PRIVACY POLICY

The purpose for processing personal data:

We process personal data on our clients, potential clients and interest groups related to us in order to develop and to maintain business relationships.

We process personal data on you mainly to manage and develop our client relationship and to actively communicate with you.

Personal data is also processed for planning and carrying out our business operations, and, to the extent possible, for maintaining and further developing our business as well as creating added value in it.

The personal data we collect:

We only process personal data if such data is necessary in order to carry out the purposes detailed above. As a result, the information we have on individuals varies from person to person, and depends on our relationship with you. In order for you to gain an understanding of what types of information we may have on you, we have included a list of possible data categories below.

The company and contact information we collect:

We process individualization, identification and contact information on individuals. This information is typically related to you as a representative of the organisation you work for or otherwise represent, and may include, for example:

  • Individualization and identification information (e.g. name);
  • Client organisation contact information (e.g. company name, address, telephone number);
  • Other relevant information (e.g. website URL, the name of the person/contact, title, telephone number, e-mail and the primary address, if different from the company address).

We process information related to the client or prospective client relationship. This information is typically related to us providing services to you, and may include, for example:

  • Services ordered by the client;
  • Services provided to the client;
  • Service delivery and billing information;
  • Meeting information; and
  • Information on other material or communications related to the client or prospective client relationship.

Information about marketing and communication:

We process information on marketing and communication, actions and content. This information is typically related to us providing marketing and other communications to you, and may include, for example:

  • Information on event invitations, newsletters and other promotion communications sent to you;
  • Event participation information; and
  • Information related to arranging and participating in meetings with you.

 Regular sources of information:

Personal data is mainly collected either directly from you or during the course of our business activities. The information can also be obtained from public websites. In addition, we may use other sources to collect information related to your tasks or position in an organisation or information on your public position.

Some of the personal data we use may also be derived from the data we have. We may, for example, combine, supplement and analyse data we have in order to create new data. Some of the data we use for such actions can be collected from, for example, trade registers, corporate websites and other similar public sources.

Who processes the personal information, and the information disclosed to third parties:

We do not disclose personal data to third parties without your consent. Despite this, we may be required to disclose data on you to third parties in individual situations. We may have, for example, the obligation to disclose personal data to authorities if such disclosure is mandatory under applicable laws.

Despite the above, we may outsource the processing of personal data to third party service providers. In such case we ensure through contractual measures that your personal data is processed and protected appropriately and in compliance with applicable laws and this Privacy Notice.

Where we keep your information:

As a main rule, your personal data is not transferred to countries outside the European Union or European Economic Area.

Keeping the data secure:

We commit to maintaining the deployment ag appropriate security to protect personal information. To do this we may use a variety of mechanisms depending on where the information is stored.

The right of access to personal data is limited so that access rights are provided only to persons who require access in order to be able to perform their duties.

How long will your information be stored:

Personal information is retained only for as long as is necessary for the purposes for which the personal data are processed. We will then delete it safely and securely

The data is systematically and regularly updated, and data type specific retention periods are re-evaluated in regular intervals. During the evaluation, all outdated, unused and obsolete data is deleted.

The data retention period can vary by data category and we may have a statutory obligation to retain certain data for a specific time period. Due to this, the exact time periods and procedures for data destruction vary by data category.

Your rights:

As a data subject, you have the right to access the personal data on you and request the rectification of any erroneous or obsolete data.

We may send you electronic direct marketing related to your tasks, if you have not declined such messages. If you do not wish to receive such messages any longer, you can at any time cancel our electronic direct marketing to you by opting-out.

We always aim to resolve any disputes directly with you. However, you have the right to request data protection authorities to review any issue relating to our processing or your personal data.

How to contact us:

If you have any questions about your personal information please contact us by email at tuire.nyberg(at)capeboreal.fi.