Updated May 15th 2018
Controller and control information
Haltian Oy
Yrttipellontie 1D
90230 Oulu
Finland
privacy@haltian.com
Contact person
Jyrki Okkonen
jyrki.okkonen@haltian.com
Name of personal data file
Haltian Customer and Marketing Data Register
Why do we collect and store the data
We store the data in order to create, maintain and develop our customer relations, to market our products and services and to gain better understanding about the needs of our present and potential customers and business partners, whether they are in cooperation with Haltian Oy or any of its subsidiaries.
We also store personal data to fulfil business relations, such as invoicing or contractual matters.
What information is stored
The data register may contain personal information such as first and last names, phone numbers and email addresses. We may also store your employers name, address and other contact information as well as details about your position in your company. Among the information stored may also be summaries of our conversations and meetings with you together with the relevant dates and times.
Sources of data
We gather the data directly from you during personal meetings, phone calls and email conversations or any similar encounters. We may also store data gathered from the internet; such as business web site and social media services.
We may also collect the data using contact forms or forms for downloading additional material on our websites and using internet cookies or similar techniques.
We may store your data with the help of the following services/systems:
- CRM system(s)
- Survey tool(s)
- Mailing list service(s)
- Marketing and sales tool(s)
- Chat tool(s)
These services/systems may be run internally on our servers or hosted by 3rd party service providers, also called data processors.
We do collect anonymous usage data with the help of following services:
- Google Analytics
- Facebook pixel
Who has access to your data and how data may be distributed
A limited number of our staff have access to your data. All staff having access to such data are bound by confidentiality obligations.
3rd party services that work as data processors are processing the data according to the GDPR rules and following the principles set by the controller-processor contract.
Your data is not shared to any other internal or external personnel or parties without your permission.
Please note that there can be exceptions based on your country due to local laws or authorities and that we may be obligated to disclose your data to authorities or third parties pursuant to applicable law or an order of a regulatory or statutory authority.
We may sell, transfer or otherwise share some or all of our assets, including your personal data, in connection with a merger, acquisition, reorganization or sale of assets or in the event of bankruptcy.
Where is your data hosted
We host your data on a cloud based customer relationship management service primarily in the European Union. The cloud service may replicate the data to servers outside the European Union. In these cases the required means, defined by the applicable data protection laws and regulations including the General Data Protection Regulation 2016/679, are carried out to protect the data.
What are the security methods to protect your data
We undertake to use, and to have our business partners and service providers use, commercially reasonable measures designed to secure your personal information from accidental loss and from unauthorized access, use, alteration, and disclosure.
Only the personnel with work related needs have access to your data. The office premises have controlled access.
What are your rights
Right to review: You have a right to review your personal data collected to our register.
Right to prohibition: You have a right to prohibit the use of your personal data for direct advertising, remote sale or other direct marketing as well as for marketing and attitude surveys.
Right to correct incorrect data: If the data registered about you is incorrect, you have the right to correct the information.
Right to be forgotten: You have a right to request for us to erase all your personal data from all our systems unless it is needed for completing legal or contractual obligations.
Written request to execute any of these rights, shall be submitted to privacy@haltian.com.
Changes to this privacy policy
We may modify or update this Privacy Policy from time to time, therefore you should review our website periodically for the up-to-date version. When we change the Privacy Policy, we will update the ‘updated’ date at the top of this page.
