Customer and marketing register

18/1/2018

This is a combined personal data file description and newsletter to Midventum´s customers, potential customers and website users. Its content adheres to Sections 10 and 24 of the Personal Data Act (523/1999) and Articles 12 and 13 of the EU General Data Protection Regulation.

1. Controller

Dear customer or website user,

Thank you for your interest in our services.

In order to implement the service, we need some information about your company and contact persons. We will treat this data as if it were our own: we want to be worthy of your trust.

In this Privacy Policy we will try to explain our data processing practices as openly and transparently as possible. Read it through carefully. If you have any questions, we will be happy to answer them.

Contact

Midventum Oy (2185099-5)
Karhumäentie 3
FI-01530 Vantaa


Marko Roukkula
Partner
+358 50 598 0047
marko.roukkula@midventum.fi

2. Data subjects

  • Customers (contact persons)
  • Potential customers
  • Website users
     

3. Purpose and criteria for processing personal data

Data subjects Purpose of data prosessing Criteria
Customers
(contact persons)
Customer contacts, customer relationship management, customer service Controller's legitimate interest
Potential customers and website users Contact requests and newsletter subscriptions submitted via website Controller's legitimate interest

 

4. Data entries

The register may contain the following information:

Data Customer Potential customer / website user Purpose of use
Name x x Identification/communication
Telephone number x x Communication
Email address x x Communication
Employer/company x x Customer relationship management/targeted marketing
Role/title x x Customer relationship management/targeted marketing

 

5. Duration of data processing

As a general rule, personal data are processed for as long as the customer agreement for which the data are needed is valid. The data are entered as they are received from the data subjects themselves, and updated as per updates sent by the data subjects to the Controller.

Form data sent via this site are deleted automatically within six (6) months after being submitted. Unnecessary personal data are deleted from our customer and marketing register every six (6) months. If you want to stop receiving our email marketing messages, you can remove yourself from the mailing list by clicking the exit link included in each of the emails.

6. Your rights

Your rights are explained below. Any requests concerning your rights should be sent to marko.roukkula@midventum.fi

Right of access
You have the right to access your personal data stored by us. In case of any errors or shortcomings, you may request us to correct or supplement the data.

Right of objection
If you feel that we have processed your personal data contrary to the law or that we have no right to process your data or part thereof, you can object to its processing at any time.

Ban on direct marketing
You can prohibit us from using your data for direct marketing purposes at any time. We will never sell or otherwise transfer your data to third parties in order for them to initiate direct marketing campaigns.

We may purchase online advertising from, for example, Facebook and Google, but do not submit your personal data to them. Online advertising is not a form of direct marketing, but is based on cookies. For further information, please see 'Cookies' below.

Right of erasure
If you feel that certain data are no longer necessary in relation to the purposes for which they were collected or processed, you have the right to ask us to delete such information. We will review your request and either delete the data or give you a legitimate reason why the data cannot be erased.

If you disagree with our decision, you have the right to lodge a complaint with the Finnish Data Protection Ombudsman (instructions for making a complaint). In addition, you may request that we limit the processing of the disputed data until the matter has been resolved.

Right of appeal
You have the right to lodge a complaint with the Finnish Data Protection Ombudsman if you feel that we are violating existing data protection legislation when processing your data (instructions for making a complaint).

7. Regular sources of information
Data concerning potential customers are collected from said customers with their permission during website visits, or through other personal or digital communication.

8. Release of information
As a general rule, personal data are not released for marketing purposes outside Midventum Oy.

Some data may, however, be selectively released to a third party commissioned by the Controller to execute a targeted marketing campaign. In such a case, the Controller retains the ownership of the data, and the third party has no right to use the data for anything other than the commissioned task.

We have ensured that all our service providers comply with data protection legislation. Our regular service providers can include the following:

  • Pipedrive
  • MailChimp
  • Microsoft (Email)
     

9. Transfer of data outside the EU

Where possible, we store your personal data in a selected and secure data centre located in Europe. Some of the above service providers may use backup servers located outside the EU/EEA in the United States. Backup is used to ensure that your data remains safe in the event that the primary servers fail.

Privacy Shield

We have made sure that our service providers are committed to the so-called Privacy Shield frameworks designed by the EU and the United States to ensure that the data transmitted from Europe to the United States is processed in compliance with data security practices.

10. Principles for the protection of data files

Safe and secure data handling is of utmost importance to us. To this end, we have employed a variety of means to protect your personal data.

  • Access to the system requires a user ID and a password. The system is also protected by firewalls and other technological means.
  • Data files can only be accessed and used by employees of the Controller who are designated and appointed for the task.
  • Use of the register is protected with user-specific IDs, passwords and access rights.
  • The register is located on a computer, which is located on a server in an ICT room protected from unauthorised access.
  • The facilities are locked and guarded.
  • The data files are backed up regularly.
     

11. Cookies

This site uses cookies. The site sends to the browser cookies – small text files that are stored on your computer's hard drive. We use both session ID cookies, which expire when you close the browser, and persistent cookies, which are stored on your computer's hard drive. Cookies allow us to recognise your browser and to use this information to, for example, count the browsers used to
visit our website and to analyse and statistically monitor the use of our site. They also allow us to track and monitor the interests of our visitors, and to use this information to improve the site. All information collected is anonymous, and none of the online activities can be linked to a specific individual.

Most Internet browsers automatically accept cookies, but if you want to, you can modify the settings of your browser and at any time disable the cookies. You can avoid cookies by modifying the settings in your web browser and banning their use.

Advertising cookies help us to ensure that our ads are as relevant and interesting to you as possible. They also prevent the same ads from being displayed. Some third parties may also use cookies or web beacons (1 pixel image files) to provide relevant advertisements when you visit different sites.
The data collected via cookies or web beacons do not contain or reveal to us or third parties any personally identifiable information such as your name or contact information. Third-party advertisers may also use technology that measures the effectiveness of their ads. This may be done via beacons (1 pixel GIF files) placed on our site to collect anonymous data. After receiving
anonymous data on visits to this and other websites, advertisers are able to customise advertisements to the user's preferences.

This website uses the Google AdWords remarketing service to advertise on Google websites to previous visitors to our site. The user is not identifiable from the information associated with the cookies. The Google AdWords remarketing service may be blocked at www.google.com/settings/ads.

For more information about customised browser-based advertising, please visit Your Online Choices.