Privacy policy for clients

Bridge Impact Oy customer and decision-maker register

Privacy Policy in accordance with the General Data Protection Regulation (679/2016/EU) sections 13 and 14.

1. Controller

Bridge Impact Oy
Business-ID: 2990856-5
Teknobulevardi 7, 01530 Vantaa
privacy@bridgeimpact.fi

2. Register matters

Our customer service will respond to register related questions and feedback within two business days. In register related matters, contact: privacy@bridgeimpact.fi.

3. Name of the register

Customer and decision-maker register of Bridge Impact Oy.

4. Purpose of the file and processing of personal data

The personal data of business customers is used to deliver, maintain, develop and analyze contractual and customer relationships between Bridge Impact and business customers, as well as for statistical purposes.

The personal data of decision-makers is for direct marketing and Bridge Impact opinion and market surveys, as well as for the design and development of Bridge Impact’s business and services.

5. Content of the register

The register may contain the following data related to a company, persons in charge of companies and entities, persons involved in the service processes and other stakeholders:

  • Name, title (incl. job description), company, phone number, e-mail address, postal address
  • Interests and profiling information
  • Customer feedback and contacts
  • Information provided by the data subject (e.g. professional interests of the data subject)
  • Information on a person’s participation in Bridge Impact’s service processes.
  • Other possible information Bridge Impact services require
  • Direct marketing restrictions
  • Other information that is necessary for the intended use of the register

6. Regular sources of information

Our primary sources of information to be included in the register are the data subjects themselves, who may provide information by phone, online, during meetings, in client events or in similar ways. Personal data may be collected and maintained from generally available sources, such as websites of companies and other service providers, and private and public registers.

7. Regular disclosure of data

The controller discloses data to third-party subcontractors. The data is not disclosed outside the European Union or the European Economic Area.

Bridge Impact does not regularly disclose data to third parties, unless disclosure is required by the law or on the orders of public authorities.

8.Register protection principles

Personal data is kept confidential. Only specified employees of the controller or other companies working on behalf of the controller have access to and the right to process the data in the system. Access to the system requires the use of a username and password for each user.

The data is collected in databases that are protected with firewalls, passwords and other technical measures. The databases and their back-ups are located in locked and guarded premises to which only certain designated persons have access to. Personal data is stored for as long as is necessary for their intended use. Personal data contained in the customer and decision-maker register will be deleted when the information used for marketing actions is identified as obsolete or unavailable.

9. Right of inspection and deletion of data

The data subject has the right, pursuant to the law, to inspect the data concerning himself/herself that is stored in the register. The request for an inspection (incl. a request for erasure) has to be done in writing and sent signed to the controller at the address indicated above. The data subject may exercise the inspection right once a year free of charge.

10. Right of rectification of incorrect data

The data subject also has the right to demand corrections to incorrect data. A request for rectification shall specify the incorrect data and provide the corrected data. A request for rectification must be made in writing and be sent signed to the controller at the address indicated above.

11. Other rights of the data subject

The data subject has the right to refuse the processing of data concerning himself/herself for use in direct marketing and opinion surveys. The refusal can be made at any time to the controller at the address above or by unsubscribing from a mailing list by following the instructions in marketing messages.

12. Changes to the Privacy Policy

We constantly improve and develop our services and websites and may occasionally make changes to the privacy policy. We will update the new policy on our website and mark the date of the update. Please read the Privacy Policy from time to time to get up-to-date information on any changes.

Updated 15.8.2019.