Your privacy is important to us. At Nanoform, we have a few fundamental principles we abide by:
- We don’t ask you for personal data unless we need it.
- We don’t share your personal data with anyone except for purposes further specified below, for example to comply with the law or to protect your or our rights.
- We don’t store your personal data for longer than required for the purposes of the business relation between you and us.
- We aim to make it as simple as possible for you to control the use of your personal data collected by us.
How do we collect personal data about you?
We primarily obtain your personal data directly from you. You may provide us personal data for instance through our website, emails, phone conversations, meetings and documents. If you are a representative of our customer, supplier or a business partner, we may obtain personal data relating to you also from other representatives of your organization.
We also obtain personal data relating to you through automated technical means when you visit our website.
We may collect and update personal data from publicly available sources, or registers of authorities and companies providing services related to personal data.
What type of personal data do we collect?
The personal data collected and processed by us may include (but is not limited to) your name, address, email address, phone number, details related to any meetings or communications between us, and any other information you choose to provide to us.
If you are a representative of our customer, supplier or a business partner, the data may include also information related to the business relation between us and the organization you represent, such as ,the name of the organization, information related to the contract between us and the organization and your association with the contract, invoicing and payment details, as well as your title.
The data we collect through our website using automated technical means includes: the Internet protocol (IP) address used to connect your computer to the Internet, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform, and device identification number. We also collect information about your website visit including which website pages are accessed, page response times, and length of visits to pages.
How long do we retain your personal data?
We review our retention periods for personal data on a regular basis. We are legally required to hold some types of data for certain prescribed periods to fulfil our statutory obligations.
Outside of specific statutory obligations, we will hold your personal data for as long as it is necessary for the relevant purposes for which we use it, or in accordance with any retention periods set out in any relevant contract you hold with us. If you are a representative of our customer, supplier or a business partner, the retention period of your personal data is ultimately tied to the term of the business relation between us and the organization you represent. We may continue to store your personal data after the end of the business relation to the extent necessary for certain legitimate business interests or if the data is necessary for purposes of protecting our rights.
How do we use your personal data?
We use your personal data in the following ways:
- If you are a representative of a customer, supplier or a business partner, we mainly use your personal data for the purposes directly arising from the contractual or business relation between us and the organization you represent. These purposes include entering into a contract and performing our obligations based on the contract we have concluded with the organization you represent; taking care of, managing and developing our relation with the organization; and invoicing and keeping track of the accuracy of invoicing. The legal basis for this processing is our legitimate interest to conduct our business and your relation to the organization with whom we conduct our business.
- We may use your personal data to comply with a legal obligation based on e.g. tax or accounting related legislation to which we are subject.
- We may use your name, contact information and other relevant data to provide you with information you have requested from us, to respond to enquiries or requests from you and to communicate with you in relation to those enquiries or requests. Our legal basis for this use is our legitimate interest, namely carrying out activities in the course of Nanoform business in response to enquiries or requests from representatives of potential or existing customers, supplier and business partners.
- We may use your name, email address, and postal address to send you marketing communications e.g. to provide you with information regarding goods and services. Our legal basis for this use is our legitimate interest, namely the ongoing marketing of our goods and services to individuals or organizations.
- In addition, we may use your data for a limited number of other legitimate business interests, such as for ensuring and improving data security or the security of our premises and data network; protecting our property; preventing and investigating suspected malpractices; analyzing and compiling statistics for business purposes and to develop our business.
You may provide us data also based on your consent, for example, when you contact us to request information about us, our products or services.
We may use the data that we automatically collect using technical means through our website to:
- Administer our site and for troubleshooting, testing, research and statistical purposes. We use Google Analytics, a third-party website monitoring tool. For more information, see our . Our legal basis for this is our legitimate interest, namely monitoring the use of and improving our website.
- Measure or understand the effectiveness of our own advertising activity as well as our marketing emails. We use marketing software to track when individuals open emails and click on email links and to analyze subsequent behavior on our website. Our legal basis for this use is our legitimate interest, namely improving the relevancy of our advertising.
Who has access to personal data?
We may transfer your personal data to our service providers, including but not limited to:
- Business partners, suppliers and sub-contractors working on our behalf for the purposes of completing tasks and providing services to us or to you.
- Advertisers and advertising networks (including social media) in order to select and serve relevant adverts to you. See our Cookies Policy for more information.
