We pledge to honor the following privacy protection policy, designed with our customers in mind. We collect information responsibly, in accordance with the applicable data protection legislation.
Nordic Business Group Oy
Kauppakatu 41 B 12
40100 Jyväskylä, Finland
The controller is Nordic Business Group Oy (2241358-6).
Kauppakatu 41 B 12
40100 Jyväskylä, Finland
2. Filing systems
3. For what purposes we use your personal data
Personal data is collected and used within the limits defined by the applicable data protection legislation to take care of and develop customer relationships and to offer, sell, market, deliver orders, and develop the services and products of the Nordic Business Group.
Personal data is used to help us better understand our customers and to help us conduct research into the trends and preferences of our customers. This market research and its raw data will be held within Nordic Business Group and will never be sold, distributed, or forwarded to third parties without our customers’ explicit consent.
Information collected from the data subjects will be used for direct marketing purposes only unless the data subjects prohibit such use.
4. What is our data processing based on
Processing of your personal data is based on the following grounds of the EU’s General Data Protection Regulation (one or more purposes may apply simultaneously):
a) Processing is necessary for the performance of a contract to which you are a party or in order to take steps at your request prior to entering into a contract.
b) Processing is necessary for compliance with a legal obligation to which the controller is subject (for example the duty to keep the records based on Accounting Act).
c) Processing is necessary for the purposes of the legitimate interests pursued by Nordic Business Group.
d) You have given consent to the processing of your personal data.
The legitimate interests of Nordic Business Group referred to in point c) above may include amongst others the following matters:
– right to promote the sales of Nordic Business Group’s products and services by way of direct marketing, including profiling for the purposes of marketing and sales
– business development
– investigation of possible malpractice
5. Information content
The filing systems include the following information, either in part or in full:
– Customer first and last name
– Company information and industrial classification
– Professional title
– Email address
– Postal address
– Phone number
– Any follow-up information pertaining to the customer’s purchases
– Notes of discussions with a customer
– When your data was put into the filing system
– Campaigns, promotions and other communication directed to you, as well as their use, including participation in events
– Interests and other information or survey data provided by you
– Direct marketing choices
– Information of the use of our digital services as well as digital content created by you
– Automatically collected data (such as IP Address, your device’s operating system, browser type and language)
– Mobile device identifiers (such as your unique device ID and your device name)
– Customer service email correspondence
6. Where do we collect the personal data from
Our filing system is derived from information given by our customers when registering for our mailing list or buying our products or services. This information is collected using an online form, as well as on paper, by phone, by email, or during the purchasing process of a service/product.
The information is collected, for example:
– on www.nbgroup.fi
– by phone
– by email
– during face-to-face meetings
7. To whom we may share your personal data
Nordic Business Group does not sell, lease or otherwise disclose your personal data to third parties outside of the Nordic Business Group unless otherwise stated below.
Nordic Business Group may share your personal data for obtaining payment for products and services including the transfer or sale of delinquent accounts to third parties for collection.
Nordic Business Group may share your personal data based on a valid order from a court or other official body with sufficient authority.
8. How long do we process your personal data
The controller will process the personal data (mentioned in part 5) of its customers until the end of the year of the last purchase plus 6 years. Potential customers’ data is processed in our marketing database until a customer relationship has started or until the data subjects ask his/her data to be deleted. For information on how this information can be deleted, see section 10.
9. Reviewing, updating and correcting of personal data
The data subject has the right to check, review and update or correct his/her information maintained on the filing system at any time. Customers must inform us if any personal data changes, in order to keep their record in the filing system up-to-date. For additional questions, or to review, update or correct personal data, please email firstname.lastname@example.org.
10. Right of erasure (“right to be forgotten”)
You have the right to obtain the erasure of personal data that concerns you from Nordic Business Group without undue delay on any of the following grounds:
a) your personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
b) you withdraw consent on which the processing is based and where there is no other legal ground for the processing;
c) you object to the processing and there are no overriding legitimate grounds for the processing;
d) your personal data have been unlawfully processed;
e) your personal data have to be erased for compliance with a legal obligation in Union or member state law to which Nordic Business Group is subject;
f) the personal data have been collected in relation to the offer of information society services.
However, you do not have the right of erasure if the processing is necessary:
a) for exercising the right of freedom of expression and information;
b) for compliance with a legal obligation which requires processing by Union or member state law to which Nordic Business Group is subject; or
c) for the establishment, exercise or defense of legal claims.
11. Right to data portability
You have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller where the processing is based on consent or on a contract and the processing is carried out by automated means.
12. Do we make decisions affecting you based on automated means?
Nordic Business Group does not make decisions based solely on automated processing which produces legal effects concerning you or similarly significantly affect you.
13. Principles of protection
All personal information is kept confidential.
Access to any personal information by the Nordic Business Group will be restricted to designated individuals with a username and password. Access to this database will be given only to specifically appointed people.
The individuals managing the filing system are bound to professional secrecy.
Nordic Business Group’s services may be provided using resources and servers located in various countries around the world. Therefore Nordic Business Group may transfer your personal data outside the country where you use our services, including to countries outside the EU and EEA that do not have laws providing specific protection for personal data or that have different legal rules on data protection.
In such cases Nordic Business Group ensures that a legal basis for such a transfer exists and that adequate protection for your personal data is provided as required by applicable law, for example, by using standard agreements approved by relevant authorities (where necessary) and by requiring the use of other appropriate technical and organizational information security measures.
Nordic Business Group is concerned with protecting your privacy and data, but we cannot ensure or warrant the security of any information you transmit to Nordic Business Group or guarantee that your information on the Nordic Business Group may not be accessed, disclosed, altered or destroyed by breach of any of our industry standard physical, technical or managerial safeguards. When you enter information (such as login credentials) on our registration or order forms, we encrypt all transmitted data using HTTPS with TLS (Transport Layer Security). However, no method of transmission over the Internet or method of electronic storage is 100% secure. Therefore, we cannot guarantee its absolute security.
Do you have any additional questions about our privacy protection?
We are happy to answer any questions you may have regarding our privacy protection policy! Feel free to contact our customer service at email@example.com.