TERMS OF SERVICE
By using the ID BBN website, you agree to the following terms of service. If you do not agree to all of the terms, do not use the website.
ACCURACY OF DATA AND DOCUMENTS
Data provided on the website is provided to users "as is" without any express or implied warranties or representations of any kind, adaptability or non-infringement of any commercial purpose. ID BBN does everything reasonably foreseeable in order to provide accurate and up-to-date information on its site, but it does not in any way guarantee the truth or completeness of the information. ID BBN may from time to time add, modify, improve or update information on the site without notice. ID BBN assumes no responsibility for any errors in the site's content or any information left out. ID BBN does not warrant that the website or its hosts will not contain any viruses or other harmful elements.
LICENSE AND COPYRIGHT
ID BBN grants the site user the right to view, publish, copy, download, and print documents on the site under the following limitations: documents may only be used for personal, non-commercial purposes in conjunction with retrieval, and documents may not be edited. ID BBN and the author of the article must be mentioned in connection with the article. A link to the original article must be added to the electronic document and the web address must appear in a printed article. The publisher must take into account any third party intellectual property rights. ID BBN is not responsible for the content targeted at third-party copyright violations (e.g. photos and texts).
ID BBN's trademarks are used as identifiers of ID BBN's products and services to indicate who is producing the products and services. ID BBN's trademarks may be honestly used in marketing and promotional materials, as well as when referring to ID BBN's products and services (such as in a newspaper article) without the permission of ID BBN, provided that said trademarks are used in accordance with normal trademark use and are clearly indicated. If you want to use trademarks in any other context, you must obtain the consent of ID BBN. If the user is not sure whether or not a specific BBN authorization is required, the user must check with ID BBN.
LINKS FOR THIRD PARTY SITES
This site may have links or references to other websites that are not managed by ID BBN. ID BBN does not assume any liability for the content of such Linked Sites or any links on such linked sites. Such links are intended solely for the benefit of users and do not imply that ID BBN would in any way support the content of the linked site or the service provider. ID BBN is under no circumstances responsible for the content of third-party sites linked to this site or the activities of such third parties.
SUPPLY OF MATERIALS
You use this site at your own risk. ID BBN, its suppliers of goods or services, or any other third party that has participated in the creation, production or supply of the contents of this website is under no circumstances liable under any law for any direct or indirect damages to the user or any other party, indirect damages, special injuries, indemnification, incidental or consequential damages arising out of the use of this site. Information on websites may include, for example, viruses or software malfunctions. ID BBN is not responsible for any unauthorized modification of any information that it has transmitted or received, viruses, software errors or any of the consequences thereof.
APPLICABLE LAW AND DISCIPLINES
REGISTRATION CLAUSE UNDER ARTICLE 10 OF THE PERSONAL DATA ACT (523/99)
1. Registry Holder
Idea Development ID Oy Läntinen Rantakatu 3 20100 Turku, Finland
Tel. +358 2 81450600
2. Registry matters:
Customer service is responsible for fielding any questions and feedback on the register within two business days.
3. Register Name:
ID BBN Marketing Register
4. The purpose of processing personal data:
The purpose of processing is to manage customer relationships between companies, to implement the rights and obligations of the customer and Idea Development ID Ltd. and to process personal data for the purposes of online services, to research activities, to direct advertising and / or direct marketing of Idea Development ID and / or its partners based on customer data, through Idea Development ID's media and services, without transferring personal data to a third party.
5. Register Information Content:
The Register may include customer and prospect information according to the following grouping: Name, Email Address, Cell Phone Number, Company and Position, Company Category, Business Size and Revenue or Category, Company Contact Information, Classification Information describing other business activities, Information identifying the person's relationship with the company.
6. Regulatory Information Sources:
The Registry is composed of Idea Development ID Ltd's Customer Information System, publicly available Internet sources, Dun & Bradstreet and Fonecta Profinder or other databases.
7. Regular disclosure of information:
The registrar does not disclose personal information to third parties, unless required by Finnish or other legal authorities.
