Customer and marketing register of VirtualLawyer
Fondia Plc (primary responsible party) PL 4 020 7205 400 firstname.lastname@example.org
and our group companies: Fondia Legal Services, AB Fondia Baltic Oü
(hereafter ”We” or ”Fondia”)
Controller’s Contact Details
Name of this Register
CUSTOMER AND MARKETING REGISTER OF VIRTUALLAWYER
What is the Legal Basis for and Purposes of the Processing of Personal Data?
The basis for processing personal data is our legitimate interests (e.g. related to customer relationship management, invoicing and direct marketing), performance of a contract between us and compliance with our legal obligations.
The purposes of the processing of personal data are to:
- deliver and develop our products and services to better meet our customers’ needs,
- fulfill our contractual and other promises and obligations,
- take care of the customer relationship,
- analyse and profile the behaviour of the customer or other data subject,
- enable electronic and direct marketing, and
- target advertising in our online services.
We use the personal data stored in the customer register also for profiling purposes. Profiling is carried out by creating a unique customer ID or file (for example a cookie) for the data subject and storing this ID or file on the device of the data subject. This enables us or our subcontractor to combine the data generated by the use of different services, and to create a profile of the data subject’s behaviour. The purpose of this profiling is to identify customer behaviour to target marketing and develop our services to better meet our customers’ needs.
What Data Do We Process?
In connection with this customer and marketing register we process the following personal data of our customers or other data subjects:
- Basic information of the data subject such as name, username and/or other identifier, password, language of communication;
- Contact information of the data subject such as e-mail address, phone number;
- Information of the company and company’s contact persons such as Business ID and names and contact details of the contact persons;
- Information of the customership and the contract such as information of past and current contracts and orders, correspondence with the customer and other references, customer’s payment information and other information of the customership which the customer itself voluntarily has provided to our systems;
- Information of the connection and device the data subject is using such as the IP address, device ID or other device identifier and cookies;
- Information related to the data subject’s direct marketing opt-out
- Other possible information gathered with data subject’s consent.
From Where Do We Receive Data?
We receive information primarily from the data subjects themselves. In addition, we receive personal data from Fondia’s customer, supplier and marketing register (https://www.fondia.com/privacy).
Data collection and updating of this kind is performed manually or by automated means.
To Whom Do We Disclose Data and Do We Transfer Data Outside EU or EEA?
We disclose information from this customer and marketing register to our co-operation partners who do marketing and arrange campaigns and events with an on behalf of us, and who deem themselves to be data controllers instead of data processors working on our behalf (these parties include social media companies and advertisement networks). Otherwise we do not disclose the information to other parties except where legislation or an order by the authorities requires us to do so.
We both process information ourselves and use subcontractors that process personal data on behalf of and for us (a current list of our subcontractors may be found here: www.fondia.com/privacy/subcontractors). We have outsourced our IT management and the maintenance of our customer and marketing systems to outside service providers on whose servers the personal data are stored.
We transfer personal data outside EU/EEA as a part of our operations. When transferring personal data, we will make sure that the personal data in question is protected according to the privacy legislation in force from time to time by using the EU commission model clauses or by ensuring the data importer belongs to the Privacy Shield system.
By using cookies, Fondia may collect information about e.g. from which website the user has arrived, what pages the user is browsing and when, which web browser the user is using and the IP address of the device.
We use the information collected by the cookies typically for the following purposes:
Necessary cookies and service provision: Cookies are essentially necessary for the proper functioning of our website and they enable a good user experience. These cookies do not collect information that would enable us to identify the user.
Cookies that improve the site: By following the use of these cookies, we can improve the functioning of our website. We receive information e.g. about which parts of our website are the most popular, to which sites users leave from our website and where they arrive from as well as how long they stay on our site. We also receive information about which articles, pages and blog posts users read most often (so that we know which topics are popular).
Social media and targeted advertisement: By using these cookies we can make the content of the website as individually customized as possible, and thereby show e.g. targeted advertisement and content based on the user’s prior behavior. Fondia uses advertisement cookies managed by third parties in order to present its products both on its own website and on the sites of third parties. You can disable some of the third-party advertisement cookies from their site settings.
Our website may include links and connections to third party websites, products and services as well as so called community plug-ins of third parties (such as LinkedIn and Twitter). The third-party plug-ins integrated into the Fondia website are loaded from third party servers and thus the third party may install their own cookies on the user’s device. These third-party services and applications offered on the Fondia website are subject to the privacy policies or notices of such third parties. We recommend you to familiarize yourself with such third party privacy policies or notices.
The retention period of the cookies varies by cookie type. The session cookies elapse when you close the web browser. Permanent cookies usually have a term of use, which varies from two months to a couple of years.
How Do We Protect the Data and How Long Do We Store Them?
Only those of our employees, who on behalf of their work duties are entitled to process customer data, have access to the system containing personal data. Each user has a personal username and password to the system. The data is collected into databases protected by firewalls, passwords and other technical measures. The databases and the backup copies of them are located in locked premises and can be accessed only by certain pre-designated persons.
We store the data for as long as it is necessary for the purposes of the processing. Personal data in the customer and marketing register is erased after the claim period related to a specific customer relationship or service has elapsed. This period is by default ten (10) years. Data related to marketing activities is stored until further notice.
We regularly review the need for data storage taking into account the applicable legislation. In addition, we take all reasonable actions to ensure that no incompatible, outdated or inaccurate personal data are stored in the register taking into account the purposes of the processing. We correct or erase such data without delay.
What Are Your Rights as a Data Subject?
As a data subject you have the right to access the personal data stored in this register concerning yourself, and the right to require rectification or erasure of that data. You also have the right to withdraw your consent where we process your data based on consent.
As a data subject, you have the right, according to EU’s General Data Protection Regulation (applied from 25.5.2018), to object to processing or to request restriction of the processing, and to lodge a complaint with a supervisory authority.
On grounds related to your particular situation, you also have the right to object at any time to profiling and other processing concerning you, when the processing of data is based on our legitimate interest. In connection to your claim, you should identify the specific situation, based on which you object to processing. We can refuse to act on such request on legal grounds.
As a data subject you have the right to object to processing, including profiling, at any time free of charge in so far as it relates to direct marketing.
You may submit all requests and requirements concerning this section in writing to the address mentioned above in section "Controller’s Contact Details".