June 13, 2018
- We are committed to protect the privacy of our users. Your trust is important to us!
- The data we process can be categorized to: data that the user has given, observed data of service use and data derived or calculated with the use of analytics.
- We use data to deliver and personalize services, to customer service, product development.
- We believe in the benefits of data and want to give our users control and choice over processing of personal data. From section 13. you will find a list of different means that can be used to manage and control data processing.
- What information does Enfuce collect?
- From which sources is my information collected?
- For which purposes is my data collected?
- How is my data stored?
- For how long will my data be stored?
- Who can handle my personal data?
- Will my data be transferred to third parties?
- How is my personal data protected?
- What are cookies and are they used on Enfuce’s web sites?
- How can I influence my privacy?
- Is this privacy statement subject to changes?
- How can I contact you?
Enfuce is committed to protecting the privacy of its customers and users of its product and service according to the Finnish Personal Data Act (523/1999), the Finnish Information Society Code (917/2014), the European Data Protection Regulation (EU) 2016/679 (GDPR) and other applicable laws.
1. WHAT INFORMATION DOES ENFUCE COLLECT?
We collect information about users for the purpose specified in Section 3 of this privacy statement. The purpose for data collection defines what information is collected from the user in each situation.
Information provided by the user or personally identifiable data:
- contact details, such as name, address, telephone number, email address
- the registration data required for a digital account, such as username, nickname, password and any other individual identifier
- demographic data, such as age, gender, rank or profession and native language
- customer account information, such as invoicing and payment details, product and order information, customer feedback and contacts and competition responses.
- preferences and interest information provided by the user
- permissions and consents
- information provided to surveys and research
- any other information collected with the user’s consent
- data that is derived from observed data and/or information given by the user by using analytics and patterns such as calculating possible interests of the user or otherwise segmenting the user to a specific group of users.
Data in our marketing register:
- Our marketing registers contain information about a person’s name, title or profession, age, gender, native language, contact details, and possibly an additional attribute of the person.
2. FROM WHICH SOURCES IS MY INFORMATION COLLECTED?
Personal data is mainly collected at the point of registration from the registrant him/herself, or later during the customer relationship.
Additional sources of information include the Finnish Population Information System, and other similar public or private registers.
3. FOR WHICH PURPOSES IS MY DATA COLLECTED?
We only handle personal data for predefined purposes, mainly to the following:
- Product development: Data helps us to continuously develop the user experiences and features of our products and services. Data is also used to create statistical reporting to help make fact-based decisions for business development purposes.
- Targeted digital advertising: We use data to segment our users to display targeted digital advertisements to make them more relevant for users. Targeting segments are created based for example based on the user’s areas of interest, demographic data and location.
- Newsletter campaigns: We store user data necessary to conduct targeted newsletter campaign.
4. HOW IS MY DATA STORED?
Keeping your personal data safe and secure is at the center of how we do business. We use appropriate technical, organizational and administrative security measures to protect any information we hold from loss, misuse, and unauthorized access, disclosure, alteration and destruction. We store all of your data in a safe manor according to GDPR regulations.
5. FOR HOW LONG WILL MY DATA BE STORED?
We store user information only for as long as is necessary in order to fulfil the purposes set out in Section 3 above, in accordance with the applicable legislation.
A person’s digital account is typically valid for eighteen (18) months. If the user has not logged in to his or her digital account during that time period, the user is requested to renew his or her user rights. If the user does not renew his or her user rights, or the user’s customer relationship or other reason for handling personal data are no longer valid, the user’s personal data will be deleted, transferred to a permanent marketing register, or anonymized into such a format that it is no longer possible to identify the person.
The user’s nickname and content provided by the user may remain visible in some services, such as discussion forums and public commenting platforms, even after the termination of the user’s actual customer relationship with Enfuce Financial Services. In addition, we may be obligated to store some of the user’s personal data in order to comply with accounting laws or other imperative legal provisions, even after the termination of the customer relationship.
6. WHO CAN HANDLE MY PERSONAL DATA?
Enfuce Financial Services can handle personal data according to the applicable Personal Data Act and GDPR. We may also outsource the handling of personal data to a third party supplier or vendor, in which case we ensure through contractual measures that the personal data is handled appropriately and in compliance with the Personal Data Act and GDPR.
We store our data in the EU or the EEA. If any data is transferred outside the EU or EEA, we will ensure that the country to which the data is transferred is approved as having a sufficient level of privacy protection by the European Commission, or by using standard contractual model clauses approved by the European Commission. Third party suppliers processing data on our behalf must handle personal data in compliance with this privacy statement.
We only transfer information to third parties for their independent use in cases presented in Section 7.
7. WILL MY DATA BE TRANSFERRED TO THIRD PARTIES?
We will not sell, lease out or disclose personal data of an identified user to third parties for their independent purposes, except for the situations shown below.
- We can disclose user’s data to third parties if the user has given his or her express consent for such transfer.
- We may also disclose personal data to authorities or to other parties based if required to do so by law.
- In the case of mergers, acquisitions, or other kinds of re-arrangements of our business operations, personal data may be transferred to buyers and their advisors.
- In accordance with the service specific descriptions of personal data files information may be disclosed for direct marketing purposes, as well as opinion polls and market research studies and other similar studies in accordance with the Personal Data Act and GDPR.
8. HOW IS MY PERSONAL DATA PROTECTED?
We use technical and organizational measures to protect personal data against unauthorized access, transfer, deletion or other handling that may compromise information security. Such methods include the use of firewalls, encryption technologies, proper access control systems, the controlled provision of user rights and supervision of their use, providing instructions for data processors, and the thorough selection of competent subcontractors who comply with industry standards for information security management.
9. WHAT ARE COOKIES AND ARE THEY USED ON ENFUCE´S WEBSITE?
10. HOW CAN I INFLUENCE MY PRIVACY?
We are committed to providing our users choices and control over data processing. In this section we list different ways of influencing data collection and processing.
Direct marketing consents
Users have the right to prevent their information from being used for direct sales or marketing purposes, and for electronic direct marketing purposes. Users can opt-out by contacting our customer service, or in the event of e-mail marketing, directly from the e-mail.
Right to verify your information
Users have the right of check what kind of personal data has been collected. Upon the user’s request, we will modify, remove or supplement any incorrect, unnecessary, incomplete or outdated personal data. Users may update and/or check their personal data by contacting our customer service.
11. IS THIS PRIVACY STATEMENT SUBJECT TO CHANGES?
12. HOW CAN I CONTACT YOU?
Users can send any questions related to this privacy statement and any concerns regarding the use of online technologies for targeting of advertisements to:
Enfuce Financial Services Oy
Data Protection & Privacy
privacy (at) enfuce.com