8. Deletion of information:
Data may be deleted at Customer's request or at termination of customer relationship.
9. Principles for securing the register:
Privacy is maintained. Idea Development ID's information network and the equipment with which the registry is located are protected by a firewall and other necessary physical safeguards.
10. Prohibition Right:
The Customer has the right to deny the processing of his / her data for direct advertising and other marketing purposes.
Idea Develoment Oy
Data Balance Sheet
What personal information is held by the company
The company has personal contact data related to the company's marketing and with the company's customer relationships.
The data is located in two cloud computing systems:
Oracle Eloqua cloud service platform
Visma Severa ERP cloud computing system
The company has the contact information of about 7,000 people.
Nature of the information:
Name and contact information
Company represented by a person
Behavioral information, for example:
Website visits to company websites
Activities of a person on a company's website, such as document downloads, pages viewed, forms filled, etc.
The company does not trade with private persons. This must also be taken into account in relation to the personal registers. Personal data is handled from a business perspective – when a person acts as a representative of a business. However, this does not alter the fact that a company must comply with the provisions of the EU General Data Protection Regulation as well as national rules.
The Data Protection Ombudsman has been notified of our automated processing of personal data for marketing purposes and we have prepared an updated Privacy Statement. In the case of an ERP or employee register, a statement has not been made since registration has not been done for reasons of customer, service or membership.
Information is used to promote the company’s business, to share information about company services and products or to market surveys, polls or other inquiries. It is therefore typical direct marketing.
Since the key communication method is email, outdated information is deleted from the personal register on the basis of bounceback email information, i.e. when the recipient's email is no longer in operation.
Any personal information that has not been active in our business communications (the minimum activity is opening an email) will be deactivated after 2 years. In other cases, personal data will only be deleted when the person so requests.
The controller does not disclose personal information to third parties, except as required by Finnish or other legal authorities. Individuals have the right to inspect all personal information stored in the personal register. They have the right to rectify the data and the right to have their personal data discarded, the so-called right to be forgotten.
Individuals have the right to limit the processing of data, which means that the company has the right to retain the information, but shall not otherwise handle them without the consent of the data subject.
Individuals also have the right to ask the company to transfer personal data about them to another registrar. The data must be transferable in structured, commonly used and machine-readable form.
If the company has reasonable grounds for suspecting the identity of the individual making the request, the company may, however, request that additional information be provided to confirm the identity of the registered individual.
The company must submit personal data processing data to the data subject in a tightly presented, transparent, easily understandable and accessible form in one month’s time or less.
Activities related to personal data flows
Legal basis for processing personal data
Consent must be voluntary, individualized, aware and unambiguous.
According to the regulation, consent must be given explicitly by means of consent, such as a written, electronic or oral statement. The statement must indicate the voluntary, individualized, informed and unambiguous will of the registered person to accept the processing of his / her personal data.
Consent must cover all processing purposes. Consent cannot be given by silence, pre-truncated check-box, or by omitting any action to be taken.
If the data subject must give his consent on the basis of an electronic request, the request must be clear and concise and should not unnecessarily interfere with the use of the service for which it is provided. In the General Data Protection Regulation, the consent includes more specific criteria than in the Personal Data Act.
How security has been safeguarded
Protection of personal data is handled at all stages of the process, starting with data collection and ending with data destruction.
The company has a Data Protection Officer with professional qualifications and, in particular, expertise in data protection legislation and practices in the field. His duties include monitoring and controlling personal data processing related to security.
As part of the planning of personal data processing, the company has also designed processes to deal with potential security breaches. In the event of a security breach, the company will report to the supervisory authority, if possible within 72 hours of the occurrence of the violation.
Information outside of the EU is handled by Oracle America Inc. in compliance with the EU-U.S. Privacy Shield Framework, details of which can be found at: https://www.privacyshield.gov/participant?id=a2zt00000000181AAA&status=Active
Privacy information is defined in the company's security policy.
What is the risk management associated with the processing of personal data?
The risk management of personal information is defined in the company's security policy.