Privacy Policy

This privacy policy applies to all external commercial activities by Nordic Business Group Oy and the websites operated by the company: www.nbgroup.fi.

 

We pledge to honor the following privacy protection policy, designed with our customers in mind. We collect information responsibly, in accordance with the applicable data protection legislation.

 

Contact information

 

Nordic Business Group Oy
Kauppakatu 41 B 12
40100 Jyväskylä, Finland
info@nbgroup.fi

 

1. Controller

 

The controller is Nordic Business Group Oy (2241358-6).

 

Global headquarters
Kauppakatu 41 B 12
40100 Jyväskylä, Finland
info@nbgroup.fi

 

2. Filing systems

 

This privacy policy describes how we process the personal data of our customers, potential customers, and interest groups.

 

3. For what purposes we use your personal data

 

Personal data is collected and used within the limits defined by the applicable data protection legislation to take care of and develop customer relationships and to offer, sell, market, deliver orders, and develop the services and products of the Nordic Business Group.

 

Personal data is used to help us better understand our customers and to help us conduct research into the trends and preferences of our customers. This market research and its raw data will be held within Nordic Business Group and will never be sold, distributed, or forwarded to third parties without our customers’ explicit consent.

 

Information collected from the data subjects will be used for direct marketing purposes only unless the data subjects prohibit such use.

 

4. What is our data processing based on

 

Processing of your personal data is based on the following grounds of the EU’s General Data Protection Regulation (one or more purposes may apply simultaneously):

 

a) Processing is necessary for the performance of a contract to which you are a party or in order to take steps at your request prior to entering into a contract.

 

b) Processing is necessary for compliance with a legal obligation to which the controller is subject (for example the duty to keep the records based on Accounting Act).

 

c) Processing is necessary for the purposes of the legitimate interests pursued by Nordic Business Group.

 

d) You have given consent to the processing of your personal data.

 

The legitimate interests of Nordic Business Group referred to in point c) above may include amongst others the following matters:

 

– right to promote the sales of Nordic Business Group’s products and services by way of direct marketing, including profiling for the purposes of marketing and sales
– business development
– investigation of possible malpractice

 

5. Information content

 

The filing systems include the following information, either in part or in full:

 

– Customer first and last name
– Company information and industrial classification
– Professional title
– Email address
– Postal address
– Phone number
– Any follow-up information pertaining to the customer’s purchases
– Notes of discussions with a customer
– When your data was put into the filing system
– Campaigns, promotions and other communication directed to you, as well as their use, including participation in events
– Interests and other information or survey data provided by you
– Direct marketing choices
– Information of the use of our digital services as well as digital content created by you
– Automatically collected data (such as IP Address, your device’s operating system, browser type and language)
– Mobile device identifiers (such as your unique device ID and your device name)
– Customer service email correspondence

 

6. Where do we collect the personal data from

 

Our filing system is derived from information given by our customers when registering for our mailing list or buying our products or services. This information is collected using an online form, as well as on paper, by phone, by email, or during the purchasing process of a service/product.

 

The information is collected, for example:

 

– on www.nbgroup.fi
– by phone
– by email
– during face-to-face meetings

 

7. To whom we may share your personal data

 

Nordic Business Group does not sell, lease or otherwise disclose your personal data to third parties outside of the Nordic Business Group unless otherwise stated below.

 

Nordic Business Group may share your personal data with authorized third parties that perform services for Nordic Business Group for the purposes described in this Privacy Policy within the limits of the applicable legislation. This may include for example providing services such as customer service and software services, managing and analyzing personal data, conducting market research and managing marketing and execution of diverse campaigns.

 

Nordic Business Group may share your personal data for obtaining payment for products and services including the transfer or sale of delinquent accounts to third parties for collection.

 

Because Nordic Business Group takes the responsibility to safeguard your personal data seriously, Nordic Business Group does not allow those companies to use it for any purpose other than to perform those services, and Nordic Business Group requires them to protect your personal data in a way consistent with this privacy policy.

