Customer and marketing register
Customer and marketing register
A privacy statement in accordance with Sections 10 and 24 of the Finnish Personal Data Act (523/1999) and Articles 12 and 13 of the General Data Protection Regulation of the European Union (2016/679)
FI-70600 Kuopio, Finland
Business ID: 2081705-0
Tel. +358 10 322 1800
Matters related to the file
Our customer service will reply to questions and feedback related to the file without delay.
Name of the file
The customer and marketing register of NewIcon Oy.
Data contents of the file
Name, e-mail address, phone number, company and position in the company, address of the company.
The purpose of processing personal data and the use of personal data
Personal data is used for business purposes, such as the management of customer relations and the sales and marketing of NewIcon Oy’s products and services, as well as for recruiting purposes.
The duration of processing personal data
Personal data is processed for the duration of the customer agreement. Personal data is normally stored for marketing and recruiting purposes for six (6) months, after which the data will be moved to a passive file or a list of those who have prohibited marketing, or the data is removed entirely.
Regular sources of data
The data in the file is compiled from NewIcon Oy’s customer data system and publicly available internet sources. The data of potential customers has been collected by phone and/or from publicly available information related to a person’s position, tasks or performance in a public or commercial corporation The processing is based on the legitimate interest of the data controller. Persons who have subscribed to our newsletter have given their consent for marketing in connection to visiting websites.
Disclosure of data
The data controller will not disclose the personal data of customers to external parties unless this is required by the Finnish authorities. The data can be selectively stored in systems of the data controller’s choice where service providers comply with the legislation on data protection.
Service providers for NewIcon Oy:
– Visma (CRM & ERP)
– Medita Communication Oy (marketing communications)
– MailerLite for email marketing purposes
– Grano Oy
Transferring data outside the EU
NewIcon Oy or the service providers for NewIcon Oy will not transfer personal data outside the EU/EEA, or the service provider has a Privacy Shield certificate that proves that the service provider adheres to the Privacy Shield Frameworks agreed on between the U.S. Department of Commerce, the EU member countries and Switzerland when collecting, using and storing personal data from persons living in the EU member countries and Switzerland.
Rights of the data subject
Right of inspection:
The data controller will remove, correct or complement any erroneous, unnecessary, incomplete or outdated data in the file without needless delay, either on its own initiative or at the data subject’s request.
Right to object:
The customer is entitled to object to the processing of their data.
Prohibition of direct marketing:
The customer is entitled to prohibit the disclosure and processing of their data for direct marketing or other types of marketing.
Right to erasure:
A company or a natural person is entitled, free of charge, to prohibit the use of contact data. Personal data can be removed at the customer’s request or when the customer relationship ends.
Right of appeal:
The customer is entitled to appeal to the Data Protection Ombudsman if the customer feels that the processing of personal data does not comply with the current data protection legislation.
The security principles of the file
Personal data is stored confidentially in systems that require a password. NewIcon Oy’s data network and the hardware on which the file is located are protected with a firewall and other necessary technical measures. The data can only be accessed by persons who have signed a non-disclosure agreement and who need to access the data to perform their professional tasks.