Company Name: Attido Oy
Business ID: 1639202-9
Address: Keilaranta 8, 02150 Espoo, Finland
Contact person in charge of register: Data Protection Officer Jari Raatikainen (firstname.lastname@example.org).
NAME OF REGISTER
1. PURPOSES OF THE PROCESSING OF PERSONAL DATA AND LEGAL BASIS
- Contact information is used to contact the person who submitted the contact request form and to send marketing communication.
- To improve the user experience of the website
- Tracking the number of visitors and entry sources to the website
- Tracking the realization of the websites targets
- We may use your email to send you email marketing. You can always decline to receive these emails by clicking “unsubscribe”.
1. Either the person has been asked for permission to process personal data and send messages or the person has a role at the company which justifies processing and marketing or other messages
2. Persons who use this website have accepted the processing of personal data according to this policy.
3. Other justifiable interest
2. THE CATEGORIES OF DATA SUBJECTS AND THE CATEGORIES OF PERSONAL DATA
- The contact information of the person who has submitted a contact form on our website
- The contact information of the person who has subscribed to our newsletter
- Data about how website visitors’ use of our website
- The contact information of persons who have signed up for our events
3. SOURCES OF PERSONAL DATA
Data stored in the register may be collected through customer relationships, Attido’s website (contact forms, material downloads, newsletter subscriptions), enrolment in Attido’s events, cookies on the website as well as from other publicly available internet sources.
4. COOKIES AND OTHER TOOLS
When you visit our Website, we may employ cookies that contain information (such as a unique cookie ID) used to track your usage of our Website. This enables our systems to recognise your browser and tell us how, when and which pages in our Website are visited and by how many people, and also enables us to recognise a return visitor as a unique user. Cookies placed on the Website cannot access, read or modify any other data on a computer.
4.2 Marketing automation
The Website employs marketing automation programs from vendors operating on Attido’s behalf, which use third-party cookies to track Website use.
When a user visits our Website, the cookie stores traffic data linked to the unique ID of the cookie in the browser. If the user identifies himself by volunteering personal data, e.g. by submitting a contact form the cookie’s unique user ID is linked to the personal data volunteered by the user.
This enables Attido to supply a more personalised experience on its Website and in communications with customers and users of the Website.
4.3 Digital marketing
Attido also uses 3rd party vendor re-marketing tracking cookies, including Google Adwords tracking cookie. This allows us to make special offers and continue to market our services to those who have shown interest in our service. We respect your privacy and are not collecting any identifiable information through the use of Google’s or any other 3rd party remarketing system.
4.5 Website analytics
This Website uses services such as Google Analytics, a web analytics service provided by Google Inc. Data collected by cookies about your use of the Website (including your IP address) will be transmitted to and stored by Google and other website analytics service providers, on behalf of Attido.
Attido use’s website analytics for evaluating website usage, compiling reports on website activity for Website operators and providing other services relating to website activities and internet usage.
5. DISCLOSURE OF DATA AND INFORMATION TRANSFER OUTSIDE OF EU OR THE EUROPEAN ECONOMIC AREA
Attido will not sell, rent or disclose personal data to third parties, except for parties who process data on behalf of Attido, unless otherwise stated or required by the law or competent authorities.
Consequently, Attido may transfer personal data e.g. to its subsidiary located in the European Economic Area, it’s suppliers, subcontractors and other service providers and other business partners and authorities as well as to potential parties of business operations transfers or to any other third party to whom we transfer our relevant contractual rights.
Personal data can be transferred, processed and stored outside the European Economic Area only with the person’s consent and as required or permitted by the legislation.
6. PERIOD OF WHICH THE PERSONAL DATA WILL BE STORED
The controller stores personal data until there no longer are no reasons to store the data or when the person asks his/her information to be deleted. The data of registered persons are reviewed regularly and data relating to the persons with whom we no longer communicate is deleted.
7. GENERAL DESCRIPTION OF TECHNICAL AND ORGANISATIONAL SECURITY MEASURES
We use reasonable diligence In the processing of the register and the data is protected appropriately by means of information systems. When the data is stored on an internet-server the physical equipment and digital information security is also appropriate. The Controller restricts access to data about data subjects only to our personnel or personnel of our subcontractors and service providers who need to know the data.
8. THE RIGHT OF ACCESS AND TO RECTIFY AND ERASURE
The data subject has a right to request the controller to rectify the inaccurate and incomplete personal data concerning the data subject. If you wish to access your data or request for rectification send email to the Controller (email@example.com). The Controller has the right to request you to identify yourself. The Controller will respond within the timeframe set by EU’s General Data Protection Regulation.
9. OTHER RIGHTS AFFILIATED WITH THE PROCESSING OF PERSONAL DATA
You have the right to ask for the erasure of your personal data (“the right to be forgotten”). Furthermore, you have the right – according to the EU general data protection regulation – to object the processing of your personal data or request the restriction of the processing or the transfer of personal data from one system to another as well as the right to withdraw your consent for the processing of your personal data. All requests should be sent by email to the Controller (firstname.lastname@example.org). The Controller has the right to request you to identify yourself. The Controller will respond within the timeframe set by EU’s General Data Protection Regulation. The registered has the right to complain about the way the Controller processes the registered personal data. You also have the right to lodge a complaint with a supervisory authority, if you consider that our processing of personal data relating to you infringes the General Data Protection Regulation.