Data file description in accordance with regulation (EU) 2016/679 of the European Parliament and the Council on the protection of natural persons with regard to the processing of personal data.
1. Data File Controller
Name: Softability Oy
Company ID: 1059808-5
Address: Jaakonkatu 2, 01620 Vantaa
2. Person Responsible for Data File Matters
Name: Nora Nirhamo
Address: Jaakonkatu 2, 01620 Vantaa
Phone: +358 10 217 6150
Email: nora.nirhamo(at)softability.fi
3. Name of the Data File
Softability Oy’s customer and marketing data file
4. Purposes of Data Collection and Processing
The primary basis for processing personal data is a customer relationship between Softability and the customer, an assignment given by the customer, or other pertinent connection, such as oral, written or electronic consent of the data subject.
Personal data can be processed for the following purposes:
- Customer service and managing the customer relationships
- Delivery and provision of products and services
- Invoicing and order processing
- Implementation, development and follow-up of marketing, communications, and direct marketing or events. We may process and use your personal data to communicate with you, for example, to provide information relating to our products and/or services or to contact you regarding events.
- Analysis, grouping and reporting of customer relationships and other purposes related to the development of the customer account and Softability’s business.
- Collecting and handling customer feedback and customer satisfaction information.
- Implementing market surveys and opinion polls.
The personal data of a data subject is processed lawfully, fairly and in a transparent manner. A data subject has the right to prohibit marketing directed at him/her.
5. Rights of the Data Subject
The data subject has the right to request information and access to his/her personal data. She/ha also has the right to request Softability to replenish, rectify, anonymize or erase any incomplete, incorrect, unnecessary or outdated personal data about her/him. The data subject has also the right to obtain from the controller restriction of processing in situations referred to in article 18 of the General Data Protection Regulation.
The data subject may also at any time prohibit the use of personal data for direct marketing purposes, sending promotional materials, or for the performance of market research. Further, when the personal data is processed based on the consent of the data subject, she/he has the right to withdraw the consent for such processing at any time.
The data subject has the right to request and receive the personal data collected on her/him in a commonly used and machine-readable form. Please note that Softability may need to identify the request sender and for that reason, ask for additional information in order to be able to fulfill above mentioned requests.
However, we cannot delete such personal data that is necessary for compliance with binding legal obligations or if the personal data must be retained according to applicable laws.
Contact requests regarding these rights of the data subject should be sent to the following email address info(at)softability.fi or with a written and signed notice to the data file controller. The data subject has the right to lodge a complaint with a supervisory authority about the failure of the data controller.
6. Contents of the Data File
The data file may contain the following information e.g.:
- Name and contact information of the data subject (e.g. email, phone number, link to Linkedin profile)
- Organization and position / title
- Other information provided by the data subject
- Contract Information between the customer and Softability
- Order, event and analysis information
- Information related to marketing consents and refusals
- Information related to the use of electronic services and content (e.g. subscription of newsletters), technical information provided by the data subject’s web browser (e.g. IP-address, browser, browser version, page from which the data subject has moved to our page)
Softability will store customer data for as long as it is necessary for the customer relationship management, reporting and archiving, or based on the requirements of the authorities.
7. Regular Sources of Information
The information is provided directly by the data subject in connection to his or her customer relationship or in conjunction with use/registration to our service. The personal data is collected typically when the customer makes an agreement with Softability, purchases our products or services, uses or registers into our services, enters into a sales promotion or a campaign, or otherwise interacts with us.
The personal data can be obtained directly from the customer also in the sales meetings, over the telephone or by e-mail, from online/printable forms or from other publicly available sources such as social media, internet, newspapers and news.
Information is also collected via Softability Oy’s website as cookies when visited by a data subject (visitor) or when the visitor inputs his/her data to a data form (e.g. contact form, file download form) or he/she subscribes to a newsletter. Furthermore, personal data can be acquired from customer events (e.g. enrolling to events) or data can also be bought selectively from general registers to the extent permitted by law.
8. Transfer of data:
If necessary, the personal data processing tasks may be outsourced to service providers who may process personal data on behalf of Softability Oy for the purposes described in this privacy statement (for example, billing, event organizing or direct marketing) unless the data subject has not objected the use and transfer of his/her data. For this reason, personal data may be transferred to Softability Oy’s partners or other authorized third parties on controller’s discretion and within the scope of applicable legislation in force. However, these parties are not permitted to use the personal data for any other purposes than for what the personal data was collected, and we require them to act consistently with applicable laws and this Privacy Policy as well as to use appropriate security measures to protect your personal data.
Due to the technical reasons related to the processing the data, some of the data may be physically stored in the servers of the Softability Oy’s outside subcontractors and will be processed by means of remote access.
Data shall not be transferred outside the European Union of European Economic Community, unless it is necessary due to technical reasons related producing the service. If the personal data included in the register is transferred outside of the European Union or European Economic Community, the controller undertakes to ensure, that the transfer shall be done in accordance with the applicable legislation in force and that the adequate level of protection of the personal data provided by applicable legislation in force will not be jeopardized.
9. Protection of the Data File
A. Manual register
- Some data in paper form is stored only temporarily. The data in paper format is stored in locked rooms or cabinets and is destroyed immediately after storing the data digitally.
B. Digital Data register
- Only the employees who have the right to process personal data due to their work are entitled to use the customer information systems. The register will not be handed over to third parties.
- Access to the registry requires user rights in Softability’s internal network and to the systems. Each user has their own unique account and password to the systems. All information is gathered to systems and databases, which are protected with firewalls, passwords and other technical ways.
10. Amendments and contact information
This data file was last updated on the second of May 2018. We reserve the right to amend the data privacy practices described herein and to update the data file accordingly.
If you have questions concerning privacy protection and/or cookie policies at Softability Oy, please send your feedback to info(at)softability.fi.