Updated on July 31, 2019
Types of personal data we collect
We typically collect the following data about you or your use of our services:
- Information you provide to us. We collect and process information that relates to an identified or identifiable living individual (the “Personal Data”) you have chosen to provide to Cimcorp Group.
- Information from other sources. We may also collect information relating to existing and potential corporate customers and their representatives through publicly available sources (such as company websites), campaigns, publications and fairs (from business cards and otherwise). Such Personal Data may include, for example, name, title and job role, company, email and phone number and various other publicly available Personal Data.
Information we receive from other sources may also include data we receive through third-party services, such as social media sites, where Cimcorp Group has a presence and where you have opted to follow us.
How we use your personal data and the legal basis of processing
Cimcorp Group uses your Personal Data for the following purposes:
- Contacts and communication. We use your Personal Data to contact and communicate with you, for example when you have filled in a contact form on Our Site, and to provide you with information and notifications or ask you for feedback relating to our services. If you have subscribed to receive updates and newsletters from us, we use your information to provide you with the content you have subscribed to. You can always unsubscribe from receiving such updates and newsletters at any time. Processing of your Personal Data for contact and communication is based on Cimcorp Group’s legitimate interest or your consent to benefit your interests.
- Marketing, tailoring content and profiling. We can use the information we collect to send you direct marketing either by electronic means (email, SMS) or by mail or phone. When required under applicable data protection laws, we will ask your permission prior to sending you direct marketing by electronic means. Based on your interactions with Cimcorp Group’s services and content, we can also tailor and customise the content we provide you with (such as newsletters and marketing messages) in order to serve you with more relevant content. Further, based on your preferences and interactions with our services and contents, we can create profiles and user segments to provide you with targeted marketing. You can always opt out of receiving direct marketing and object to profiling at any time.
Processing of your Personal Data for marketing, tailoring content and profiling is based on Cimcorp Group’s legitimate interest of conducting our scope of business or your consent to benefit your interests.
- Recruitment process. If you have expressed your interest in working for us or applied for an advertised vacancy, we will use this information to carry out and complete the recruitment process. We will not use the information collected for recruitment purposes for direct marketing without your consent. Processing of your Personal Data for the recruitment process is based on your consent and is necessary in order to take steps at your request (as the data subject) prior to entering into an employment or service contract.
- Development and analysis. We may use your Personal Data and information to develop and improve our offering and services, as well as to analyze how our services and content are used. We will not use your information in an identifiable form if it is not necessary for the above-mentioned purpose.
Sensitive personal data
Cimcorp Group does not intentionally collect any sensitive information (special categories of Personal Data) via Our Site unless we have your express consent, or we are legally required to do so, for example for recruitment purposes.
Disclosures of your personal data
Cimcorp Group does not sell your information to third parties. We may, however, disclose your information in the circumstances described below.
- Authorities: We may disclose your information to authorities when we have a legal obligation or other legitimate interest to do so under applicable law.
- Consent: Based on your consent we may disclose your information within the limits of the specific consent you have given. Information on revoking your consent is provided below.
- Business transactions: We may disclose your Personal Data in connection with a business transaction, if necessary.
- Our legitimate interests: We may disclose your Personal Data if it is necessary in order to protect or defend our legitimate rights and interests, or those of our users, employees, directors or shareholders, and/or to ensure the safety and security of our services.
Given that Cimcorp Group operates internationally and consists of companies located in Finland, Canada and U.S., your Personal Data may be transferred from and to the EU (as appropriate) when the processing takes place within Cimcorp Group companies. The principal place of processing will, however, be in the EU and subject to the provisions of the EU General Data Protection Regulation. In case we transfer your Personal Data outside the EU, we have ensured that your Personal Data is afforded an adequate level of protection by way of contractual obligations or by using other safeguards available under the EU data protection laws.
Your rights as the data subject
As the data subject, under data protection laws you can influence how we process your Personal Data in the following ways:
- Right of access, rectification and erasure: You have the right to request access to your Personal Data that we process. At your request we will also rectify any inaccurate, incomplete, outdated or obsolete Personal Data relating to you. You also have the right to request that your Personal Data to be erased (the right to be forgotten) in accordance with applicable law.
- Data portability: You have the right to receive the Personal Data related to you, which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit the data to another controller. Where information and Personal Data have not been obtained from you, we shall additionally provide you with related supplementary information such as the identity and address of applicable third-party data protection officers and controllers, the purposes of the intended processing of the Personal Data, are intended as well as the legal basis for the processing.
