Reading time approx. 9 min 15 seconds
This privacy statement describes how Vertics Oy (Business ID: 2819846-9), hereinafter Vertics, processes the personal data of its customers; what personal information Vertics collects, for what purposes the information is used and to whom the information may be disclosed, and how the data subject may affect the processing. The privacy statement also provides information on Vertics’s obligations regarding the processing of personal data.
Vertics protects the privacy of data subjects and complies with the general data protection regulation of the European Union (2016/679) as well as other applicable data protection legislation and good data processing practices in all processing of personal data. Taking care of privacy is part of all Vertics business.
This privacy statement applies to the processing of personal information collected through the www.vertics.co website, other Vertics online services, marketing, contacts and transactions. (There is a separate Privacy Statement for the processing of Vertics customers’ personal information.)
”Personal data” means all data relating to a natural person (”data subject”) from which he or she can be directly or indirectly identified, as defined in the Data Protection Regulation. Information that cannot be directly or indirectly identified with the data subject is not personal data.
Our website may contain links to website/websites and services operated by other organizations that we do not manage. This Privacy Statement is not applicable to their use, so we encourage you to review their privacy statements. We are not responsible for the privacy statements or policies of other websites or services (even if you access them using the links on our website). We provide these links only as additional information to better serve you.
2. The controller and the data protection officer
Registrar: Vertics Oy (business ID: 2819846-9)
Address: Sokerilinnantie 11 C, 02600 Espoo
Contact information: firstname.lastname@example.org, tel. +358 44 282 0291
3. Purposes of the processing of personal data and legal basis for the processing
We only collect personal information that is relevant and necessary for the purpose. We collect personal information for newsletter subscriptions, event registrations, opinion polls, website usage monitoring and optimization, and to respond to contact requests. In addition, we process personal information to manage the events we organize with Vertics and its potential partners.
The purpose of the processing may also be the planning and development of the business of companies belonging to the same group, marketing, maintenance and development of services, quality assurance, direct marketing and opinion and market research.
The above-mentioned processing of personal data is based on Vertics’ legitimate interest in informing and developing its business and thereby providing a better service to the users of its services.
By processing personal information, we also aim to improve and ensure the security, risk management and prevention and detection of misuse of our services. These are based on our statutory duty.
In addition, electronic direct marketing to personal private e-mail (not, e.g. a person’s business e-mail) is based on consent.
For events and opinion polls, we may ask you about your preferences or wishes, but we do not require you to provide this information. The processing of the information you provide will then be based on your consent.
4. Categories of personal data to be processed and data content and data sources
Vertics only collects personal data from data subjects that are relevant and necessary for the purposes described in this privacy statement.
The following information is processed about registrations:
-Personal data group
-Examples of information content
-Identification and contact information
-Name, telephone number, e-mail address, name, business ID, the title of the company’s representative
IP address, electronic communications identification information, search and browsing information of our website, browser and operating system information, network behaviour information, log information (e.g. time and date) and statistics generated from these, and other user analyzes
See below under Cookies.
Consents and prohibitions that were given by the data subject
Information on the data subject’s consent to electronic direct marketing (e.g., newsletter) or other consent to the processing of personal data, as well as information on the withdrawal of the above consents and the data subject’s prohibitions.
-Marketing events and opinion polls
-Wishes and preferences, participation information
-Other optional information provided by the data subject
-Information that the data subject provides, for example, in contact requests, feedback or other communications
Mainly personal data is collected from the data subjects themselves in connection with marketing, through websites or in connection with contact requests.
Personal data may also be collected from the community on whose behalf the data subject acts or from the community website.
5. Retention of personal information
Vertics will retain personal information for as long as necessary to fulfil the purposes set forth in this Privacy Statement unless required by law to retain personal information for a longer period (e.g., specific legislation, accounting or reporting responsibilities and obligations).
The retention period and retention criteria for data vary from one group of personal data to another and depending on the purpose for which a particular group of personal data is used.
Consents and prohibitions shall be maintained for the duration of their validity.
Personal data related to marketing and opinion polls will be kept for a maximum of 12 months for the marketing purpose for which they were collected. The information can later be used in other marketing as well.
Google Analytics cookies expire in 26 months from the first time a user visits our website.
In the case of entities, the retention of the data subject’s personal data is linked to the length of time for which the data subject acts as a representative of the entity towards Vertics. Personal data will be deleted within a reasonable time after the end of that role.
When personal data are no longer required as defined above, the data will be deleted within a reasonable time, unless the legislation binding Vertics requires the data to be retained for a longer period.
6. Recipients of personal data
Vertics may transfer personal data internally between companies in the group.
In accordance with this Privacy Statement, Vertics may outsource the processing of personal information to service providers or subcontractors, such as IT suppliers and an accounting firm. Vertics ensures, with adequate contractual obligations, that personal data is processed properly and lawfully.
The following parties are involved in the processing of personal data:
-Microsoft Oy (and other companies in the group).
-Meta Platforms Inc.
We may disclose contact information to our partners within limits required by applicable law and good legal practice. The information is not regularly disclosed to third parties.
In special cases, personal data may be disclosed to public authorities in situations required and justified by law.
