Privacy policy

Here you can find the Marketing Register Description, the Recruitment Register Description and the User and Usability Study Register Description. All of which have been created following the General Data Protection Regulation EU 2016/679.

Digitalist Group’s customer and marketing register privacy policy

Customer experience, usability and user studies conducted by Digitalist Group

Digitalist Group recruitment register description

Tietosuojaseloste: Digitalist Groupin toteuttamat asiakaskokemus-, käytettävyys- ja käyttäjätutkimukset



Last Updated: April 2021

At Digitalist, we value the privacy of our customers, partners and other stakeholders. As a data controller, we need to collect and process personal data in order to provide all of our stakeholders with the best possible content. In particular, we process contact information of representatives and our corporate customers. We do the same with regard to potential customers. Personal data is any information that relates to an identified or identifiable individual, such as a name, email address and photograph.

We process personal data related to all persons belonging to the aforementioned groups in accordance with this privacy notice and the applicable legislation. We may update the privacy notice as our operations develop and the legislation changes.

Data Controller:

Digitalist Group Plc’s Business ID: 0997039-6
Address: Pohjoisesplanadi 35 Aa, 00100 Helsinki

Contact information for register matters:

Anssi Rönnqvist
Tel: +358 40 824 7258

Personal data processed and data-gathering methods

Digitalist Group collects personal data related to customers and potential customers from the person in question. With regard to potential sales leads, we may also gather data from LinkedIn or company websites. Our website and any forms posted on it constitute another important source of personal data related to this group. Based on use of the Digitalist Group website, we also use the Google Analytics, Leadfeeder and Pardot services to gather data. 

Digitalist Group may process the following personal data held on its customer and marketing register:

Basic information such as name*, date of birth, customer number, title, preferred language

Contact information such as e-mail address, phone number, address information

Information related to the company’s contact persons

Delivering and improving our products and services according to your needs Legitimate interest
Fulfilling our contractual and other promises and obligations Performance of a contract
Direct marketing Consent (private persons) or legitimate interest (companies)
Bookkeeping Legal obligation
Possible direct marketing opt-outs Serving customers interest of not receiving direct marketing Legitimate interest in being able to fulfil our legal obligation to ensure opt-out from direct marketing in accordance with the law
Information you provide in connection with the events we host, registration data, special diets, invoicing data Organizing events Legitimate interest in being able to host events and invoice when applicable
Consent regarding health data (e.g. allergies)
Information of the customer relationship and the contract such as information of past and current contracts and orders, correspondence with you and other communication, payment information and other information which you have voluntarily provided to our systems Compliance with our contractual and other promises and obligations Performance of a contract
Managing the customer relationship Legitimate interest in managing and developing the customer relationship
Bookkeeping Legal obligation
Data of the connection and terminal device you are using such as the IP address, device ID or other device identifier and cookies Targeting advertising in our online services Consent
Analyzing and profiling behavior

In addition, we gather data related to the corporate customer and its contact persons during the customer relationship. Personal data is also gathered via sign-ins for events we arrange and, occasionally, from seminars arranged in cooperation with partners.

Processing, handover and transfer of data outside the European Economic Area

In general, data in our marketing and customer register is processed by Digitalist Group employees for who the processing of such data is a key element of the duties. Throughout our operations, we ensure that personal data is handled confidentially, in compliance with the law and solely on our own behalf.

We do not disclose data to third parties, but may share it with other companies within our group where necessary. In addition, data may be disclosed if so required under law, by a court of law, or by the competent authorities. We may also hand over personal data that is in our possession if we are involved in a company or business acquisition.

As a rule, we do not transfer personal data outside the EU or EEA except for use by one of our foreign subsidiaries. Some of our service providers may be located outside the EU, because we primarily store and process data in digital format, particularly via cloud-based services. Service providers of this kind include Pardot and Salesforce. In such cases, Digitalist Group ensures that data transfers involve sufficient data security as required by law.

