DATA PROTECTION STATEMENT

DATA PROTECTION STATEMENT

VibeVision Oy Ltd.
Business ID: 2870116-7
Kellosilta 7
00520 HELSINKI, Finland
(Hereinafter referred to as "VibeVision" or "we")

Contact person for the processing of personal data

Julia Flovén
c/o VibeVision Oy Ltd.
Phone: +358 (0)401758531
Email: julia@vibevision.fi

This data protection statement describes how we deal with the personal data of our customers' representatives and liaison officers for the purpose of providing our services and managing and maintaining customer relationships or similar relationships and other similar tasks as specified in this data protection statement. On our website, we use cookies to automatically collect data when you visit our site. VibeVision acts as the data controller for this personal data.

As the data controller, VibeVision is responsible for your personal data and their processing. Protecting your privacy and your personal data is of the utmost importance to us. Therefore, we collect your personal data only to the extent required to be able to provide you with a first class service. The way and purpose we process your personal data is described in more detail in this data protection statement.

In this statement, we only describe the ways in which we, or the parties operating on our behalf, process data. Please note that our online services may include links to third party sites or social networking services. However, we cannot control the activities of such third parties, nor are we responsible for the privacy practices of these third-party services or the content of these services. We encourage you to familiarize yourself with the privacy and data protection terms of these third-party services.

Cookies on VibeVision's website

We use cookies on our web site to collect metadata such as data about the page from where you navigated to our website, which of our web sites you have browsed and when, which browser you are using, your screen resolution and operating system, and your computer IP address or from what internet address you have sent the data and where the data will be received.

Using cookie data, we or our partners can track the number of visitors on our websites and analyze and develop our website to serve visitors better. We do not combine data collected through cookies with other personal data obtained from you.

To prevent the use of cookies, please change your browser settings so that your browser does not allow cookies to be saved. However, please note that blocking the use of cookies may affect the functioning of our web site.

VibeVision® emotion measurement

We offer our customers VibeVision® measurement and analysis services. When providing VibeVision® measuring tools or analysis services, we do not collect data from respondents that are classified as personal data. Our system only records fully anonymous response data that does not contain the personal data of the respondents.

Data protection policy for customer data

Why do we process personal data?

We process your personal data as our customer data for managing, processing, analyzing and developing the contractual relationship between us or the organization representing you, for example, to provide customer service and to implement customer communication. We can also process your personal data for customer inquiries and for marketing purposes, including direct marketing and distance sales.

The legitimate grounds for processing your personal data are the upholding of the contractual relationship between us or the organization representing you, our legitimate interests, a statutory obligation on us or the consent you have given us. Firstly, processing your data may be necessary to implement the agreement we have signed with you or with the organization representing you. When you order our services, we will process your personal data so that we can fulfil our contractual obligations. If you represent an organization in this contractual relationship, the processing of your personal data is based on our legitimate interest. Processing based on our legitimate interest is also the case, for example, when we provide you with a first-class customer experience and the best online content and newsletters. A legitimate interest is also the case when we process your data, for example, for administrative purposes, and to prevent and resolve abuse.

The submission of your personal data as described in this data protection policy is partly based on the agreement we have signed with you or with the organization representing you. In doing business with us, you are required to provide us with certain personal data for purposes of processing specified in this data protection policy, except in some cases where disclosure is not necessary and for which this is otherwise indicated. Failure to provide personal data may prevent us from fulfilling our contractual obligations, which may lead to you being unable to do business with us.

What personal data do we process?

By customer data, we mean the personal data that we use for the purposes of our existing contractual relationship, marketing purposes, and other purposes described above. This data includes, for example, your name, phone number, work email, and your position in our client company. In addition to the above-mentioned basic data, we also process data about services used and billing information, as well as data related to customer relationship or data related to other relevant communication. In addition to this data, we also collect data about our client companies, including the address, size, and industry.

What is the origin of our customer data?

We primarily collect personal data about you or your organization, in connection with such acts as signing an agreement, placing orders, or invoicing. While the customer relationship continues and in connection with the provision of services, we will collect data about you in other ways, for example, in a variety of customer service situations by phone or by email.

In addition, we can collect personal data or update personal data we have already collected from our partners and from authorities and companies providing personal data services such as contact updating services, and from public sources such as open websites.

Do we transfer or hand out personal data?

We may transfer personal data to personal data processors to perform the services or tasks we have assigned to them. The tasks of personal data processors are in connection with, for example, the provision and maintenance of information systems and software and the provision of other data processing services. In transferring personal data, we have agreed, inter alia, through contractual arrangements, that the personal data processor shall process personal data only for the provision of the agreed services and not for other purposes.

In addition, we may disclose your personal data as required by the competent authorities or other entities, in accordance with current legislation.

If we sell our business or part of it, or otherwise reorganize our business, we may disclose personal data to buyers and their advisors in accordance with currently applicable legislation.

We will not transfer our customer data outside the territories of the Member States of the European Union or the European Economic Area.

How do we protect personal data?

We have secured personal data safety and usability with the most appropriate technical and administrative measures. Personal data is protected against unauthorized access and illegal or accidental data processing with the most appropriate technical solutions, such as firewalls. By means of user rights management, we ensure that personal data is processed only by persons whose work requires the processing of personal data and who are thereby entitled to process personal data.

For how long do we retain personal data?

The storage time depends on the data and its purpose. We will retain your personal data for at least as long as needed to implement the notified uses, such as fulfilling our contractual obligations or providing customer service. Typically, the retention period for personal data is tied to the validity of the contractual relationship between us and you or the organization representing you, or the legitimate validity of any other legitimate interest that we define between us, for example, on the basis of communication. If you ask for your personal data to be removed or you object to the processing of your personal data and we have no other justified reason for processing your personal data after such a request, we will delete your personal data.

When we no longer need the personal data we have collected, or if you have requested removal or denied us permission to process your data, the data will be securely deleted or irrevocably anonymized.

What are your rights?

You have the right to inspect the data about you that we have stored and to have your erroneous personal data corrected. You can request verification or correction of your personal data by sending us a request for verification or correction of your personal data.

The request for verification or correction of personal data is to be addressed to VibeVision and should be made in writing or digitally and be signed and sent to the contact person mentioned in this data protection statement. The request should contain the basic data about the person required to find the requested data. After receipt and processing of your request we will send you a copy of your personal data by mail or digitally. We reserve the right not to fulfil a request if the request is manifestly unjustified or done vexatiously. If you request more than one copy, or the request is made more than once a year, we can charge you a reasonable fee based on the administrative costs.

You have the right at any time to require us to remove the personal data we process about you and we have the obligation to remove this data if there is no longer a legitimate basis for said processing. You also have the right to object to any processing of personal data that is based on our legitimate interest, at which time we have a duty to stop processing personal data on this basis, provided the further processing of the data is not of considerable importance and justifiable. In some statutory cases, we may also be required to limit the processing of your personal data.

In addition, you always have the right to file a complaint with the supervisory authority if you are of the opinion that we are processing your personal data illegally. The complaint is to be made to the competent supervisory authority in Finland, in accordance with the instructions given by the Data Protection Ombudsman. You can find the Data Protection Ombudsman website here.

In Summary

We reserve the right to update and modify our data protection policy. If not subject to mandatory legislation, we may not necessarily notify you personally of the modifications, so we encourage you to periodically review this data protection statement for any modifications there may be.

This data protection statement was last updated in May 2018 to comply with the EU GDPR.