Purpose of this Privacy Statement

NordCheck Oy and its employees, partners, and affiliates (“NordCheck”) are committed to protecting your privacy and personal data.

Under the General Data Protection Regulation, the controller is obligated to provide transparent information for data subjects. This notice fulfils the obligation to provide information.

In this Privacy Statement we present the rights granted by the European Union data protection laws.

Controller

NordCheck is the data controller of the respective data subject’s personal data. In all data protection related matters, data subjects may contact NordCheck by using the following contact information:

NordCheck Oy

Tekniikantie 12, Innopoli 1

FI-02150 Espoo

contact@nordcheck.com

The purpose of personal data processing

Processing of the personal data is necessary for the performance of sales contracts to which the customer company is a party. Further, processing of personal data is necessary for the legitimate interests pursued by NordCheck relating to its regular business purposes. When required by applicable laws, NordCheck will request data subject’s consent for personal data processing. 

Processors of personal data

The personal data are processed by the controller and its employees. We shall also have the right to partly outsource the processing of personal data to a third party, in which case we shall use contractual arrangements to guarantee that the processing of personal data complies with the valid data protection legislation and is also otherwise appropriate.

Personal data stored in the filing system

Customary to contemporary due business practices, NordCheck uses its platforms and related databases to manage and track our sales and marketing activities. NordCheck databases include personal data of our customers’, potential customers’ and other companies’ representatives with whom NordCheck has a business relationship or wants to develop one.

NordCheck databases may also include personal data of NordCheck’s customers’ or business partners’ customers or end-users who contact NordCheck relating to systems under NordCheck maintenance as well as personal data related to external stakeholders NordCheck is interested to contact and provide with general information of NordCheck and its business (e.g. media representatives, economic influencers).

Following information is collected and processed in connection with Customer Information Management platform:

·       Name 

·       Title 

·       e-mail 

·       mobile phone number 

·       fixed phone 

·       Address 

·       Language 

·       Possible other information relevant for the business relationshipand services, opportunities and organization

Such personal information is later in this privacy statement referred to as “personal data” and the individuals, whose personal data is processed, are referred to as “data subjects”. 

The Purposes and Legal Grounds of the Processing

The purpose why NordCheck processes personal data is to facilitate NordCheck’s business, support sales activities, assessments, projects, service deliveries, maintenance services and invoicing, contacting customers for contract management and marketing purposes and otherwise maintaining the customer relationship. NordCheck may also use personal data to handle incidents and claims as well as provide assistance as requested by customer.

Processing of the personal data is necessary for the performance of sales contracts to which the customer company is a party. Further, processing of personal data is necessary for the legitimate interests pursued by NordCheck relating to its regular business purposes.

Source(s) of Personal Data and Retention Period

The personal data has been received from the customers or obtained in connection with their use of NordCheck’s products and services. Personal data may also originate from NordCheck’s representatives based on their business interactions with the data subjects. In certain cases NordCheck may collect personal data from public registers and other reliable external sources.

The personal data will be stored as long as needed for the above said purposes. After that, the personal data will be effectively deleted or made anonymous. 

NordCheck Webpages and Internet Services

This section provides you with general information on the processing of your personal data related to this website and the other internet services of NordCheck (the “Site”).

Please read this Privacy Statement carefully if you plan to brows or otherwise use the Site. If you do not agree with this Privacy Statement, you must leave the Site.

3.1. Collected Personal Data

Generally, you can visit the Site without entering any personal data. When visiting the Site, certain technical and other information is automatically sent by your computer to us (i.e. IP address, the type of your browser and the source of your visit).

We also collect information about your website usage information by using cookies. Please see the Cookies section of this Privacy Statement for further information.

3.2. The Purposes and Legal Grounds of the Processing

The purpose of NordCheck’s processing of personal data collected through the Site is to

·       ensure an efficient and secure use of the Site; 

·       develop the Site for a better quality and broader scope of services; 

·       provide customized services and content recognizing your specific needs and interests, including surveys and questionaries that can result in defining customer specific (compliance) status information and customer profiles; 

·       improve our services to you; 

·       contact you; 

·       conduct research and collect statistics (e.g. what sections of our Site the users visit and how much time they spend on the Site).

The legal grounds for data processing are NordCheck’s legitimate interests relating to the abovementioned purposes. When required by applicable laws, NordCheck will request data subject’s consent for personal data processing. 

3.3. Source(s) of Personal Data

The personal data is received directly from the data subject or obtained in connection with their use of the Site.

3.4. Cookies

From time to time NordCheck may place information, commonly known as “cookies”, on your computer or mobile device to allow us to identify you, provided that you have consented to the placing of cookies on your computer or device for example by opt-in function or by way of changing the browser settings. Cookies give NordCheck information on how and when you have used the Site and help NordCheckt o improve the Site for a better service. If you do not wish to receive cookies, you may disable them.