Data security, protection and storage

The personal data held by Digitalist Group is duly protected from unauthorised access and accidental or unlawful erasure, alteration, handover, transfer, or unlawful processing in any other manner. Only employees who need to process such data for work-related reasons are entitled to use systems containing the data. Personal data is protected by a password and firewall in a secure cloud service/and database.

Personal data is stored only as long as required for the purpose in question, or for as long as the related contract or legislation requires. The storage time of data can vary, depending on the purpose for which it is used, the legal grounds for its processing, and the circumstances. Furthermore, personal data can be erased if the data subject withdraws his or her consent, or requests that it be erased (unless Digitalist Group has other legal grounds for processing the data), or if the contractual relationship is terminated, or the data becomes obsolete or incorrect. We attempt to update or erase superfluous, incorrect or obsolete data at least once a year.


Digitalist Group uses cookies on its website in order to provide the best possible user experience for website visitors. Cookies are small text files which are downloaded, can be stored on your device and enable the use of internet and other service features on your computer, smartphone or tablet, for example. We use cookies to obtain information on how visitors are using our website. We also use them for purposes such as developing our services and website, analyzing the use of our website, and targeting and optimizing our marketing.

You can prevent the downloading of cookies on your device, block their use or receive notification that cookies are being downloaded by changing the settings on your web browser. However, please be aware that blocking or restricting the use of cookies may prevent you from benefiting from some of our website’s features.

For further information on cookies can be found: You can manage your cookies preferences: [LINKKI].

Your rights

You are guaranteed several rights under the applicable data protection legislation. Digitalist Group is committed to respecting these rights in its operations. With respect to the processing of your personal data, you have the following rights under certain additional legal provisions:

1. the right to request that we provide you with a copy of any personal data concerning you which we have in our possession, and with certain information on the processing of such data;

2. the right to request the restriction, in certain circumstances, of the processing of your personal data, for example if you dispute the accuracy of such data or we no longer need it for the original purposes for which we were processing it, but it is still needed in order to draw up or present a legal claim, or for legal defense against such a claim;

3. the right to request the erasure of your personal data in certain circumstances, such as a situation in which your personal data is no longer needed for the purposes for which it was originally gathered or processed (the so-called right to be forgotten);

4. the right to object to the processing of data conducted in the pursuit of our legitimate interests;

5. the right, at any time, to withdraw your consent to our processing of your data when such processing is based on your consent;

6. the right to request that we update your personal data, or correct inaccurate data; and

7. the right to file a complaint with the local competent authority, such as the Data Protection Ombudsman in Finland (

Should you wish to exercise the aforementioned rights, you may do so by contacting Digitalist Group (see the contact information above). We may have to ask you for further details on your identity before fulfilling your request, in order to ensure that you are entitled to make such a request.


Digitalist Group conducts various types of research based on assignments from its clients and/or partners, which you can participate in to influence the quality of the products or services you use or advertising you are presented with, among other things.

The typical research situations comprise research sessions for individuals or groups, various online studies and surveys, studies related to online communities or consumer panels or combinations of the aforementioned.

In some studies, the participants may be remunerated with a participation fee or rewards may be raffled among the participants.

Digitalist Group acts as the controller of the register for the personal data collected during the research. In addition, those client and/or partner companies of Digitalist Group on whose assignment the research is conducted also act as controllers regarding the personal data that Digitalist Group discloses to said companies. The contact information for Digitalist Group can be found later in this statement, and the contact information of the controller who purchased the study is always provided during participation in the study.

1. Protection of Privacy

The information provided by participants/respondents is confidential and only used for research purposes as well as monitoring and documenting participation in the research.

The results are reported in such a manner that the identity of the participants/respondents is not revealed. Individual responses/comments are not connected with the personal data of the participants/respondents.

Digitalist Group respects your privacy in all situations. Your name, address, email address, telephone number, other personal data, and the responses you have provided are processed in the manner required by protection of privacy.

