What is a Privacy Statement and Why it is Important?

We know your personal information is important to you and it is also important to Confidex. This Privacy Statement tells you what we use your personal information for and explains your rights around how we use it. Please read this Privacy Statement to understand how and why we use your personal information.

Who Controls Your Information?

For the purposes of the applicable data protection legislation, Confidex is the data controller. You will find our contact details in the “Contact us” section below.

Information We May Collect and Process

We may collect and process the following categories of data:

  • Information you give us
  • Full Name
  • e-mail address
  • telephone numbers
  • business address
  • job title

Why We Collect and Process Your Information?

Without collecting and using the information you provide to us or we obtain about you, it would not be possible for us to provide you with our products and/or services.

We use information held about you in the following ways:

Information you give to us. We will use this information:

  • to carry out our obligations arising from any contracts between you and us and to provide you with the information, products and services that you request from us;
  • to provide you with information about new products or services we offer
  • to contact you from time to time for market research purposes. We may contact you by email, phone, fax or mail.

Information we collect about you. We will use this information:

  • to improve our products and services to ensure that content is presented in the most effective manner for you
  • to measure or understand the effectiveness of marketing and product information we serve to you and others, and to help deliver the most relevant information to you;

We must have legitimate interest to collect and use your personal information, the below sets these out:

Needed for your contract. Personal information about you is held and used to:

  • provide you with a quote
  • provide you with information about the product or service
  • deliver products you have ordered from us
  • receive payment
  • provide customer care and service

Required by law: We use your personal information to comply with any law and regulations where we are required to do so.

With your consent: For certain of our uses, we rely on your consent to collect and use your personal information. You are given the choice to provide consent or not. When we collect your consent, we explain what we need it for and how you can change your mind in the future.

Who We Share Your Personal Information With?

We may share your information with selected third parties including:

  • Third-party service providers to provide logistic services for our product deliveries
  • Partners who provide payment processing facilities on our behalf
  • Analytics and search engine providers that assist us in the improvement and optimization of our products or services.

If a service provider needs to access information about you to perform services on our behalf, they do so under close instruction from us, including policies and procedures designed to protect your information.

We may disclose your personal information to third parties:

  • In the event that we dispose of or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.
  • If Confidex or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.
  • If we are under a duty to disclose or share your personal data to comply with any legal obligation, or in order to enforce or apply our terms of use and other agreements; or to protect the rights, property, or safety of Confidex, its customers, or others.

Data Retention Periods

It is our aim to only hold your data for as long as this is necessary. While you continue as a customer or supplier with us we will retain your data as detailed above in this statement. The retention period will be 24 months from the date of termination of our terms of service. This retention period allows for the data to be reused where necessary. However, you can request that your Data is deleted at any time within this period. We will respond to your request and complete the full deletion within 30 days.

Specific legal periods are in place for payments details, tax and invoicing data, and this would be retained in accordance with the law (which is currently six years).

Security

We are committed to protecting the security of your personal data. We use a variety of security technologies and procedures to help protect your personal data from unauthorized access and use.

As effective as modern security practices are, no physical or electronic security system is entirely secure. The transmission of information via the internet is also not completely secure. We cannot guarantee the complete security of our databases, nor can we guarantee that information you supply will not be intercepted while

being transmitted to us over the Internet. We will continue to revise policies and implement additional security features as new technologies become available.

Although we will do our best to protect your personal data, we cannot guarantee the security of your personal data transmitted to us. Any transmission of data is at your own risk. Once we receive your personal data, we use appropriate security measures to seek to prevent unauthorized access.

Your Rights

As an individual, under EU law you have the right to request that we:

  • provide you with information as to whether we process your data and details relating to our processing, and that we provide you with a copy of your data (‘access right’).
  • rectify and/ or update any inaccurate data we might have about you without undue delay (‘right to rectification’).;
  • the right to object to processing of data relating to you (‘right to object’).
  • under certain circumstances, be restricted from processing your data (‘right to restriction’).
  • under certain circumstances, erase your personal data without undue delay (i.e. the “right to erasure”). and under certain circumstances, furnish you with the personal data which you provided us within a structured, commonly used and machine readable format (‘right to data portability’).

Where we process your data solely based on your consent, you are entitled to withdraw your consent at any time. This will not affect the lawfulness of our processing before the withdrawal.

The exercise of your rights might be subject to certain conditions and we might require further information from you before we can respond to your request.

Changes to This Statement

We reserve the right to change this Statement from time to time in our sole discretion. If we make any changes, we will publish those changes on our website. At the bottom of this document you will find the date on which this Statement was last updated.

Contact Us

Questions, comments, requests and complaints regarding this Statement and the information we hold are welcome and should be addressed to us at GDPR@confidex.com. Our aim is to deal with all requests promptly and efficiently.

Last updated: 24 May 2018

Confidex Oy
Lumpeenkatu 6
FI-33900 Tampere
Finland