5. Legal basis and purpose of personal data processing

​

Our legal basis for collecting and processing your personal data varies depending on the specific purposes for which we collect the data. Generally, we rely on one or more of the following legal bases:

  1. Contractual Necessity: We may collect and process your personal data as necessary to perform our contractual obligations to you, such as providing the services you have requested, managing your account, and fulfilling transactions.

  2. Consent: In some cases, we may rely on your explicit consent to collect and process your personal data for specific purposes, such as sending marketing communications or using cookies and similar technologies. You have the right to withdraw your consent at any time, but this will not affect the lawfulness of processing based on consent before its withdrawal.

  3. Legal Obligations: We may collect and process your personal data to comply with legal obligations, regulations, or court orders, such as tax or accounting requirements, or responding to lawful requests from law enforcement agencies or government authorities.

  4. Legitimate Interests: We may process your personal data based on our legitimate interests, provided that such processing does not outweigh your rights and freedoms. Our legitimate interests may include improving our services, ensuring the security and integrity of our website, preventing fraud and abuse, and conducting research and analytics to enhance user experience and business operations.

  5. Vital Interests: In rare cases where it is necessary to protect your vital interests or those of another person, we may collect and process your personal data without your consent.

 

We only collect and process your personal data when it is necessary for the purposes described in this Privacy Policy and when we have a valid legal basis to do so.

​

6. Cookie policy

​

We use cookies and may use other similar tracking technologies on our website to enhance your browsing experience, analyze website traffic, and customize content and advertisements. By using our website, you consent to the use of cookies. You can choose the types of cookies we use in the cookie settings.

​

7. Data sharing and transfer of data outside the EU or EEA

​

Our company is hosted on the Wix.com platform. Wix.com provides us with the online platform that allows us to sell our products and services to you. Your data may be stored through Wix.com’s data storage, databases and the general Wix.com applications. They store your data on secure servers behind a firewall. Please see more details about their privacy and security policies here.

​

Additionally, we may share your personal data with third-party service providers who assist us in providing our services, such as other hosting providers, payment processors, and analytics providers. These third-party service providers are contractually obligated to only process your personal data in accordance with our instructions and to implement appropriate security measures to protect your personal data.

​

Any transfer to a third country, outside the European Union, that does not ensure an adequate level of protection according to the European Commission, will be made in accordance with the Standard Contractual Clauses along with additional technical, contractual and organizational safeguards. 

 

We may also disclose your personal data to comply with legal obligations, respond to legal requests, or enforce our rights, including in response to subpoenas, court orders, or other legal process. Any such disclosures will be made in accordance with applicable law and will be limited to the extent necessary to achieve the intended purpose.

​

We carefully evaluate the privacy practices and data handling procedures of our third-party service providers before engaging their services to ensure that they meet our standards for data protection and security. We also limit the scope of data shared with third parties to only what is necessary for the performance of their services and require them to maintain confidentiality and implement appropriate security measures to protect your personal data.

​

8. Data retention

​

We only keep your data as long as we have a legitimate need for it. As a rule, we retain your personal data for up to 36 months after cessation of use of consultation services, unless otherwise required by law or for legitimate business purposes. For systems that utilize self-service login, only explicit request to remove data will trigger data removal.

Certain legal obligations may necessitate a longer retention period, such as tax, accounting, or similar legal purpose. After this period, we securely dispose of your data by wiping it clean from our systems to prevent unauthorized access or use.

​

9. Data protection

​

We take the security of your personal data seriously and have implemented appropriate and reasonable technical and organizational measures to protect it from unauthorized access, use, alteration, or disclosure. These measures include but are not limited to: Encryption, Access Controls, Data Minimization, Employee Training:, Regular Assessments, and Data Breach Response Plans.

Despite our best efforts, no method of transmission over the internet or electronic storage is 100% secure. Therefore, while we strive to protect your personal data, we cannot guarantee its absolute security. If you have reason to believe that your interaction with us is no longer secure, please contact us immediately.

By using our services, you acknowledge and accept the inherent risks associated with the transmission and storage of personal data over the internet and understand that we cannot be held responsible for any unauthorized access, use, or disclosure of your personal data that is beyond our reasonable control.

​

10. Your rights

​

As a user of our services, you have certain rights regarding your personal data, subject to applicable data protection laws. These rights include:

  1. Right to Access: You have the right to request access to the personal data we hold about you and to obtain information about how we process it. This includes the right to receive a copy of your personal data in a structured, commonly used, and machine-readable format.

  2. Right to Rectification: If you believe that any of the personal data we hold about you is inaccurate, incomplete, or outdated, you have the right to request that we correct or update it.

  3. Right to Erasure: You have the right to request the deletion of your personal data under certain circumstances, such as when it is no longer necessary for the purposes for which it was collected, or if you withdraw your consent and there is no other legal basis for processing it.

  4. Right to Restriction of Processing: You have the right to request the restriction of processing of your personal data under certain circumstances, such as when you contest the accuracy of the data or when the processing is unlawful, but you oppose erasure.

  5. Right to Data Portability: You have the right to receive a copy of your personal data in a structured, commonly used, and machine-readable format and to transmit it to another data controller, where technically feasible.

  6. Right to Object: You have the right to object to the processing of your personal data under certain circumstances, such as when the processing is based on legitimate interests or for direct marketing purposes.

  7. Rights in Relation to Automated Decision Making and Profiling: You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you, unless such processing is necessary for entering into or performing a contract, is authorized by law, or is based on your explicit consent.

  8. Right to Withdraw Consent: If we rely on your consent to process your personal data, you have the right to withdraw that consent at any time. However, this will not affect the lawfulness of processing based on consent before its withdrawal.

 

To exercise any of these rights, or if you have any questions or concerns about your rights or our processing of your personal data, please contact us using the information provided in the first section of this Privacy Policy. We will respond to your request as soon as possible and in accordance with applicable data protection laws. Please note that we may require additional information from you to verify your identity and process your request.

​

11. Changes to this Privacy Policy

​

We may update this Privacy Policy from time to time by posting a new version on our Website. If we make significant changes to the content, we will inform you by either posting a notice in the website or send you a notification directly. You should stay up-to-date regarding this Privacy Policy. Your continued use of our Website or our services after any modifications indicates your acceptance of the updated Privacy Policy.

​

bottom of page