When we use third party service providers, we have a contract in place that requires them to keep your data secure and otherwise process your data only for the limited purposes for which the data was transferred to such service providers in the first place.
We may disclose your personal data within the limits permitted or required by the applicable laws, for example where such disclosure is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person, or for the establishment, exercise or defense of legal claims, whether in court proceedings or in an administrative out-of-court procedure. In addition, we may disclose your personal data to a debt collection agency for purposes of debt collection, or to other service providers, but only to the extent that the fulfilment of their tasks require the disclosure of personal data.
Where you are a representative of a supplier or another business partner, we may disclose your personal data to our customers for purposes of carrying out our business.
In case of the sale of some or all of our business and assets, or in case any other business restructuring or reorganization, we may disclose personal data to the potential buyers and their advisors in accordance with the then current applicable laws.
In this section, we have summarized the rights that you have under data protection laws. Some of the rights are complex, applying only in certain circumstances and subject to certain exceptions, and in the interests of keeping this policy concise, not all of the details have been included in our summaries. Accordingly, you should read the relevant laws and guidance from the regulatory authorities for a full explanation of these rights.
You have the right:
- To object to us processing your personal data for marketing purposes. If you object, we will stop processing your personal data for this purpose. When we collect your data, you may be provided the possibility to choose whether or not you wish to receive marketing communications from us. If you wish to stop receiving marketing communications, you can opt out at any time by clicking an ‘unsubscribe’ link at the bottom of one of our emails or by contacting us by other means.
- To access the data we hold about you and certain information about our processing of it and your rights in relation to it.
- In certain circumstances, to obtain erasure of the personal data we hold about you, subject to certain exceptions.
- To rectification of any inaccurate personal data we hold about you.
- In certain circumstances, to obtain the restriction of our processing of your personal data or to object to us processing your personal data. If you object, we will stop processing your personal data unless certain exceptions apply.
- Where our legal basis for processing your personal data is your consent and we process your data by automated means, to be provided with the personal data we hold about you in structured, commonly used and machine readable format and to transmit the data to another controller.
- Where our processing of your personal data is based on your consent, to withdraw that consent at any time. If you withdraw your consent, we will stop the relevant processing, but it will not affect the lawfulness of our processing before the withdrawal.
To exercise any of these rights, email us at firstname.lastname@example.org or write to us at Cultivator II, Viikinkaari 4, FI-00790 Helsinki, Finland. In addition, you can exercise your right to object to electronic direct marketing at any time by clicking an ‘unsubscribe’ link at the bottom of one of our emails.
If you consider that our processing of your personal data infringes the data protection laws, you have the right to lodge a complaint with a supervisory authority responsible for data protection. You may do this in the EU member state of your habitual residence, your place of work or the place of the alleged infringement.
Security precautions in place to protect your personal data
We take appropriate technical and organizational precautions to secure your personal data and prevent its loss, misuse or alteration. Where we have given (or where you have chosen) a password which enables you to access certain parts of our websites, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.
The transmission of unencrypted (or inadequately encrypted) data over the internet is inherently insecure, and for this reason we cannot fully guarantee the security of data sent between us over the internet.
Cookies allow us to provide important site functionality so you don’t have to re-enter lots of information. They also allow us to remember what links and pages you have been on or viewed during a session. This helps us deliver a better, more personalized service to you.
It is possible to switch off cookies by setting your browser preferences. For more information on the cookies we use, visit our Cookies Policy.
Links to other websites
Our website may contain links to other websites run by other organizations. We are not responsible for the privacy practices of those organizations or the content of their websites. You should read the privacy policies of these organizations before providing them with any personal data.
Transferring your personal data outside of European Economic Area (“EEA”)
In this section, we provide information about the circumstances in which your personal information might be transferred to countries outside the EEA.
Some of our service providers to whom we transfer personal data are located or may store personal data outside the EEA area. To the extent we transfer personal data to such service providers, we will ensure that the country to which the personal data is transferred is approved as having a sufficient level of data protection by the European Commission, or we ensure that the transfer is governed by appropriate safeguards, such as the standard contractual clauses approved by the European Commission, or another lawful transfer mechanism.
For more information on cross-border transfers of personal data carried out by us and on the appropriate safeguards applied thereto from time to time, email us at email@example.com or write to us at Cultivator II, Viikinkaari 4, FI-00790 Helsinki, Finland.