Here you can find the Marketing Register Description, the Recruitment Register Description and the User and Usability Study Register Description. All of which have been created following the General Data Protection Regulation EU 2016/679.
Last Updated: April 2021
At Digitalist, we value the privacy of our customers, partners and other stakeholders. As a data controller, we need to collect and process personal data in order to provide all of our stakeholders with the best possible content. In particular, we process contact information of representatives and our corporate customers. We do the same with regard to potential customers. Personal data is any information that relates to an identified or identifiable individual, such as a name, email address and photograph.
We process personal data related to all persons belonging to the aforementioned groups in accordance with this privacy notice and the applicable legislation. We may update the privacy notice as our operations develop and the legislation changes.
Digitalist Group Plc’s Business ID: 0997039-6
Address: Pohjoisesplanadi 35 Aa, 00100 Helsinki
Contact information for register matters:
Tel: +358 40 824 7258
Personal data processed and data-gathering methods
Digitalist Group collects personal data related to customers and potential customers from the person in question. With regard to potential sales leads, we may also gather data from LinkedIn or company websites. Our website and any forms posted on it constitute another important source of personal data related to this group. Based on use of the Digitalist Group website, we also use the Google Analytics, Leadfeeder and Pardot services to gather data.
Digitalist Group may process the following personal data held on its customer and marketing register:
|PERSONAL DATA||PURPOSE OF PROCESSING||LEGAL BASIS|
|Basic information such as name*, date of birth, customer number, title, preferred language
Contact information such as e-mail address, phone number, address information
Information related to the company’s contact persons
|Delivering and improving our products and services according to your needs||Legitimate interest|
|Fulfilling our contractual and other promises and obligations||Performance of a contract|
|Direct marketing||Consent (private persons) or legitimate interest (companies)|
|Possible direct marketing opt-outs||Serving customers interest of not receiving direct marketing||Legitimate interest in being able to fulfil our legal obligation to ensure opt-out from direct marketing in accordance with the law|
|Information you provide in connection with the events we host, registration data, special diets, invoicing data||Organizing events||Legitimate interest in being able to host events and invoice when applicable|
|Consent regarding health data (e.g. allergies)|
|Information of the customer relationship and the contract such as information of past and current contracts and orders, correspondence with you and other communication, payment information and other information which you have voluntarily provided to our systems||Compliance with our contractual and other promises and obligations||Performance of a contract|
|Managing the customer relationship||Legitimate interest in managing and developing the customer relationship|
|Data of the connection and terminal device you are using such as the IP address, device ID or other device identifier and cookies||Targeting advertising in our online services||Consent|
|Analyzing and profiling behavior|
In addition, we gather data related to the corporate customer and its contact persons during the customer relationship. Personal data is also gathered via sign-ins for events we arrange and, occasionally, from seminars arranged in cooperation with partners.
Processing, handover and transfer of data outside the European Economic Area
In general, data in our marketing and customer register is processed by Digitalist Group employees for who the processing of such data is a key element of the duties. Throughout our operations, we ensure that personal data is handled confidentially, in compliance with the law and solely on our own behalf.
We do not disclose data to third parties, but may share it with other companies within our group where necessary. In addition, data may be disclosed if so required under law, by a court of law, or by the competent authorities. We may also hand over personal data that is in our possession if we are involved in a company or business acquisition.
As a rule, we do not transfer personal data outside the EU or EEA except for use by one of our foreign subsidiaries. Some of our service providers may be located outside the EU, because we primarily store and process data in digital format, particularly via cloud-based services. Service providers of this kind include Pardot and Salesforce. In such cases, Digitalist Group ensures that data transfers involve sufficient data security as required by law.
Data security, protection and storage
The personal data held by Digitalist Group is duly protected from unauthorised access and accidental or unlawful erasure, alteration, handover, transfer, or unlawful processing in any other manner. Only employees who need to process such data for work-related reasons are entitled to use systems containing the data. Personal data is protected by a password and firewall in a secure cloud service/and database.
Personal data is stored only as long as required for the purpose in question, or for as long as the related contract or legislation requires. The storage time of data can vary, depending on the purpose for which it is used, the legal grounds for its processing, and the circumstances. Furthermore, personal data can be erased if the data subject withdraws his or her consent, or requests that it be erased (unless Digitalist Group has other legal grounds for processing the data), or if the contractual relationship is terminated, or the data becomes obsolete or incorrect. We attempt to update or erase superfluous, incorrect or obsolete data at least once a year.
You are guaranteed several rights under the applicable data protection legislation. Digitalist Group is committed to respecting these rights in its operations. With respect to the processing of your personal data, you have the following rights under certain additional legal provisions:
1. the right to request that we provide you with a copy of any personal data concerning you which we have in our possession, and with certain information on the processing of such data;
2. the right to request the restriction, in certain circumstances, of the processing of your personal data, for example if you dispute the accuracy of such data or we no longer need it for the original purposes for which we were processing it, but it is still needed in order to draw up or present a legal claim, or for legal defense against such a claim;
3. the right to request the erasure of your personal data in certain circumstances, such as a situation in which your personal data is no longer needed for the purposes for which it was originally gathered or processed (the so-called right to be forgotten);
4. the right to object to the processing of data conducted in the pursuit of our legitimate interests;
5. the right, at any time, to withdraw your consent to our processing of your data when such processing is based on your consent;
6. the right to request that we update your personal data, or correct inaccurate data; and
7. the right to file a complaint with the local competent authority, such as the Data Protection Ombudsman in Finland (https://tietosuoja.fi/en/home).
Should you wish to exercise the aforementioned rights, you may do so by contacting Digitalist Group (see the contact information above). We may have to ask you for further details on your identity before fulfilling your request, in order to ensure that you are entitled to make such a request.