The aim of the research performed by Digitalist Group is to gather information to support the decision- making of companies, communities, and public organizations and to improve the understanding of the client regarding the needs of the target group.

Participation in the studies is always voluntary.

2. Processed Personal Data

The following personal data pertaining to the people participating in the research may be processed by Digitalist Group:

  • first and last name
  • email address
  • telephone number
  • address and/or municipality of residence
  • information regarding which study the data subject has participated in
  • the research date
  • information regarding the forms signed during participation in the study and possible video recordings and photography consent forms as well as the date of registration for the information

In addition, Digitalist Group may collect certain study-specific forms and recordings while conducting the research.

3. Intended Purpose of the Personal Data and Reason for Processing

Digitalist Group uses the personal data described above to monitor participation in the research (e.g. who has participated in research for a certain subject matter, within what timeframe, what was the previous gender distribution or regional coverage) to ensure that the same/similar people are not recruited too soon to a study that is too familiar/specific/same topic/product/service/content/or similar or that we are also able to identify people who have not yet been invited to participate in the research conducted by us.

The database is also used for documenting the forms signed during participation in the research and the storage information regarding the video recordings created during the research as well as photography consent forms.

The database that pertains to the research participants only includes research history information and its contact information is not used directly to recruit participants for other studies or disclosed to third parties. For the same reason, the contact information in the database is also not actively updated by Digitalist Group. The information is deleted after having been stored for a maximum of six years.

Other information provided during the research is used only for research purposes.

Digitalist Group processes personal data described in this statement primarily based on its legitimate interests, which include but are not limited to development of services and performance of market research. The processing by Digitalist Group may also be based on consent, in which case your consent for processing personal data is always requested separately.

4. Data Collection Methods

Digitalist Group recruits/invites participants/respondents to its studies by phone, email, and through website and/or online communities, for example.

Where necessary, the recruiter/inviter/separately specified contact person for the research can provide you with additional information on how we have obtained your contact information (register source).

In addition, the research participants may be sent an official email invite, in which case the email invites will explain/indicate how we have obtained your contact information (register source). For inquiries related to personal data, you can contact the sender of the email invite/the separately specified contact person for the research and/or the company or community maintaining the personal data register directly.

The register data in the Research participant database (history information database), incl. other registers created during the signing of forms and creation of recordings and the related consents, are generally collected from the data subjects themselves. Consent is requested in writing. With some studies, we may also receive personal data from the client or partner company on whose assignment the research is conducted or from public data records (such as the databases of the Population Register).

5. Disclosing and Transferring Data

When you participate in or respond to a study carried out by Digitalist Group, you provide written consent (either by signing a form or accepting separate written terms for participation in the study online) for the processing and storage of your personal data for research purposes requested while conducting the study.

In principle, your personal data is not handed over to third parties without your specific consent for their use. The results of the research are always provided to the client using methods that prevent deducing the respondent’s identity from them.

Video recordings created during the research are used to analyze the research and to support notes for reporting purposes. A video recording of the participant’s face is made because expressions can also provide additional relevant information for analysis. In addition, videos may be used to ensure quality of the research and validity of the conclusions based on a client’s request. The name and contact information of the participants is not directly linked with the video recordings, but the participant may be identifiable from the facial image created during the video recording. The video recordings are not handed over to third parties outside of Digitalist Group or the client on whose assignment the research is conducted.

The personal data required to provide remuneration is only used for that purpose and under certain conditions to fulfil the requirements of the Tax Administration, and they are not handed over further.

Mandatory legislation may also require us to disclose personal data to competent authorities as well as hand over personal data to a potential buyer and their advisers in connection with a business transfer or another form of business acquisition.

However, Digitalist Group may from time to time allow access to personal data or hand over or transfer them to its other companies within the same group (additional information about group companies is available at in the Register of Prospectus, and to certain service providers and subcontractors who participate in the production of operations that Digitalist Group uses in the processing of personal data. Regarding these types of transfers, Digitalist Group takes the necessary precautions (such as concluding agreements) to ensure that the parties receiving the data are appropriately committed to data protection. The service providers of Digitalist Group are committed to the fact that they are not allowed to process the personal data they process on behalf of Digitalist Group for any other purposes than what is described in this statement.

