December 2019
Since privacy and data protection are at the core of our business, it is of paramount importance to us that when processing personal data, we do so in lawful and responsible manner. With personal data we mean any piece of information relating to an identified or identifiable person (‘data subject’) that allows us to identify a person directly or indirectly. Processing of personal data refers to any operation or set of operations which is performed on personal data, such as collection and storing of personal data.
The standard for our personal data processing operations are the relevant national and international regulations and we adhere to the rules and principles set forth in the European General Data Protection Regulation (GDPR).
We want to be transparent about our data processing. You can find more information about Privaon’s data processing from the chapters below. We may update this Privacy Statement from time to time. If we make any substantial changes to our processing, we openly seek to inform you.
Privaon acts as a controller for the personal data concerning our business contacts, namely the representatives of our corporate clients, potential corporate clients and other stakeholders such as suppliers and their representatives. If you are our business contact, this statement explains how Privaon processes your personal data.
Read morePrivaon as controller
Controller refers to a company or other party which is in charge of the processing and determines how the personal data is processed.
Our website or our services contain links to websites that don’t belong to or are not operated by Privaon. Such companies have their own policies for data protection. We recommend that you take a look at their privacy notices before using their services.
Privaon as a processor
Processor refers to a company or other party which is processing personal data on behalf of the controller and according to the instructions received from the controller.
Privaon acts as processor for some of the personal data that we process in the context of providing our cloud-based tools and services. For example, when a corporate company uses Privaon’s cloud-based eLearning service, we process the data on behalf of our customer and according to their instructions. Our corporate customer remains the controller for the personal data.
Contact Information
If you have any questions or comments, please contact us by using Privaon’s DSAR Chatbot at the bottom of this page or by calling us:
Privaon Oy
Hevosenkenkä 3, A-tower 8th floor
02600 Espoo
+358 50 328 1446
Our core business is not the collection of your personal data. Therefore, we process only a minimum amount of personal data necessary to operate our business, to offer and provide our services. We will only process your personal data for predefined purposes and we make sure that we have legal grounds for it.
Read moreWe process personal data for the following purposes:
The processing is based on our interest to establish new business relationships and to maintain the existing ones. Our annual marketing research is based on our interest to gain insights from customers, potential customers and other stakeholders. With regards to electronic direct marketing, we process your data only if you have given your consent for it.
More information
As a we are a company dependent on business operations, we do marketing for our business contacts. We keep records of our clients’ and potential clients’ details to market and provide more information about our products and services. This could mean for example invitations to our events and other marketing activities to promote our services.
We use online advertising networks, social media companies and other third-party services to send marketing communication and display ads on other websites and services you may use. You can ask us to remove your data from these channels at any time by contacting us. You can unsubscribe from our mailing list by using the unsubscribe link in the relevant email.
We use third-party service providers to provide our services and to help operate our business efficiently. As a responsible company, we always use various contractual and other arrangements to ensure that our service providers process your personal data in accordance with the laws and good data processing practices. Some of our service providers or their support functions are located outside the EU and EEA.
Read moreTo ensure the confidentiality and high level of protection for your data, we have a data processing agreement with every service provider we use for the personal data processing. Our processors do not have the permission to process your information in any ways beyond the agreed services and Privaon remains the sole controller of such data. We have also conducted Privaon’s Privacy Impact Assessments (PIA) for most of our processors.
We may have to disclose certain information to public or law enforcement authorities when this is required by law. We only do so on the basis of an adequate legal warrant or subpoena issues by a Finnish or other relevant Court.
In case of mergers or acquisitions, the acquiring entity may obtain access to relevant customer data assets.
Some of our service providers or their support functions are located in the United States. When the processing involves transferring personal data outside EU or EEA, we use appropriate legal mechanisms to ensure the same level of data protection as in the EU. The measures we rely on are the model contractual clauses issued by European Commission.
Privaon has appropriate security policy and procedures in place to protect personal data from loss, misuse or unauthorized access.
Read moreWe guarantee that your data is kept confidential and secure. All the employees authorized to process your data are committed themselves to confidentiality. We have a role-based access control, meaning that each employee is given access to resources and personal data based on the employee’s needs and job description. All networks and services used by our employees are protected with appropriate security measures.
We have a procedure to manage data breaches which allow us to assess the possible risks, notify the relevant authorities and alert you in case your personal data may have been affected. We regularly educate all employees to ensure the protection of your personal data
You have several rights concerning your personal data, such as right to access, update, delete and have a copy of such data. We seek to ensure that you can exercise your rights efficiently. You can exercise your rights by using the Privaon's DSAR Chatbot at the bottom of this page.
Read more
If you wish to exercise your rights, or if you have any other question relating to the processing of your data or this privacy statement, please contact us by using Privaon’s DSAR Chatbot at the bottom of this page.
We use cookies and other similar technologies to collect data on the usage of our website. By analysing our website usage, we aim to maintain and further develop our websites. For example, we get information on which service pages you go to, what blog texts you might be interested in and how you navigate between the pages. In order to develop our website, it is important to know what kind of website content is most efficient and functional. The collected data also helps us to provide more personalised services and marketing to you. We can for example create target audiences and send them more relevant and personalised communication such as advertising and messages. You can always disable cookies altogether in the browser settings or you can delete cookies from the browser and disable all targeted advertising and communication based on your previous visits on our website.
Read moreWe have determined retention periods based on the purpose of the processing and the applicable legislation. For example, the accounting related laws require us to store your personal data for a certain period. We review the personal data we collect (e.g. the information of our business contacts) regularly to ensure that the personal data we have is up to date and is not retained longer than needed or required by the relevant laws.
Read moreWhen not limited by applicable legislation, the retention periods are defined as follows:
If you wish to have more detailed information about our retention times, please contact us by using Privaon’s DSAR Chatbot at the bottom of this page.
Privaon has implemented a DSAR Chatbot on its website and uses it for answering privacy-related questions and requests concerning the personal data processing carried out by Privaon. Privaon’s DSAR Chatbot is an online customer service that you can contact when you have a request or query regarding your data protection rights, the processing of your data or when you have any other privacy concern. The main form of contacting us regarding these matters is via the Privaon’s DSAR Chatbot available below.
Read morePrivaon’s most common data subjects are B2B contacts, private clients, jobseekers, employees, partners, etc. The personal data you provide to Privaon’s DSAR Chatbot is processed for the following purposes:
When you perform your request on our DSAR Chatbot, we will collect the following information:
For the use and implementation of our DSAR chatbot, Privaon manages the software of an external service provider. Privaon has made sure that our service provider has taken appropriate technical and organisational measures to safeguard personal data collected from the DSAR chatbot. Privaon guarantees that personal data processed through the chatbot in question is in accordance with local and EU regulations. Moreover, the chatbot itself does not store any information, but the general data retention times in this Privacy Statement apply.
You can check how we process your data in the section Collection and Use of Personal Data.
This privacy notice refers to all the methods we offer you to use for contacting us, namely, via Privaon’s DSAR Chatbot available at Privaon’s Privacy Notice website, as well as via email address or phone number available at Privaon’s website.