1. WHO IS DATAFISHER?
Datafisher Oy (also referred to as “us”, “we” or “our” in this document) specializes in online compliance training and provides its LMS learning and communications platform (Datafisher LMS) to its customers.
We are located at Technopolis Ruoholahti 1, Hiilikatu 3, 00180 Helsinki. You can contact us by email ([email protected]) or phone (+358 44 593 2336) or through our website (www.datafisher.com).
We operate the website at www.datafisher.com and provide the content and other services (e.g. GDPR training) available there (collectively referred to in this document as our “Services”).
2. PURPOSE OF THIS DOCUMENT
This Privacy Notice applies to www.datafisher.com and the services owned, operated or provided by Datafisher Oy (“Datafisher”, “We”, “Us”).
This document informs you of
- our policies regarding the collection, use and disclosure of the personal data you provide us when you use our Services,
- your rights and choices associated with the data you provide to us, namely how you can access, update, correct or delete your personal information.
Use of the personal information we collect shall be limited to the purpose(s) of providing you with our Services.
3. WHAT DATA DO WE COLLECT?
We collect several different types of data for various purposes, including to provide and improve our Services to you.
Types of Data Collected
When using our Services, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you (“Personal Data”). Personally identifiable information may include, but is not limited to:
- email address,
- first name,
- last name,
- company name (where applicable)
- Cookies and Usage Data (see descriptions below).
We may also collect information that your browser sends us whenever you use a mobile or other device to visit or access our Services (“Usage Data”).
This Usage Data may include information such as
- the type of device you use,
- unique device identifiers,
- your device’s Internet Protocol (IP) address,
- your Internet Service Provider (ISP),
- your device’s operating system (OS),
- the type and version of Internet browser you use,
- referring/exit pages and other pages of our Services that you visit,
- the time and date of your visit,
- the time spent on those pages,
- clickstream data,
- other diagnostic data.
Tracking & Cookies Data
What are Cookies?
Cookies are files placed on your computer to collect standard Internet log information and visitor behavior information. These files contain a small amount of data and may include a unique identifier. When you visit a website, the website sends cookies to your browser, which are then stored on your device. Tracking technologies used may also include beacons, tags and scripts to automatically collect and track information, which we use to analyze and improve our Services. For further information about cookies, visit www.allaboutcookies.org.
Examples of Cookies we use:
- Functionality Cookies to recognize you on our website,
- Session Cookies to operate our Services,
- Preference Cookies to remember your preferences and various settings (e.g. language, location),
- Advertising cookies to collect information about your visit to our website (e.g. content you viewed, links you followed, information about your browser, device, IP address),
- Security Cookies for security purposes.
4. HOW DO WE COLLECT THIS DATA?
You directly provide Datafisher with most of the data we collect and process when you
- Register online to use our Services,
- Contact us about our products or services,
- Voluntarily complete a customer survey,
- Provide us with feedback on our products or services,
- Use or view our website via your browser (e.g. cookies; see description of cookies above).
As is true of most websites, we gather certain information automatically and store it in log files. We do not link this automatically collected data to other information we collect about you.
5. WHY DO WE COLLECT THIS DATA?
Datafisher collects this data on the basis of legitimate business interest in enabling you to use our Services.
With your consent, we may
- contact you about the products and services we offer,
- send you our newsletter(s).
You may withdraw your consent to receive communications from Datafisher at any time by
- clicking on the “unsubscribe” button on the newsletter(s),
- emailing us at [email protected] with your request to stop receiving communications from us. (Letting us know in your email which communications you wish to stop receiving would be helpful, but is not required.)
6. HOW DO WE USE YOUR PERSONAL DATA?
We use the data we collect:
- to respond to requests for demos, proposals, meetings, service requests or other matters related our products and Services,
- to provide communication, care and support,
- to administer (update, delete, etc.) your contact information,
- to send you our newsletter and/or marketing communications (with your consent)
- to provide and maintain our Services,
- to notify you about changes in our Services,
- to allow you to participate in interactive features of our Services,
- to provide analysis or valuable information to improve our Services,
- to monitor usage of our Services,
- to detect, prevent and address technical issues.
We do not use automated decision-making to process your personal data.
7. HOW DO WE STORE YOUR DATA?
The security of your data is important to us. We follow commercially accepted standards to protect your personal information, both during transmission and once received. Understand, however, that because no method of transmission over the Internet or of electronic storage is 100% secure, we cannot guarantee its absolute security.
If you have any questions about the security of your personal information, you can contact us at contact.us(at)datafisher.com.
Datafisher stores the data we collect on secure servers located in Finland, the Netherlands and/or Ireland (EU) using commercially acceptable security methods and protocols.
We will retain your personal data for as long as your relationship with us is active or as needed to provide you with our products and/or Services – or up to 12 months from your last contact with us or last usage of our Services; after 12 months, your data will be automatically and permanently deleted from our system(s).
We will also retain and use your information as necessary to comply with legal obligations, resolve disputes or enforce agreements.
8. DO WE TRANSFER YOUR DATA?
Your information, including personal data, may be transferred to — and maintained on — computers located outside of your state, province, country or other governmental jurisdiction where data protection laws may differ from those in the jurisdiction where you are located.
