Privacy Promise

Customer & Marketing Register of GDPR Tech

The processing of personal data shall always be in line with the General Data Protection Regulation (GDPR), and in accordance with the country-specific data protection regulations applicable to the GDPR Tech.

GDPR Tech may update this Privacy Policy by updating it online. We recommend you read this Privacy Policy again from time to time.

Updated 21.2.2018

  1. Name and Address of the controller

  • GDPR Tech Oy (Salteam Oy)
  • Business ID: 2802636-8
  • Address: Puolikkotie 8, 5th floor, 02230 Espoo Finland
  • Phone: +358-40 5666 900
  1. Name and Address of the Data Protection Officer

The Data Protection Officer of the controller is:

  • CEO Juha Sallinen
  • Phone: +358-40 5666 900
  • Email: juha@gdprtech.com
  1. The purpose of personal data usage

GDPR Tech controls personal data for customer relations and handling other appropriate business matters, analysing and marketing. We only transfer data to our business partners on matters that are supported by the fundaments of our register.

The operation of GDPR Tech is based on legal business activity. We base our data control on EU regulation. We act based on these six points:

  • The data we control and process are based on the law, reasonable and transparent. This means that you may get your data whenever you want.
  • Our data has purposes of the processing – for example the data we collect is being used for only the purpose it was collected for. We do not hand over your data to any other authors unless necessary.
  • We minimize our data – we only control the data we need
  • Our data is as accurate as possible
  • We have determined the period of storage of personal data. Our data has specific retention period. After expiration of that period, the corresponding data is routinely deleted, as long as it is no longer necessary for the fulfilment of the contract or the initiation of a contract.
  • We only save uncorrupted and trustworthy data which is saved for example through backups
  1. Personal data on the register

  • First name and surname
  • Title
  • Contact information (for example name of the company, email address, phone number)
  • Other text information about the customer relation
  • Marketing permission or ban
  • IP address or other identifier
  • Data collected through cookies
  • Data from social media channels

Related to customer relationships we only save the minimum information which includes name, company and contact details.

  1. Sources of personal information

  • LinkedIn Sales Navigator, Google Analytics and the web form of our CRM tool
  • Based on our business intentions we also might collect names for example from media
  1. Data transfers

GDPR Tech might transfer the data to our partners based on current laws if the person has not denied data transfers. We only transfer data to our business partners on matters that are supported by the fundaments of our register.

  • We use email marketing tools. Only name, company and email address are saved there.
  • To control our customer relations, we use CRM tool which also has minimized information including name, contact details, and information about customership

Some of the tools GDPR Tech uses are located outside of the EU region. When transferring data outside of the EU region the law and the principles of data minimizing and reducing risk are always applied.

  1. The protection of the register

Electronic registers are protected by firewalls, passwords and other measures widely accepted by data security specialists. Manual records locate on premises which are restricted from outsiders. Only the employees and partners accepted by GDPR Tech have access to the register.