 

Nordic Business Group may share your personal data based on a valid order from a court or other official body with sufficient authority.

 

8. How long do we process your personal data

 

The controller will process the personal data (mentioned in part 5) of its customers until the end of the year of the last purchase plus 6 years. Potential customers’ data is processed in our marketing database until a customer relationship has started or until the data subjects ask his/her data to be deleted. For information on how this information can be deleted, see section 10.

 

9. Reviewing, updating and correcting of personal data

 

The data subject has the right to check, review and update or correct his/her information maintained on the filing system at any time. Customers must inform us if any personal data changes, in order to keep their record in the filing system up-to-date. For additional questions, or to review, update or correct personal data, please email info@nbgroup.fi.

 

10. Right of erasure (“right to be forgotten”)

 

If a customer or user violates our terms of use, misuses the service, conducts illegal activity via the service, or if the information entered is out of date, the Nordic Business Group reserves the right to delete the personal data associated with this individual.

 

You have the right to obtain the erasure of personal data that concerns you from Nordic Business Group without undue delay on any of the following grounds:

 

a) your personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;

 

b) you withdraw consent on which the processing is based and where there is no other legal ground for the processing;

 

c) you object to the processing and there are no overriding legitimate grounds for the processing;

 

d) your personal data have been unlawfully processed;

 

e) your personal data have to be erased for compliance with a legal obligation in Union or member state law to which Nordic Business Group is subject;

 

f) the personal data have been collected in relation to the offer of information society services.

 

However, you do not have the right of erasure if the processing is necessary:

 

a) for exercising the right of freedom of expression and information;

 

b) for compliance with a legal obligation which requires processing by Union or member state law to which Nordic Business Group is subject; or

 

c) for the establishment, exercise or defense of legal claims.

 

11. Right to data portability

 

You have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller where the processing is based on consent or on a contract and the processing is carried out by automated means.

 

12. Do we make decisions affecting you based on automated means?

 

Nordic Business Group does not make decisions based solely on automated processing which produces legal effects concerning you or similarly significantly affect you.

 

13. Principles of protection

 

All personal information is kept confidential.

 

Access to any personal information by the Nordic Business Group will be restricted to designated individuals with a username and password. Access to this database will be given only to specifically appointed people.

 

The individuals managing the filing system are bound to professional secrecy.

 

Nordic Business Group’s services may be provided using resources and servers located in various countries around the world. Therefore Nordic Business Group may transfer your personal data outside the country where you use our services, including to countries outside the EU and EEA that do not have laws providing specific protection for personal data or that have different legal rules on data protection.

 

In such cases Nordic Business Group ensures that a legal basis for such a transfer exists and that adequate protection for your personal data is provided as required by applicable law, for example, by using standard agreements approved by relevant authorities (where necessary) and by requiring the use of other appropriate technical and organizational information security measures.

 

Nordic Business Group is concerned with protecting your privacy and data, but we cannot ensure or warrant the security of any information you transmit to Nordic Business Group or guarantee that your information on the Nordic Business Group may not be accessed, disclosed, altered or destroyed by breach of any of our industry standard physical, technical or managerial safeguards. When you enter information (such as login credentials) on our registration or order forms, we encrypt all transmitted data using HTTPS with TLS (Transport Layer Security). However, no method of transmission over the Internet or method of electronic storage is 100% secure. Therefore, we cannot guarantee its absolute security.

 

We may modify this privacy policy, and if we make material changes to it, we will provide
notice on our website or by other means, to provide you the opportunity to review the changes before they become effective. Your continued use of our products and services after we publish or send a notice about our changes to this privacy policy means that you have become bound by the updated privacy policy.

 

Do you have any additional questions about our privacy protection?

 

We are happy to answer any questions you may have regarding our privacy protection policy! Feel free to contact our customer service at info@nbgroup.fi.

 

We have updated our privacy policy on 24 May 2018.