3.5. Remarketing

The Site may use Google AdWords Remarketing to display advertisements based on your recent visit on the Site (“Remarketing”). The information regarding the visits is collected by placing a third-party cookie on your computer. You may opt-out from Remarketing related to use of the Site by disabling cookies.

3.6. Website Analytics

NordCheck uses website analytics, such as Google Analytics, to gather statistics about the users of the Site with the aim to improve the contents of the Site. Presentations enabled by Seidat, provides means to collect statistical data of reviewing presentations. Normally this data is anonymous, however, if you have identified yourself when downloading content from the website, logged into NordCheck online service or entered the website through a link in an e-mail, we may be able to identify the analytics data collected about your use of the Site.

You may use the opt-out functions of NordCheck cookie setting tool to disable NordCheck from tracking your visits to the Site. To opt-out from Google Analytics, you may download Google Analytics Opt-out Browser Add-on.

3.7. Social Media

NordCheck uses actively LinkedIn, Instagram and Facebook for marketing, sales and other relevant business purposes enabled by social media means. NordCheck integrates Social Media platforms to it websites enabling additional services, related statistical tools and content. NordCheck may store business relevant inquiries and information its customer information management platforms.

The rights of the data subject

The data subject has the following rights. Any requests concerning the use of the rights specified in this section must be submitted to contact@nordcheck.com

Right of access

The data subject shall have the right to confirm which of his or her data we have stored.

Right to rectification

The data subject shall have the right to obtain the rectification of inaccurate or inadequate personal data concerning him or her.

Right to object

The data subject shall have the right to object to processing of personal data if he or she feels that the personal data have been unlawfully processed.

Direct marketing prohibition

The data subject shall have the right to object at any time to processing of personal data for direct marketing purposes.

Right to erasure

The data subject shall have the right to obtain from the controller the erasure of personal data concerning him or her if the processing of personal data is no longer necessary. We will process your request for the erasure of your personal data and subsequently either erase your data or demonstrate legitimate grounds for the inability to erase the data.

It must be noted that the controller may have statutory or other compelling grounds not to erase the data concerned. The controller is obligated to store accounting materials for a period (10 years) determined under the Accounting Act (chapter 2, section 10). As a result, materials related to accounting may not be erased before the expiry of this period.

Withdrawal of consent

The data subject shall have the right to withdraw his or her consent if the processing of personal data concerning him or her is solely based on consent instead of, e.g., a customer relationship or membership.

The data subject may appeal a decision with the Data Protection Ombudsman

The data subject shall have the right to demand that the controller restricts the use of controversial data until the case has been solved.

Right of appeal

The data subject shall have the right to appeal to the Data Protection Ombudsman if he or she feels that we are infringing on the valid data protection legislation in the processing of his or her personal data.

The Data Protection Ombudsman’s contact information: www.tietosuoja.fi/fi/index/yhteystiedot.html

Transfers of Personal Data

NordCheck will not transfer any personal data outside the company or its partners, affiliates, subsidiaries and subcontractors.

NordCheck may provide aggregate statistics about its customers, sales, traffic patterns, and other related Site information to reputable third parties, but these statistics will include no personal data. 

NordCheck’s Supplier and Subcontractor Data

NordCheck and its employees, partners, subsidiaries and affiliates use solutions and database technology to manage the contact data of NordCheck partner’s, suppliers’ and subcontractors’ representatives. 

Transfer of data outside the European Union

The data shall be regularly transferred outside the European Union or European Economic Area. In transferring the data outside the European Union or European Economic Area, we shall ensure the adequate protection of the personal data through relevant measures, including agreeing on the issues related to the confidentiality and processing of personal data as legally required.

Due to the technical and practical requirements some of the personal data may be processed by subcontractors located outside the European Union or European Economic Area or at the subcontractors’ servers outside the European Union or European Economic Area. However, such subcontractors have agreed tocomply withtheappropriatedata processing standards.

Updates to the Privacy Statement

NordCheck develops the Site, presentation formats, social media alignment, its business as well as its data protection related processes and tools continuously and reserves the right to amend this Privacy Statement. NordCheck hopes that you review this Privacy Statement from time to time for any amendments. To the extent required by applicable privacy laws, NordCheck may contact you also through other interfaces or by using the collected contact information to provide information about updates that have material effects to you as a data subject. 


NordCheck provides a state-of-the-art platform for comprehensive compliance management.

ADDRESS

NordCheck Oy
Tekniikantie 12, Innopoli 1
FI-02150 Espoo

COMPANY ID

2873801-5

PRIVACY