If you are located outside Finland and choose to provide information to us, please note that we transfer the data, including personal data, primarily to Finland, the Netherlands and Ireland (EU), and process it there.
When we share personal information you provide within Datafisher and/or with our service providers located in the European Union or elsewhere, we make use of
- European Commission-approved standard contractual data protection clauses,
- binding corporate rules for transfers to data processors,
- generally accepted standards or other appropriate legal mechanisms
to safeguard the transfer of information we collect from and to the European Union and elsewhere.
Your use of our Services, followed by your submission of such information, represents your agreement to this Privacy Notice and to these data transfers.
Datafisher will take all steps reasonably necessary to ensure that
- your data is treated securely and in accordance with this Privacy Notice and
- your personal data will not be transferred to an organization or a country without adequate controls in place to reasonably secure your data and other personal information.
9. DO WE DISCLOSE YOUR DATA?
Datafisher is responsible for the processing of personal data we receive and subsequently transfer to a third party acting as an agent on our behalf. With respect to personal data received or transferred, Datafisher is subject to the regulatory enforcement powers of the EU Commission and Finland’s Data Protection Ombudsman. In certain situations, Datafisher may be required to disclose your personal data in the good-faith belief that such action is necessary:
- to comply with a legal obligation, subpoena, and/or lawful requests by public or government authorities (including to meet national security or law enforcement requirements), bankruptcy proceedings or a similar legal process,
- to protect and defend Datafisher’s rights or property,
- to protect your safety or the safety of others,
- to prevent or investigate suspected fraud or wrongdoing in connection with our Services,
- to protect the personal safety of users of our Services and/or the public,
- to protect Datafisher and/or its personnel against legal liability.
If Datafisher is involved in a merger, acquisition or sale of all or a portion of its assets, you will be notified via email and/or a prominent notice on our website of any change in ownership, uses of your personal information and choices you may have regarding your personal information.
10. DO WE USE THIRD-PARTY SERVICE PROVIDERS?
Datafisher may employ third parties (companies, individuals) to facilitate our Services, to provide the Services on our behalf, to perform services related to our Services or to assist us in analyzing how our Services are used. We call these third parties Service Providers.
These third parties have access to your personal data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.
We may use third-party Service Providers to monitor and analyze the use of our Services. These Service Providers include
- Google Analytics (https://policies.google.com/privacy?hl=en)
We strongly advise you to review the privacy policies of the Service Providers listed above for further information.
Social media features and widgets
Our Services may include social media features (e.g. “like” buttons) and Widgets (e.g. “share” buttons) or interactive mini-programs that run on our Services. These features may collect your usage data (see above) and may set a cookie to enable the feature to function properly. Social media features and widgets are hosted either by a third party or directly on our Services. Your interactions with these features are governed by the privacy statement of the company that provides them. Note that their privacy statements may differ from this Privacy Notice, so we encourage you to read them carefully.
Links to other sites
Privacy of minors (children)
Our Services are not intended for use by minors (e.g. children, anyone under the age of 18). We do not knowingly collect personally identifiable information from anyone under the age of 18. If you are a parent or guardian and are aware that your minor child has provided us with personal data, please inform us using the contact information under HOW TO CONTACT US? (below). If we become aware that we have collected personal data from a minor child without verifying parental consent, we will take steps to remove that information from our systems and servers.
11. WHAT ARE YOUR DATA PROTECTION RIGHTS?
Datafisher would like to ensure that you are fully aware of your data protection rights. Every person whose data we process has the following rights:
Right to Access
You have the right to request from Datafisher copies of your personal data. (Please note that we may charge a small fee for this service.)
Right to Rectification
You have the right to request that Datafisher correct, update, amend or complete any information you believe is inaccurate or incomplete or that has changed.
Right to Restrict Processing
You have the right to request that Datafisher restrict is processing of your personal data, under certain conditions.
Right to Object to Processing
You have the right to object to Datafisher’s processing of your personal data, under certain conditions.
Right to Erasure (Right to be Forgotten)
You have the right to request that Datafisher deactivate, delete, remove or erase your personal data (under certain conditions) or ask to have it removed from a public forum, directory or testimonial on our site.
Right to Data Portability
You have the right to request that Datafisher transfer the personal data that we have collected to another organization or directly to you, under certain circumstances.
If you wish to exercise these rights or make a request based on them, please send your request to us at the contact details listed below under HOW TO CONTACT US? (below). Please note that Datafisher has up to 30 days from the date of your request to respond to you.
12. HOW TO CONTACT US?
You can contact us with any questions or concerns related to this Data Privacy Notice at:
Technopolis Ruoholahti 1, Hiilikatu 3
00180 Helsinki, Finland
Email: [email protected]
Phone: +358 44 593 2336
13. HOW TO CONTACT THE APPROPRIATE DATA PROTECTION AUTHORITIES?
If you feel that Datafisher has failed to address your concern in a satisfactory manner, you may contact the appropriate data protection authority:
Office of the Data Protection Ombudsman
00520 Helsinki, Finland
Email: [email protected]
Phone: +358 29 56 66777 (Monday-Friday, 9:00-11:00)
14. CHANGES TO THIS DATA PRIVACY NOTICE
Datafisher may at any time update the content and notices on its web pages. We advise you to check this document from time to time for any changes.
This Data Privacy Notice was last updated on 29 October 2019.