In principle, personal data is not transferred outside the EU/EEA. Some clients who have purchased research services from Digitalist Group or partners to whom Digitalist Group transfers video recordings, for example, as described above, may however be located in countries outside of the EU or EEA, where the level of data protection may not necessarily be the same as in your country. In these cases, Digitalist Group will ensure data protection during transfers by, for example, concluding a transfer agreement with the purchaser based on model contract clauses provided by the EU Commission. Additional information on the protective measures Digitalist Group uses for transfers is available by contacting Digitalist Group using the below contact information.

6. Information Security and Data Protection

The data stored by Digitalist Group is protected appropriately against inappropriate access and accidental or illegal deletion, modification, disclosure, transfer or some other illegal processing. Access to the systems containing the data is only available to employees who have the right to handle the personal data of research participants based on their work. The information provided by research participants is stored in a cloud service and/or database protected by a password and firewall.

Electronically stored register data: some personal data (usually name and contact information; information on the research the subject has participated in; information on forms signed by the subject and information on the recordings created while conducting the research) is stored in the Research participant database (history information database) for a maximum of six years. Access to this database is only available to employees who have the right to handle the data in question based on their work. Personal data is stored in a cloud service and/or database protected by a password and firewall.

Manually produced materials (e.g. signed forms) are stored in a locked area for a maximum of six years and can only be accessed by employees who have the right to handle the data in question based on their work.

7. Cookies

Digitalist Group uses cookies to enable inviting participants to its surveys/studies via websites. Cookies are small text files that are downloaded and may be stored on your devices and which enable using certain features online and in some services with your computer, smart phone or tablet, for example. The invitee’s cookie identification information cannot be connected with their personal data or contact information.

Cookies do not facilitate viewing or copying information stored on the invitee’s terminal device.

If you want to prevent the reception of cookies, forbid their use or receive a notification for transferring cookies, you can change the settings of your browser. Do note however that you may not be able to use all of our website’s features if you do so. Additional information regarding cookie management and removal is available at

8. Storage of Personal Data

The data in the Research participant database (history information database) and forms signed during participation in the research are stored for a maximum of six years as required by the accounting legislation, after which the data will be disposed of.

Video recordings possibly created while conducting a study with the written consent of the participant are stored for as long as necessary to complete the research project, but no longer than one year, after which the video recordings will be disposed of. If video recordings are handed over to the client who purchased the research, the client becomes an independent controller and all liability for handling the video recordings is transferred to the new controller in full.

Photos possibly taken of persons during participation in a study with the written consent of the participant are only used to illustrate research reports, brochures, and other project-related materials and are only stored for as long as the material for which the photographs are used exists. Project materials are not specifically disposed of. Photographs taken while conducting research for a project will not be used for marketing purposes or linked with the participant’s name or other identifying information.

The information provided during research is stored for as long as necessary to complete the research projects.

Digitalist Group may at any time and without advance warning amend these conditions of use and amend or modify the contents of this website or prevent access to this website.

9. Study Rewards and Raffles

As remuneration for participating in our studies, we may provide participants with a reward: typically, in the form of a gift voucher, movie ticket, product, or similar prize. Digitalist Group reserves the right to specify the contents, type, and value of the potential prizes on a study-by-study basis and may refrain from remunerating the participants completely if necessary.

For some studies conducted by Digitalist Group, rewards may be raffled off among the participants. Participation in the raffles is always voluntary and participation in a raffle is not a requirement for participation in a study.

Participation in a raffle requires you to provide your contact information (such as name and email address). The contact information provided to participate in a raffle is only used for completing the raffle and delivery of the rewards, and they will not be linked with the responses or information provided by you.

