Privacy policy
Here you can find the Marketing Register Description, the Recruitment Register Description and the User and Usability Study Register Description. All of which have been created following the General Data Protection Regulation EU 2016/679.
Digitalist Group’s customer and marketing register privacy policy
Customer experience, usability and user studies conducted by Digitalist Group
DIGITALIST GROUP’S CUSTOMER AND MARKETING REGISTER PRIVACY POLICY
Last Updated: April 2021
At Digitalist, we value the privacy of our customers, partners and other stakeholders. As a data controller, we need to collect and process personal data in order to provide all of our stakeholders with the best possible content. In particular, we process contact information of representatives and our corporate customers. We do the same with regard to potential customers. Personal data is any information that relates to an identified or identifiable individual, such as a name, email address and photograph.
We process personal data related to all persons belonging to the aforementioned groups in accordance with this privacy notice and the applicable legislation. We may update the privacy notice as our operations develop and the legislation changes.
Data Controller:
Digitalist Group Plc’s Business ID: 0997039-6
Address: Siltasaarenkatu 18-20 C, 00530 Helsinki
Contact information for register matters:
You can contact the data protection officer by email at dataprotection@digitalistgroup.com.
Personal data processed and data-gathering methods
Digitalist Group collects personal data related to customers and potential customers from the person in question. With regard to potential sales leads, we may also gather data from LinkedIn or company websites. Our website and any forms posted on it constitute another important source of personal data related to this group. Based on use of the Digitalist Group website, we also use the Google Analytics, Leadfeeder and Pardot services to gather data.
Digitalist Group may process the following personal data held on its customer and marketing register:
| PERSONAL DATA | PURPOSE OF PROCESSING | LEGAL BASIS |
|---|---|---|
| Basic information such as name*, date of birth, customer number, title, preferred language
Contact information such as e-mail address, phone number, address information Information related to the company’s contact persons |
Delivering and improving our products and services according to your needs | Legitimate interest |
| Fulfilling our contractual and other promises and obligations | Performance of a contract | |
| Billing | ||
| Direct marketing | Consent (private persons) or legitimate interest (companies) | |
| Bookkeeping | Legal obligation | |
| Possible direct marketing opt-outs | Serving customers interest of not receiving direct marketing | Legitimate interest in being able to fulfil our legal obligation to ensure opt-out from direct marketing in accordance with the law |
| Information you provide in connection with the events we host, registration data, special diets, invoicing data | Organizing events | Legitimate interest in being able to host events and invoice when applicable |
| Consent regarding health data (e.g. allergies) | ||
| Information of the customer relationship and the contract such as information of past and current contracts and orders, correspondence with you and other communication, payment information and other information which you have voluntarily provided to our systems | Compliance with our contractual and other promises and obligations | Performance of a contract |
| Billing | ||
| Managing the customer relationship | Legitimate interest in managing and developing the customer relationship | |
| Bookkeeping | Legal obligation | |
| Data of the connection and terminal device you are using such as the IP address, device ID or other device identifier and cookies | Targeting advertising in our online services | Consent |
| Analyzing and profiling behavior |
In addition, we gather data related to the corporate customer and its contact persons during the customer relationship. Personal data is also gathered via sign-ins for events we arrange and, occasionally, from seminars arranged in cooperation with partners.
Processing, handover and transfer of data outside the European Economic Area
In general, data in our marketing and customer register is processed by Digitalist Group employees for who the processing of such data is a key element of the duties. Throughout our operations, we ensure that personal data is handled confidentially, in compliance with the law and solely on our own behalf.
We do not disclose data to third parties, but may share it with other companies within our group where necessary. In addition, data may be disclosed if so required under law, by a court of law, or by the competent authorities. We may also hand over personal data that is in our possession if we are involved in a company or business acquisition.
As a rule, we do not transfer personal data outside the EU or EEA except for use by one of our foreign subsidiaries. Some of our service providers may be located outside the EU, because we primarily store and process data in digital format, particularly via cloud-based services. Service providers of this kind include Pardot and Salesforce. In such cases, Digitalist Group ensures that data transfers involve sufficient data security as required by law.
Data security, protection and storage
The personal data held by Digitalist Group is duly protected from unauthorised access and accidental or unlawful erasure, alteration, handover, transfer, or unlawful processing in any other manner. Only employees who need to process such data for work-related reasons are entitled to use systems containing the data. Personal data is protected by a password and firewall in a secure cloud service/and database.
Personal data is stored only as long as required for the purpose in question, or for as long as the related contract or legislation requires. The storage time of data can vary, depending on the purpose for which it is used, the legal grounds for its processing, and the circumstances. Furthermore, personal data can be erased if the data subject withdraws his or her consent, or requests that it be erased (unless Digitalist Group has other legal grounds for processing the data), or if the contractual relationship is terminated, or the data becomes obsolete or incorrect. We attempt to update or erase superfluous, incorrect or obsolete data at least once a year.
Cookies
Digitalist Group uses cookies on its website in order to provide the best possible user experience for website visitors. Cookies are small text files which are downloaded, can be stored on your device and enable the use of internet and other service features on your computer, smartphone or tablet, for example. We use cookies to obtain information on how visitors are using our website. We also use them for purposes such as developing our services and website, analyzing the use of our website, and targeting and optimizing our marketing.
You can prevent the downloading of cookies on your device, block their use or receive notification that cookies are being downloaded by changing the settings on your web browser. However, please be aware that blocking or restricting the use of cookies may prevent you from benefiting from some of our website’s features.
For further information on cookies can be found: http://www.allaboutcookies.org/manage-cookies/. You can manage your cookies preferences in here.
Your rights
You are guaranteed several rights under the applicable data protection legislation. Digitalist Group is committed to respecting these rights in its operations. With respect to the processing of your personal data, you have the following rights under certain additional legal provisions:
1. the right to request that we provide you with a copy of any personal data concerning you which we have in our possession, and with certain information on the processing of such data;
2. the right to request the restriction, in certain circumstances, of the processing of your personal data, for example if you dispute the accuracy of such data or we no longer need it for the original purposes for which we were processing it, but it is still needed in order to draw up or present a legal claim, or for legal defense against such a claim;
3. the right to request the erasure of your personal data in certain circumstances, such as a situation in which your personal data is no longer needed for the purposes for which it was originally gathered or processed (the so-called right to be forgotten);
4. the right to object to the processing of data conducted in the pursuit of our legitimate interests;
5. the right, at any time, to withdraw your consent to our processing of your data when such processing is based on your consent;
6. the right to request that we update your personal data, or correct inaccurate data; and
7. the right to file a complaint with the local competent authority, such as the Data Protection Ombudsman in Finland (https://tietosuoja.fi/en/home).
Should you wish to exercise the aforementioned rights, you may do so by contacting Digitalist Group (see the contact information above). We may have to ask you for further details on your identity before fulfilling your request, in order to ensure that you are entitled to make such a request.