Register and Privacy Statement

Register and Privacy Statement

This is Business Edge Oy Register and Privacy Statement in accordance with the Finnish Personal Data Act (Sections 10 and 24) and the EU General Data Protection Regulation (GDPR).

Created on: May 24, 2018
Last updated on: November 12, 2024

 

1. Data Controller

Name: Business Edge Oy
Business ID: [Your Business ID]
Website: www.businessedge.fi
Contact Email: office@businessedge.fi

2. Data Protection Contact Person

Contact: CEO Kimmo Toivakka
Email: kimmo.toivakka@businessedge.fi
Phone: +358 40 552 4600

3. Name of the Register

Register Name: Customer, Partner, and Marketing Register of Business Edge Oy

4. Legal Basis and Purpose of Processing Personal Data

The legal basis for processing personal data is the fulfillment of services provided by Company X Oy and/or its partners, as well as marketing and communication related to these services. This includes a combination of legitimate interest (e.g., direct marketing, customer relationship management) and contractual necessity for existing services.

The purpose of processing personal data is to facilitate communication with clients (including potential clients), maintain and develop client relationships, carry out consulting and training projects, handle invoicing and marketing, and manage partner relationships.

Data is **not used for automated decision-making or profiling**.

5. Categories of Personal Data Collected

Typical data collected includes:
– Name
– Position (job title)
– Company/organization
– Contact information (phone number, email, address)
– Website URLs
– Social media account details
– Information about services
– Billing information
– Additional information related to customer relationships and services ordered

Note: Not all the above data points may apply to every individual.

Retention Period: Data is retained for the duration of the customer relationship and is deleted within a reasonable period (typically one year) after the relationship ends, provided it is unlikely to resume.

6. Sources of Personal Data

Data entered into the register is typically obtained directly from individuals or the customer’s representative during meetings, by email, phone, through social media, contracts, event participation lists, and other similar instances where the customer provides their data.

Personal data may also be collected or updated from publicly available and private registers, such as the population register, authorities, credit information agencies, and contact information service providers, where lawful.

7. Data Sharing and Transfers Outside the EU or EEA

Data is not routinely disclosed to third parties. However, it may be disclosed when agreed with the customer, and as needed to perform services as outlined in this statement.

Use of Third-Party Processors: Business Edge Oy may use external subcontractors or partners to perform specific tasks related to this register. Such subcontractors may include hotels, event organizers, IT service providers, and business partners. The data controller requires these third parties to adhere to GDPR-compliant security standards to protect personal data.

International Transfers: Data may be transferred outside the EU/EEA as required for technical purposes or for providing and implementing services by Business Edge Oy’s partners. For any such transfers, Business Edge Oy ensures appropriate safeguards are in place, in compliance with GDPR requirements.

8. Data Security Principles

Business Edge Oy follows strict security protocols to protect data. Information systems are secured and access is limited to authorized personnel only. When stored electronically, data is protected by both physical and digital security measures.

Data Storage: Databases and backups are in secured facilities accessible only to designated personnel. Personal data is retained as long as necessary for the original purpose of collection. Generally, data is retained for the duration of the customer or partner relationship and for one year after it ends.

Review of Retention: The necessity for retention is regularly assessed. Steps are taken to ensure no outdated or incorrect personal data is stored beyond its purpose.

9. Data Subject Rights

Each person has the right to:
– Access their data stored in the register
– Request correction of incorrect or incomplete data
– Request deletion of data when no longer necessary
– Restrict or object to data processing
– Receive their data in a commonly used format for portability

To exercise these rights, submit a written request to the data controller. Verification of identity may be requested to process these requests. The data controller will respond within the GDPR-required period (typically within one month).

For inquiries, deletion requests, or modifications, please contact office@businessedge.fi.

Data subjects have the right to prevent the data controller from processing their personal data for direct marketing. Such requests can be sent at any time to office@businessedge.fi.

10. Complaint Process and Supervisory Authority

If a data subject believes their data is being processed unlawfully, they have the right to file a complaint with a supervisory authority in their country.

For more information on your rights under GDPR, contact **[Insert Contact Information]** or refer to your national data protection authority.

11. Other Rights Related to Personal Data Processing

Data subjects may request deletion of their data from the register (“right to be forgotten”) and exercise other GDPR rights, such as restricting data processing in certain situations. Written requests should be sent to the data controller. Identity verification may be requested as needed, with responses provided within the GDPR-regulated timeframe (typically within one month).

Scroll to Top