Raute Privacy Notice - Customer relations, sales and marketing
1 Purpose of this notice and data controller
The purpose of this notice is to give you information regarding how we process personal data in our customer relationship management, sales and marketing activities. The data controller of your personal data is Raute Corporation and its affiliated group companies ("Raute" or "we").
Raute is fully committed to protecting your personal data when using or processing them and recognize the importance of correct and lawful treatment of personal data. Any mandatory national laws or regulations will take precedence in the event that it conflicts and has stricter requirements than this notice.
If you have any questions related personal data processing and/or this notice, please contact firstname.lastname@example.org.
2 For what purpose is your personal information collected?
We collect information related to our business customers, leads and co-operation partners. When performing sales, marketing or customer relationship management activities we process personal data of contact persons or decision makers of our customers, leads and co-operation partners. The processing of personal data is based on an agreement or legitimate interest of Raute (e.g. direct marketing).
The purposes of processing personal data are:
- To manage, develop, analyze and create statistics of relationship between Raute and customers or co-operation partners
- Communication with customers, lead generation, direct marketing and targeting online advertising
- To collect customer feedback and implement opinion and market surveys
- To organize sales and marketing events
- To plan and develop business operations and services
- To identify users and management of access rights.
3 What type of information is collected about you?
We process following information on decision makers and contact persons of our customers, leads and co-operation partners (incl. newsletter subscribers, registrants of customer portal, individuals who have requested a quote or submitted a contact request, and participants of events):
- Name, title and position of the company, company/employer, contact details e.g. postal address, e-mail address, phone number
- Customer history (e.g. participation in the events)
- Login credentials and usage log of electronic services e.g. customer portal
- Segmentation and profiling data
- Direct marketing permissions and/or prohibitions
- Possible other information relevant for the business relationship.
We collect following data on potential customer companies' or organizations' decision makers and contact persons:
- Name, company/employer e.g. postal address, e-mail address, phone number
- Information about individual's duties and position in business life or a public office
- Direct marketing permissions and/or prohibitions.
4 Where do we collect personal data from?
Personal data is collected from you by phone, in meetings, or by other equivalent means. Data is also collected in connection with the conclusion of the customer or collaboration agreement and otherwise obtained during customer/collaboration relationship. Personal data may also be originated from Raute's representatives based on their business interactions with individuals or collected and updated from public and private registers.
5 Who do we share your personal information and may information be transferred outside the EU or EEA?
Unless you prohibit the disclosure of your data, we may disclose data i.e. to selected collaboration partners within the limits of the legislation for providing the service.
We use services of external service providers for, e.g., maintaining newsletter mailing lists and customer and co-operation partner information and for processing information of individuals participating in events. In accordance with data protection agreements, each service provider can only process personal data to the extent that is necessary for the provision of the service in question.
Raute transfers data to countries outside the EU or EEA within the Raute Corporation. In the absence of adequacy decision by the EU Commission Raute applies standard contractual clauses approved by the European Union or other approved transfer mechanisms (incl. Privacy Shield) in order to maintain the adequate level of data protection.
6 How your personal information is protected and how long we process information
Raute applies physical, technical, and administrative protection measures to protect personal data. Only those parties who have the right to process personal data for their work performance are authorized to use the systems containing data. Raute makes data processing agreements with all subcontractors that process personal data in order to ensure appropriate data protection.
We store personal data for as long as it is necessary due to the purpose of use (e.g. customer/co-operation relationship), or as long as the individual requests the erasure of the data. In this case we will store the data that legislation obligates us to store and the data about the erasure.
Raute assess the necessity of retaining data regularly. In addition, we take care of such reasonable measures which ensure that no incompatible, outdated or inaccurate personal data, taking into account the purpose of the processing, are stored in our registers.
7 Your rights as a data subject
Right of access, rectification and erasure
As a data subject you have a right to inspect the personal data concerning yourself, which is stored in the register, and a right to require rectification or erasure of your data.
Direct marketing prohibition and right to restrict the processing
You have the right to object or to demand restriction of the processing and prohibit the direct marketing.
Withdrawal of a consent
When the processing of information is subject to your consent, you may withdraw your consent at any time. Withdrawing your consent does not affect the lawfulness of processing before the withdrawal of the consent. Withdrawals can be made by requesting withdrawal from email@example.com.
Right to lodge a complaint with a supervisory authority
If you consider that the processing of personal data relating to you infringes the data protection regulation, you have the right to lodge a complaint with a supervisory authority. You may lodge your complaint in the EU Member State of your habitual residence, place of work or place of the alleged infringement.
You may also request the personal data collected based on your consent and concerning you to be transmitted to another controller in a case where the data is in machine-readable and transferable format.
8 Whom can you contact?
If you have any questions related to the personal data processing or you want to exercise your abovementioned rights, please contact firstname.lastname@example.org.