Privacy Notice for Sparklike’s customer, marketing and stakeholder register
 

1       Controller

Sparklike Oy

Hermannin rantatie 12 A 21

00580 HELSINKI

Y-tunnus: 2632119-5

+358 10 387 7701

sparklike@sparklike.com

(hereafter “we” or ”company”)

2      Contact person for register matters

Fana Immonen

Hermannin rantatie 12 A 21

00580 HELSINKI

Phone: +358 44 2373770

Email: fana.immonen@sparklike.com

3      Name of register

CUSTOMER, MARKETING AND STAKEHOLDER REGISTER

4      What is the legal basis for and purpose of the processing of personal data?

The basis of processing personal data is  the company’s legitimate interest such as customer relationship management, invoicing or co-operation with company’s stakeholders and retail dealers, consent of the data subject or performance of a contract.

The basis of processing personal data is:

  • the delivery and development of our products and services,
  • fulfilling our contractual and other promises and obligations,
  • management of the customer relationship,
  • analyzing and profiling behaviour of a customer or other data subject,
  • direct marketing and electronic direct marketing,
  • targeting advertising in our and others’ online services

By completing a form at our website (http://www.sparklike.com or http://www.campaign.sparklike.com), the data subject accepts that we and our retail dealers located also outside the EU or EEA use the provided information for marketing purposes (including electronic direct marketing).

We use automated data processing and decision making (including profiling) to identify the data subjects’ segment and profiling, online behavior and  consumer habits.  

We use this information to target and develop marketing communication. The data is also used to develop our devices, services and platforms. For automated data processing purposes we use cookies or other tracking technologies.

5      What data do we process?

We process the following personal data of our customers or other data subjects (such as our potential customers, retail dealers and other stakeholders) in connection with the customer and stakeholder register:

  • Basic information on the data subject such as first name* and last name* of the data subject, country of residence*;
  • Contact information of the data subject such as job title, e-mail address, phone number, device serial number, work address*, website URL, company name*;
  • Information on the company such as Business ID, device maintenance description and relevant service dates;
  • Information on the customership and the contract such as past and current contracts and orders, details concerning the ordered products and their maintenance;
  • Information regarding the customer relationship management such as billing details*;
  • Information relating to direct marketing (inc. electronic direct marketing) including necessary consents and prohibitions;
  • Other possible information collected based on data subject’s consent such as customer life cycle stage and segmentation data;

Committing personal data marked with an asterisk (*) is a requirement for our contractual and/or customer relationship. Without necessary information we are not able to provide the product and/or service.

6      From where do we receive data?

We receive information primarily from following sources from the data subject (including form submissions at our website), distributors and representative officers, receiving business cards, contact information service providers and other similar reliable sources.

For the purposes described in this privacy notice, personal data may also be collected and updated from publicly available sources and based on information received from authorities or other third parties within the limits of the applicable laws and regulations. Data updating of this kind is performed manually or by automated means.

7      To whom do we disclose data and do we transfer data outside of EU or EEA?

We process information ourselves and use subcontractors that process personal data on behalf of and for us. Our subcontractors do process personal data outside of the EU or EEA.

We disclose personal data to our retail dealers such as distributors and representative officers in the EU or EEA as well as outside the EU or EEA.

We have taken care of appropriate safeguards for the transfer such as using standard data protection clauses, Privacy Shield or other mechanisms adopted by EU Commission.

8      How do we protect the data and how long do we store them?

Only those of our employees, subcontractors and retail dealers, who on behalf of their work are entitled to process customer data, are entitled to use a system containing personal data. Each user has a personal username and password to the system. The information is collected into databases that are protected by firewalls, passwords and other technical measures. The databases and the backup copies of them are in locked premises and can be accessed only by certain pre-designated persons.

We store the data as long as it is necessary for the purpose of processing the data on the basis of e.g. customer or stakeholder relationship management. Personal data in the customer, stakeholder and marketing register is erased after the claim period related to a specific customer relationship or the service has elapsed or the data related to marketing activities has been identified as outdated or inresponsive.

We estimate regularly the need for data storage taking into account the applicable legislation. In addition, we take care of such reasonable actions of which purpose is to ensure that no incompatible, outdated or inaccurate personal data is stored in the register taking into account the purpose of the processing. We correct or erase such data without delay.

9       What are your rights as a data subject?

As a data subject you have a right to inspect the personal data concerning yourself, which is stored in the register, and a right to require rectification or erasure of the data. You also have a right to withdraw or change your consent.

As a data subject, you have a right, according to EU’s General Data Protection Regulation (applied from 25.5.2018) to object processing or request restricting the processing and lodge a complaint with a supervisory authority responsible for processing personal data.

On grounds relating to your particular situation, you as a data subject have the right at any time free of charge to object profiling and/or other processing measures concerning you, when the processing of data is based on our legitimate interest. In relation with your request, the special particular situation to which the objecting of processing is based, must be specified. We may deny fulfilling the request only in accordance with compelling legitimate grounds.

As a data subject you also have the right to object processing, including profiling, in so far as it relates to direct marketing.

10   Who can you be in contact with?

All contacts and requests concerning this privacy notice shall be submitted in writing or in person to the person mentioned in section two (2).

11    Changes in the Privacy Notice

Should we make amendments to this privacy notice, we will place the amended notice on our website, with an indication of the amendment date. If the amendments are significant, we may also inform you about this by other means, for example by sending an email or placing a bulletin on our homepage. We recommend that you review this privacy notice from time to time to ensure you are aware of any amendments made.