In addition, Vertics may be required to disclose the personal information of data subjects in the event of an emergency or other unexpected situation in order to protect human life and health and property. In addition, Vertics may be required to disclose the personal data of data subjects if Vertics is involved in litigation or other dispute resolution proceedings.
If Vertics is involved in a merger, business transaction or other corporate reorganization, it may be required to disclose the personal information of registrants to third parties. The data subject shall be duly notified if necessary.
7. Transfer of personal data outside the European Union or the European Economic Area
If personal data is transferred outside the European Union or the European Economic Area (for example, when required by a customer relationship), Vertics will ensure an adequate level of personal data protection, inter alia by agreeing on personal data processing as required by data protection law, such as model contract clauses approved by the European Commission.
8. Principles of protection of personal data and security of processing
Vertics processes personal information in a manner that seeks to ensure the proper security of personal information, including protection against unauthorized processing and accidental loss, destruction or damage.
Vertics uses appropriate technical and organizational safeguards to ensure this, including the use of firewalls, encryption technologies, secure equipment facilities, proper access control and access control, guidance to personnel involved in the processing of personal information, and subcontractors.
Contracts and other documents kept in the original shall be kept in locked premises, access to which shall be restricted to authorized persons.
All parties processing personal data have a duty of confidentiality in matters related to the processing of registered personal data, in accordance with the Employment Contracts Act and the confidentiality provisions of the agreements.
In accordance with this privacy statement, the company may outsource the processing of personal data to service providers or subcontractors, in which case the company will ensure, with adequate contractual obligations, that personal data is processed properly and lawfully.
Our website uses a TLS encrypted connection, which means that all personal information is protected in electronic form. If the data is in manual form, it is stored in locked premises and destroyed securely.
The information received by us through the website traffic monitoring is protected by a TLS encrypted connection. The data obtained through Google Analytics is stored and processed on the service provider’s own servers. Logging in to the Google Analytics service linked to the Vertics website requires logins, and at Vertics, only limited staff have logins.
If the data is in Vertics’s manual format, it will be stored in locked premises and securely destroyed.
9. Rights of data subjects
Data subjects have rights guaranteed by data protection law.
Right of access to data and right of inspection
The data subject has the right to receive confirmation as to whether the data subject’s personal data will be processed.
The data subject has the right to check and see information about himself and, upon request, the right to receive the information in writing.
Right of rectification and erasure
The data subject has the right to demand the correction of incorrect or inaccurate information. In addition, the data subject has the right to request the deletion of his data.
The controller shall also delete, correct and supplement, on its own initiative, personal data which it detects which is incorrect, unnecessary, incomplete or out of date for the purpose of the processing.
The right to transfer data and to restrict and oppose the processing
The data subject has the right to request the transfer of his data to another controller.
In addition, the data subject has the right to request a restriction on the processing of personal data in accordance with the conditions set out in data protection law. In addition, in a situation where personal information suspected to be incorrect cannot be corrected or deleted, or there is ambiguity about the request for deletion, the company will restrict access to the information.
The data subject has the right to object to the use of the data for a certain type of processing. The data subject has the right to refuse the disclosure and processing of his data for direct marketing purposes.
Right to withdraw consent
If the processing of personal data is based on the user’s express consent, the data subject has the right to withdraw his or her consent to the processing of his or her data. The cancellation has no effect on the cancellation previously processed.
You have the right to cancel sending newsletters to you. You can make the request via the ”unsubscribe” or ”unsubscribe” link at the bottom of the newsletter or by sending a cancellation notice to email@example.com.
Exercise of rights
Requests for data subjects’ rights will be made in writing using the contact details mentioned above. The request must be accompanied by sufficient identifying information. The request shall be answered within a reasonable time and, where possible, no later than one month from the submission of the request and the verification of identity. The company may request additional information as necessary to comply with the above requests. If the data subject’s request cannot be accepted, the data subject shall be notified of the refusal in writing.
10. Right to lodge a complaint with the supervisory authority
The data subject has the right to lodge a complaint with the data protection authority if the data subject considers that his or her personal data have been processed in breach of the applicable legislation.
11. Cookies and other technical monitoring
Vertics does not receive information about the user’s IP address through Google Analytics, but data in an anonymous form and Vertics is therefore not able to directly identify the user. Google Analytics generates anonymous reports of information obtained through cookies, such as the number of visitors, the website from which the visitor arrives at the Vertics website, the duration of the website visit, whether the user has visited the website before and which website pages the user visits.
With website traffic tracking, we develop our website to make it even better and to provide a better visitor experience for our users. You can prevent Google Analytics from collecting information about you, and you can learn more about this on the Google website.
We use our website to other third-party services, and thus their cookies to make our website content can be shared on social media. The service providers are
-Meta Platforms Inc. (Facebook and LinkedIn)
-Google LCC. (Youtube)
You always have the ability to block, manage and delete cookies through the settings of your browser or mobile device.
12. Changes to the Privacy Statement
Vertics is continuously developing its services and may need to amend and update this privacy statement as needed. Changes may also be based on changes in data protection legislation. We recommend that you read the contents of this privacy statement regularly.
The privacy statement was published on January 10, 2022.
Kiinnostaako meidän tuoreimmat blogit ja artikkelit?
Vanhempaa tuotantoa löytyy Life of Vertics -blogista.