Registry owner and controller

Fountain Park Oy
Mikonkatu 19
00100 Helsinki
Finland
Corporate ID (Finland) 1632083-4

Data contact address

Sähköposti: dataprotection@fountainpark.fi

Registry name

Customer and marketing registry.

Purpose and legal basis for processing

Processing of personal data is based on our legitimate interest of fulfilling our obligations toward our customers, fulfilling contract terms agreed upon with our customers, and marketing our products and services to companies and other organizations.

Purpose of data processing is:

  • Delivering products and services and fulfilling our contractual legal obligations and duties.
  • Maintaining and improving our customer relationships and improving our services and products, by example sending surveys and notifications to our current and prospective customers.
  • Targeting advertising by e-mail, our web pages and on web pages maintained by other entities. Our customer relationships are highly valued, and we only stand to lose from aggravating our customers. Therefore, we advertise very sparingly, if at all.

We can use web tracking and profiling to maintain customer profiles, their actions on our website, and contact history with us. We use this information to target marketing and developng our services.

Stored data

  • Basic personal information
    • Name
    • Customer ID or other identifying ID assigned by our system
  • Contact information
    • Email address
    • Telephone number
    • Address information, including IP address
  • For people who represent a company or other legal entity:
    • Entity ID number or code
    • Names and contact information of our contact persons
  • Information concerning past and current customer relationship, such as information on past and current contracts, proposals and negotiations, other interaction information such as invoicing information and electronic communications between the parties.
  • Customer profile
    • Employer
    • Position and job description
    • Expressed areas of business interest
    • Attendance to events organized by us or our affiliated partners
  • Web behavior on our site
    • Visits
    • Page downloads
    • Downloads of materials we make available on our website
    • Interactions with marketing emails sent by us
    • Technical information, such as operating system, browser, device screen size used by visitors to our site

Sources of data

The primary source of our data is the person in question. We get their information by meeting them, calling or e-mailing them.

In addition to personal contacts we can collect and update data for the purposes expressed in this privacy statement from publicly available sources, official registries and l third parties operating within the limits of applicable laws and regulations. This information is updated to our database manually or automatically.

Storing data

Data from publicly available sources, official registries and third parties are stored for 6 months unless we have had other contacts to the person. As contact count meetings, telephone conversations, replies to our emails, or other reactions to our attempts to contact the person, with the exception of exercising their legal rights for privacy.

Data on customers we have had contact with is stored for 36 months from the latest recorded contact. They can legally exercise their rights, such as the right to be forgotten or the right to forbid direct marketing.

Data on customer who has been a contact in a client project or to whom we have made a detailed proposal is stored for 60 months from the latest contact.

Transfers of personal data outside EU/EEA

We do not transfer any personal information except to authorities fulfilling their legal dutie or if we are a party merger, reorganization, sale of our business or parts thereof. We use external processors for data, primarily various cloud services. We use only processors with high regard for data security and with whom we have processor agreements. Our processors do not store data outside EU/EEA and / or are compliant with the EU/USA Privacy Shield agreement. Our principal processors for customer data are:

  • Microsoft Inc.
  • ClickDimensions Inc.
  • Google Analytics by Google Inc.

Data protection

Access to system containing customer information is limited to those of our employees who have a need to process that data in execution of their employment duties. Our users have personal user ids and passwords to the system Data is stored in databases that are protected by firewalls, passwords and other technical means covered by data protection by design and default.

Cookies and tracking

Our website uses cookies and similar browsing features to track visitors. These are small files on your computer that are created by our website. We use both temporary, session-specific and persistent cookies. These allow us to collect technical features of your browser and computer which help us to improve our site to be more relevant and interesting to visitors. This data is mostly anonymous and your activities on our website cannot be attached to your other information. The exception to this is when you have downloaded material from our website, registered to our events or filled some other information form on our website. In that case, we are able to recognize your visits to our website for some time, unless you clear cookies from your browser.

Most web browsers accept cookies automatically, but you are free to modify your browser settings according to your privacy preferences. You can limit or forbid the sue of cookies. This does not affect your visits to our website, but may cause functional deficiencies on other websites.

Your legal rights

You have the following rights, which you can exercise by sending e-mail to dataprotection@fountainpark.fi. We may ask you to provide additional information to support your request, and to identify yourself. We can only decline your request on grounds included in the applicable law.

Right to access

You have a right to check what personal information we have on you. If you observe inaccuracies or deficiencies, you can request us to correct the information.

Right to object

You have a right to object to the processing of your personal data if you feel that we have processed your personal information illegally as whole or in parts. We can only decline your right for reasons outlined in the legislation, and if you feel we have exceeded that legal basis you have the right to file a complaint with the Finnish data protection authority. You have the right to also restrict our use of contested data while the matter is being processed.

Right to prevent direct marketing

You have a right to forbid us from using your information for direct marketing purposes. We never sell or otherwise transfer your personal information form marketing purposes. Our marketing emails always include the possibility to decline further messages.

We may use web advertising and targeting by companies such as Google, LinkedIn and Facebook. These companies do not have access to our data, and this advertising is based on cookies or on data you have granted these companies access to.

Right to erasure

If you feel that we are in breach of data protection statutes when processing your information, you have a right to file a complaint with The Finnish data protection authority.

Changes to this document

Fountain Park Oy reserves the right to modify this statement without notifying potentially affected persons. Visit our pages to check for updates.