Contact information provided for the raffle will be deleted automatically after the expiry date of the raffle specified in the rules of the raffle, in so far as we do not have a legal right or obligation to store certain information due to tax or accounting liabilities or to prevent fraud.

Digitalist Group carries out the raffle and it is organized by the client, whose information can be found in the rules of the raffle.

10. Your Rights

The applicable data protection legislation grants you several rights, which Digitalist Group has also committed to comply within its operations. Under certain additional conditions provided by law, you have the following rights related to the processed personal data pertaining to you:

  1. the right to request a copy of the personal data pertaining to you stored by us and certain information related to the processing of your personal data;
  2. the right to request restriction of processing your personal data in certain situations, e.g. when you dispute the accuracy of personal data or when we no longer need the personal data for their original purpose, but the data is required to establish a legal claim or to defend against one;
  3. the right to request deletion of your personal data in certain situations, g. when your personal data is no longer needed for the purposes they were originally collected or processed for (the right to be forgotten);
  4. the right to object to processing that is based on our legitimate interests;
  5. the right to withdraw your consent for the processing at any time when our processing is based on your consent;
  6. the right to request that we update your personal data or rectify incorrect personal data; and
  7. the right to lodge a claim with the local competent authority, who, in Finland for example, is the Data Protection Ombudsman (

If you wish to exercise the rights mentioned above, you may do so by contacting Digitalist Group using the contact information provided below. We may have to request additional information regarding your identity before we can fulfil your request in order to ensure that you are authorized to issue the request in question.

If you would like to  turn off customer research related personalized ads on your device, follow these general steps.

  • On Android device, go to your Google Account and on the left navigation panel, click Data & personalization. While there on the Ad personalization panel, click Go to ad settings. Click the switch next to Ad Personalization OFF.
  • On iPhone or iPad with iOS, go to Settings > Privacy > Apple Advertising and tap to turn off Personalized Ads.
  • On Mac, go to System Preferences > Security & Privacy > Privacy, select Apple Advertising, and deselect Personalized Ads.
  • On Windows 10 machine, go to Start > Settings > Privacy, select the General tab then toggle off the following option: “Let apps use my advertising ID for experiences across apps (turning this off will reset your ID)”
  • If a service provider (e.g. Spotify) has its own setting for personalized ads under privacy settings of your account, disable personalized ads there too

11. Contact Information

You can contact Digitalist Group using the following contact information: Digitalist Group Oyj

Business ID: 0997039-6

Address: Pohjoisesplanadi 35 Aa, FI-00100 Helsinki, Finland Tel: +358 40 824 7258


In addition, Digitalist Group always specifies a dedicated contact person for each study, whose contact information is provided to all research participants. You can also always contact the study-specific contact person at Digitalist Group in matters related to the processing or personal data.

12. Questions and Answers

Where did you get my contact information?

Your contact information was retrieved either from the dedicated user/participant database maintained by Digitalist Group or our partners or in some cases from other registers maintained by our clients or partners. Potential participants are usually contacted by email or telephone, through a participant form on a website or an online community. Official invites to individual or group research sessions are often sent by email.

How can I remove my contact information?

To remove your contact information from our register, you may contact the controller directly or the person who invited you to participate in the research/contact person for the research identified separately. inviter/contact person can also provide you with additional information regarding the register when necessary.

What data pertaining to me have you collected (in relation to this study)?

If you have consented to the collection of certain data/signed forms while participating in research, we have access to the personal data you have provided during your registration and participation in the research, such as name and contact information as well as possible video and photographic records, to which you have consented separately.

How can you ensure that my identity is not revealed to the purchaser of the research?

Your contact information is never connected with the responses you have provided, so individual participants cannot be identified from the processed research data.

I want to know what register information Digitalist Group has on me?

Data subject have the right to review the data pertaining to them stored in the register and the right to demand rectification or deletion of the data.

The request to review the data must be presented in writing or in person to Digitalist Group using the above contact information.

Data subjects can exercise their right to review the data once per year free of charge.