Privacy statement for the marketing and client register

Registrant

Ecorum Oy (Ecorum)
Bulevardi 6
00120 Helsinki
0867390-4

Contact person for matters regarding the register

Hanna Kaukver

The name of the register

Marketing and client register

The purpose of processing personal data

The marketing and client/customer register is used to maintain contact information for existing and prospective clients of Ecorum. The term client/customer refers to private customers, companiesassociations , funds, communities and all similar entities. Personal data is mainly processed for client relationship management and client service. It is also used to manage, develop, target and track marketing, communication and sales. Personal data may also be processed for the following purposes:

  • Client relationship analysis, grouping and reporting, and other purposes related to the development of Ecorum’s business activity
  • Collection and processing of customer feedback
  • Implementation of market research and opinion surveys

Data content of the register

The following content can be stored in the register:

  • First and last name, gender, title, position and contact details of the business customer’s contact person
  • First and last name of a private customer, as well as contact details such as phone number and address
  • Mailing lists (e.g. newsletters)
  • Information regarding the provision, purchase, use and development of services as well as information regarding marketing and sales
  • Other information relevant to the management or development of a customer relationship

Information is obtained primarily from the following sources:

  • Customers, client companies and their contact persons
  • Stakeholders of Ecorum and external service providers such as public registers
  • Other appropriate sources

Ordinary deliveries of information

Ecorum does not disclose information in its possession to third parties. In a specific case, Ecorum may disclose information regarding the client or a stakeholder from the data base provided that the client or stakeholder has asked to do so or when a legal authority based on legislation requires this.

Transfer of data to a third country or to an international organization

Ecorum does not transfer data in its possession to third countries or to an international organization. In a specific case Ecorum may transfer data to third countries or to an international organization when a customer or a stakeholder has mandated and instructed Ecorum to do so.

Principles of register protection

Careful processing of the register is ensured, and the data processed by the information systems is adequately protected. When keeping records on internet servers, the security of the hardware and stored data is handled appropriately. The registry holder ensures that stored data, server access privileges and other critical information related to the security of personal data are processed confidentially and only by employees whose work assignment this belongs to.

The right of inspection and the right to demand correction of data

Everyone in the register has the right to check his/her data stored in the register and to demand that any incorrect information will be corrected, or incomplete information supplemented. If a person wishes to check the information stored on him/her, or to request correction, the request should be sent in writing to info@ecorum.fi. The registry holder may, if necessary, request the applicant to prove his/her identity. The registry holder is responsible to answer the customer within the time limit set in the EU’s General Data Protection Regulation (usually within one month).

Other rights related to the processing of personal data

A person in the register has the right to request the deletion of his/her personal data from the register (“the right to be forgotten”). Those who are registered are also entitled to the other rights under EU’s General Data Protection Regulation, such as restricting the processing of personal data under certain situations. Requests should be sent in writing to info@ecorum.fi. The registry holder may, if necessary, request the applicant to prove his/her identity. The registry holder is responsible to answer the customer within the time limit set in the EU’s General Data Protection Regulation (usually within one month).

Deletion of data and storage time

Ecorum removes the customer’s data from the register when there is no longer any business reasoning for data processing or when a person based on legislation requires Ecorum to do so. Data is also destroyed through overwriting when there is no longer reason to store the information. However, the information will not be deleted if the law states otherwise, or a competent authority has initiated a process that requires Ecorum to retain the information, or if another entity has applied a security protection decision for the information from a court in Finland.