- Data controller
Business ID: 1598868-0
Hermannin rantatie 8, 00580 Helsinki
+358 40 774 1777
- Name of the policy
- Purpose of and grounds for processing personal data
The processing of personal data is primarily based on the legitimate interest of Heeros Oyj to ensure the functionality and security of our website, and to provide information and services required by data subjects visiting the digital assets listed above. Personal data are also processed in order to develop and customize the website content for parties who are interested in our products and services. We also process personal data to monitor the number of website visitors and to compile statistics concerning the use of the website.
The Heeros Oyj uses the collected data for user profiling such as understanding the most popular pages for our visitors and users, visitor’s interests, and the similar to tailor our marketing activities such as email marketing, sales automation, advertising and remarketing, and customer support. Keeping this information is essential to the Heeros Oyj’s operation and marketing activities and helps us to improve our website and services.
Through this website, we also collect contact details from potential clients, including representatives of corporate clients, through forms, which can be filled in, in order to receive further information about our products and services.
In addition, we collect content of chat discussions through our chat service, which is designed to provide customer service and information to website visitors. When you use our chat service, we may process your personal data to manage the chat feature. In addition, we record our conversations to verify events and safeguard the rights of the parties involved. Records can also be used to train our staff and to ensure and improve the quality of our services.
- Data content
Certain identification data of the data subject can be stored through our website. These include the following:
Browser and website usage information:
- Technical, Usage and Location Information
- Cookie information
- Content of forms, chat, and email conversations
Technical, Usage and Location Information
We automatically collect information on how our users and visitors interact with the Heeros Oyj’s digital assets, such as the IP address, date and time, browser, operating system, device, pages viewed, items hovered or clicked (sometimes called events), and location information.
How cookie information is used
The Heeros Oyj uses 3rd Party Cookies on its digital assets explained above to collect information such as the number of visitors to the site, the most popular pages, visitor’s interests, and the similar to tailor our marketing activities such as email marketing, sales automation, advertising and remarketing, and customer support. Keeping these cookies enabled is essential and helps us to improve our website and services.
Information collected through web contact forms, chat and email conversations
- Contact details. Your name, email address, telephone number, interest in our solutions, and your role in the company you work.
- Company-related data. This information is regarding the company you work for, including the company’s name, business ID, company’s address(s), company’s industry, and size of the company.
- Storage period of personal data
We keep the data we have collected from our data subjects for different periods of time depending on many factors such as what it is, the source of information, how we use it, and how they have been configured by our data subjects:
- Immediate deletion.Some of the data can be deleted whenever our data subjects decide and will be deleted immediately (and gradually in back ups). These include; content you have created or uploaded to our digital assets e.g. images or customer data you have added to the system yourself.
- Automatic deletion or anonymization.Some of the data we have collected is deleted or anonymized automatically upon a set period of time, such as browser and website usage information, advertising data, analytic data, or cookies. This process is set by 3rd party systems we use and may take up to 18 months.
- Manual Op out.For business related purposes we have to keep some data until you opt out manually from our digital assets or send a request to us for such deletion. These include your contact details you have provided when filling up a form on our digital assets, company information, or chat history with our support team.
- Regular sources of data
Visitors: our visitors are the primary source of the personal, company, and technical information we collect, including the registration, contact Information, etc. that they provide us through the Heeros Oyj’s digital assets or otherwise.
From other sources. We collect personal, company, and technical information from other sources, including but not limited to:
- Referrals, people who recommend other people and their friends to us.
- 3rd Party Platforms, these include advertising platforms, content on third-party sites or platforms, and social networks.
- 3rd party data providers, including information services and data licensors.
From automatic collection. We and our service providers may automatically collect information about our visitors, their devices, their activity on our digital assets, and other sites and online services.
- Regular disclosures of data and categories of recipients
We disclose personal data to the service providers of the analytics tools, our partners, and affiliates, and 3rd party marketing agencies that we use their services on our digital assets from time to time.
- Transfer of data outside the EU or the EEA
- Right of the data subject to object to direct marketing
By using our digital assets, our visitors give their explicit consent to Heeros Oyj to do direct marketing at Heeros Oyj’s sole discretion. However, the data subjects can prohibit direct marketing from the data controller separately for each marketing channel, including in relation to profiling for marketing, sales, or customer support purposes.
- Other rights of the data subject
Right of the data subject to access the data
In the following cases we may decline exercising the right to process requests that are unreasonably repetitive, systematic, would require disproportionate technical effort, conflict with privacy of others, would be extremely impractical, or for which access is not otherwise required.
We may retain data subject’s information as necessary to comply with legal obligations, resolve disputes, or in backup disks.
Right of the data subject to request rectification, erasure or restriction of processing of personal data
The data subjects also have the right to demand that the data controller restricts the processing of their personal data, e.g. while the data subject is waiting for the data controller’s response to a request for the rectification or erasure of the data.
Right of the data subject to object to processing of personal data
The data subjects have the right to object to processing of their personal data by the data controller on grounds related to their particular situation if the processing is based on the data controller’s legitimate interest.
Right of the data subject to data portability
If the data subjects have provided data for the register themselves and such data are processed based on the data subject’s consent, the data subjects generally have the right to receive the data in a machine-readable format and to transmit them to another data controller.
Right of the data subject to lodge a complaint with a supervisory authority
The data subject has the right to lodge a complaint with the competent supervisory authority if the data controller has not complied with the data protection regulations applicable to its operations.
Right to withdraw consent
In case of questions related to the processing of personal data and situations related to the exercise of their rights, the data subjects should contact the data controller. The data subjects can use their rights by sending an email message to Heeros CEO Niklas Lahti at firstname.lastname@example.org.
- Changes to the policy