PRIVACY POLICY

GENERAL

We at Balder care about your privacy and are continuously working to improve the protection of your personal data. In this policy, we describe how we process your personal data when you:

  • visit our website
  • contact us via, for example, email or social media
  • represent an organisation which is our potential, current and former client,supplier or partner

 

DATA CONTROLLER

Balder Management Finland Oy, reg.no. 3362984-1

Mikonkatu 8A, 00100, Helsinki

Contact information:  tobias.hoglund@balderfinland.fi / 040 1979356

Balder Management Finland Oy (controller) processes personal data in compliance with applicable data protection legislation.

 

THE PURPOSE OF PROCESSING PERSONAL DATA OF CUSTOMERS AND POTENTIAL CUSTOMERS

Balder Management Finland Oy processes personal data related to the management of customer or lease relationship, marketing, communications, and the personal data submitted in the Whistleblowing system (see separate Whistleblow privacy policy).

The purpose of processing personal data is to communicate with customers, maintain customer relationships, and for marketing or similar purposes. The data is not used for automated decision-making or profiling.

The controller also stores and evaluates information regarding visits to the controller’s website and uses the information to develop the website and overall marketing.

 

LEGAL BASIS FOR PROCESSING PERSONAL DATA

The legal basis for processing personal data under the EU General Data Protection Regulation (GDPR) is:

  • a contract to which the data subject is a party
  • the legitimate interest of the data controller (e.g., customer relationship)

 

CATEGORIES OF PERSONAL DATA THAT ARE PROCESSED

The information stored in the register includes: the person’s name, position, company/organization, contact details (phone number, email address, address), website addresses, IP address of the internet connection, social media service IDs/profiles, information about subscribed services and any changes to them, billing information, and other information related to the customer relationship and subscribed services.

The IP addresses of website visitors and cookies necessary for the functioning of the service are processed based on legitimate interest, for purposes such as ensuring security and collecting statistical data on website visitors, in cases where these can be considered personal data. Consent for third-party cookies will be requested separately, if necessary.

 

REGULAR SOURCES OF DATA

Personal data is collected from the following sources:

 

The information stored in the register is obtained from the customer through email, phone calls, social media services, contracts, customer meetings, and other situations where the customer provides their information.

Contact details of representatives of companies and other organizations may also be collected from public sources, such as websites, directory services, and other companies.

 

THE RECIPIENTS OF PERSONAL DATA/DISCLOSURE AND TRANSFER OF PERSONAL DATA

Information is not regularly disclosed to other parties. Data may be shared to the extent agreed upon with the customer.The data may also be transferred by the data controller outside the EU or EEA. Data will not be transferred to the United States without the explicit consent of the data subjects.

 

THE STORAGE PEROD OF PERSONAL DATA

The controller shall process and store the data only for as long as is necessary for the purpose. The retention period varies depending on the type of personal data, depending on the specific purpose of processing.

 

PRINCIPLES OF REGISTER PROTECTION

Care is taken in the processing of the register, and the information processed using information systems is adequately protected. The data controller ensures that stored information, along with access rights and other information critical to the security of personal data, is handled confidentially and only by those employees whose job responsibilities include such tasks.

 

RIGHT OF ACCESS AND RIGHT TO REQUEST CORRECTION OF DATA

Every individual in the register has the right to verify their information stored in the register and to request the correction of any incorrect data or the completion of incomplete information. If a person wishes to check the data stored about them or request corrections, the request must be sent in writing to the data controller. The data controller may ask the requester to verify their identity if necessary. The data controller will respond to the customer within the time frame specified by the EU General Data Protection Regulation (generally within one month).

 

OTHER RIGHTS RELATED TO THE PROCESSING OF PERSONAL DATA

Individuals in the register have the right to request the deletion of their personal data from the register (“right to be forgotten”). Additionally, data subjects have other rights under the EU General Data Protection Regulation, such as the right to restrict the processing of personal data in certain situations. Requests should be sent in writing to the data controller. The data controller may ask the requester to verify their identity if necessary. The data controller will respond to the customer within the time frame specified by the EU General Data Protection Regulation (generally within one month).

 

CHANGES TO THE PRIVACY POLICY

This Privacy Policy was last updated on October 11, 2024.

The controller reserves the right to modify this Privacy Policy. The controller will notify data subjects of significant changes to this Privacy Policy prior to their implementation.

If you have any questions about our data processing, please feel free to reach out to us via email at tobias.hoglund@balderfinland.fi