- Right to object to direct marketing (including related profiling): In case you do not want to receive further marketing or other updates from us or wish to opt out of profiling that we do in order to offer you tailored direct marketing, you have the right to object to processing of your Personal Data for these purposes. Should you use your right to object, you will no longer receive direct marketing from us. You can use your right to object either by contacting us or through our unsubscribe page.
- Right to object to data processing and right of restriction: You have the right to object to processing we carry out based on legitimate interest on grounds relating to your particular situation, unless we have compelling legitimate interests for the processing which override those interests. You also have the right to request the restriction of the processing of your Personal Data, for example, in case you object to processing as described above or contest the accuracy of your Personal Data.
- Revocation of consent: You may revoke a consent you have given at any time by contacting us or unsubscribing from further updates from us through the unsubscribe page. Please note that revoking your consent does not affect the legality of the processing we have carried out prior to the revocation.
Data security principles
The Personal Data held by Cimcorp Group is protected by technical and organizational measures against accidental and/or unlawful access, alteration, destruction or other processing including unauthorized disclosure and transfer. Such measures include but are not necessarily limited to proper firewall arrangements, appropriate encryption of telecommunication and messages and use of secure and monitored equipment and server rooms. Data security is of special concern when third parties (e.g. data processing subcontractors) are retained in providing and implementing IT systems and services.
Data security requirements are duly observed in IT system access management and monitoring of access to IT systems. Access to Personal Data is restricted to personnel whose duties require access to such data and who are trained and properly instructed in data protection and data security matters.
If you do not want to receive a cookie from Our Site, you have the option of setting your browser to notify you when you receive a cookie, so that you may determine whether to accept it or not. However, please be aware that if you do turn off ‘cookies’ in your browser, you will not be able to fully experience some of Our Site.
What are web beacons?
Cimcorp Group occasionally advertises on third-party websites. As part of our efforts to track the success of our advertising campaigns, we may at times use visitor identification technology such as “web beacons,” or “action tags”, which count visitors who have come to Our Site after being exposed to a Cimcorp Group banner ad on a third-party site. We mainly use this technology to compile aggregated statistics about visitors who come to Our Site to gauge the effectiveness of our ads. However, through this technology we may receive Personal Data and information about you from publicly available sources in the internet to the extent that such personal information is linked to your email address we have stored, such as your name as displayed on publicly available social profiles, your location, company and a link to your professional social media sites (such as LinkedIn).
By navigating on Our Site, you agree that we can place cookie and web beacons on your computer or device. If you prefer not to receive cookies or web beacons, then you should stop using Our Site, or consult your browsing settings.
In addition to so-called first-party cookies that are dropped by Our Site, Our Site also uses third-party cookies. You can review the third party cookies used and their respective policies below:
- AddThis Privacy and Data Practices
Apps, QR Codes and other related technologies
When you scan a QR Code, the third party that we engage to provide our QR Codes may collect certain information from your mobile device (such as your mobile device identifier and IP address). The third party uses this information only on our behalf for the purpose of providing anonymized statistical reports to us about users of our website and services.
Social media platforms
You may wish to participate in the various blogs, forums, wikis and other social media platforms hosted by Cimcorp Group (“Social Media Platforms”), which we make available to you. The main aim of these Social Media Platforms is to facilitate and allow you to share content. However, Cimcorp Group cannot be held responsible if you share Personal Data or information on Social Media Platforms that is subsequently used, misused or otherwise appropriated by another user.
How can you prevent cookies from being installed?
You can allow, block or delete cookies installed on your computer by configuring the options on your internet browser. If you block them, you may find that certain services requiring them are not available to use.
The following are links where you can find information on how to activate your preferences on the major browsers:
Information we collect will only be kept as long as is necessary to fulfil the above-mentioned purposes (such as in order to provide you with the service or content you ordered until you have unsubscribed from receiving those or complete a recruitment process) or as long as we have a statutory obligation to keep your information, after which it will be destroyed in accordance with Cimcorp Group’s data retention policies. If you have exercised your right to object to direct marketing, we may still keep certain information about you to comply with that request.
Information collected through cookies will generally be stored for no longer than 36 months, after which this information is deleted.
Our services are not intended for use by children. We understand the importance of protecting children’s information, especially in an online environment, and we do not knowingly collect or maintain information about children.
Changes to this policy
Cimcorp Group may change this policy statement as needed. If changes to the statement are made, please note that it may take up to 30 business days before new privacy practices are implemented. Check this page periodically if you would like to monitor changes.
The contact details of the lead supervisory authority are:
Office of the Data Protection Ombudsman
P.O. Box 800
FI-00521 HELSINKI FINLAND
Tel +358 29 56 66700
For local supervisory authorities the contact information is as follows:
Office of the Privacy Commissioner of Canada
30, Victoria Street
Gatineau, Quebec K1A 1H3