Customer and marketing register
This is a combined personal data file description and newsletter to Midventum´s customers, potential customers and website users. Its content adheres to Sections 10 and 24 of the Personal Data Act (523/1999) and Articles 12 and 13 of the EU General Data Protection Regulation.
Dear customer or website user,
Thank you for your interest in our services.
In order to implement the service, we need some information about your company and contact persons. We will treat this data as if it were our own: we want to be worthy of your trust.
Midventum Oy (2185099-5)
+358 50 598 0047
2. Data subjects
- Customers (contact persons)
- Potential customers
- Website users
3. Purpose and criteria for processing personal data
|Data subjects||Purpose of data prosessing||Criteria|
|Customer contacts, customer relationship management, customer service||Controller's legitimate interest|
|Potential customers and website users||Contact requests and newsletter subscriptions submitted via website||Controller's legitimate interest|
4. Data entries
The register may contain the following information:
|Data||Customer||Potential customer / website user||Purpose of use|
|Employer/company||x||x||Customer relationship management/targeted marketing|
|Role/title||x||x||Customer relationship management/targeted marketing|
5. Duration of data processing
As a general rule, personal data are processed for as long as the customer agreement for which the data are needed is valid. The data are entered as they are received from the data subjects themselves, and updated as per updates sent by the data subjects to the Controller.
Form data sent via this site are deleted automatically within six (6) months after being submitted. Unnecessary personal data are deleted from our customer and marketing register every six (6) months. If you want to stop receiving our email marketing messages, you can remove yourself from the mailing list by clicking the exit link included in each of the emails.
6. Your rights
Your rights are explained below. Any requests concerning your rights should be sent to firstname.lastname@example.org
Right of access
You have the right to access your personal data stored by us. In case of any errors or shortcomings, you may request us to correct or supplement the data.
Right of objection
If you feel that we have processed your personal data contrary to the law or that we have no right to process your data or part thereof, you can object to its processing at any time.
Ban on direct marketing
You can prohibit us from using your data for direct marketing purposes at any time. We will never sell or otherwise transfer your data to third parties in order for them to initiate direct marketing campaigns.
We may purchase online advertising from, for example, Facebook and Google, but do not submit your personal data to them. Online advertising is not a form of direct marketing, but is based on cookies. For further information, please see 'Cookies' below.
Right of erasure
If you feel that certain data are no longer necessary in relation to the purposes for which they were collected or processed, you have the right to ask us to delete such information. We will review your request and either delete the data or give you a legitimate reason why the data cannot be erased.
If you disagree with our decision, you have the right to lodge a complaint with the Finnish Data Protection Ombudsman (instructions for making a complaint). In addition, you may request that we limit the processing of the disputed data until the matter has been resolved.
Right of appeal
You have the right to lodge a complaint with the Finnish Data Protection Ombudsman if you feel that we are violating existing data protection legislation when processing your data (instructions for making a complaint).
7. Regular sources of information
Data concerning potential customers are collected from said customers with their permission during website visits, or through other personal or digital communication.
8. Release of information
As a general rule, personal data are not released for marketing purposes outside Midventum Oy.
Some data may, however, be selectively released to a third party commissioned by the Controller to execute a targeted marketing campaign. In such a case, the Controller retains the ownership of the data, and the third party has no right to use the data for anything other than the commissioned task.
We have ensured that all our service providers comply with data protection legislation. Our regular service providers can include the following:
- Microsoft (Email)
9. Transfer of data outside the EU
Where possible, we store your personal data in a selected and secure data centre located in Europe. Some of the above service providers may use backup servers located outside the EU/EEA in the United States. Backup is used to ensure that your data remains safe in the event that the primary servers fail.
We have made sure that our service providers are committed to the so-called Privacy Shield frameworks designed by the EU and the United States to ensure that the data transmitted from Europe to the United States is processed in compliance with data security practices.
10. Principles for the protection of data files
Safe and secure data handling is of utmost importance to us. To this end, we have employed a variety of means to protect your personal data.
- Access to the system requires a user ID and a password. The system is also protected by firewalls and other technological means.
- Data files can only be accessed and used by employees of the Controller who are designated and appointed for the task.
- Use of the register is protected with user-specific IDs, passwords and access rights.
- The register is located on a computer, which is located on a server in an ICT room protected from unauthorised access.
- The facilities are locked and guarded.
- The data files are backed up regularly.
visit our website and to analyse and statistically monitor the use of our site. They also allow us to track and monitor the interests of our visitors, and to use this information to improve the site. All information collected is anonymous, and none of the online activities can be linked to a specific individual.
Most Internet browsers automatically accept cookies, but if you want to, you can modify the settings of your browser and at any time disable the cookies. You can avoid cookies by modifying the settings in your web browser and banning their use.
The data collected via cookies or web beacons do not contain or reveal to us or third parties any personally identifiable information such as your name or contact information. Third-party advertisers may also use technology that measures the effectiveness of their ads. This may be done via beacons (1 pixel GIF files) placed on our site to collect anonymous data. After receiving
anonymous data on visits to this and other websites, advertisers are able to customise advertisements to the user's preferences.
This website uses the Google AdWords remarketing service to advertise on Google websites to previous visitors to our site. The user is not identifiable from the information associated with the cookies. The Google AdWords remarketing service may be blocked at www.google.com/settings/ads.
For more information about customised browser-based advertising, please visit Your Online Choices.