Netcontrol Privacy Statement for Business Customers, Suppliers and Leads

1. Introduction

This Privacy Statement applies to your use of Netcontrol’s website, products and services and to our marketing activities (collectively, “Services”).

Netcontrol is a multinational organization, and this Privacy Statement applies to the following companies that are part of Netcontrol Group: Netcontrol Oy, Netcontrol AB, Netcontrol AS, Netcontrol SIA, Netcontrol UK Ltd (hereafter “we” or “Netcontrol”).

Netcontrol Oy is responsible for the processing of personal data at the group level for the purposes and on the legal bases defined in this statement, e.g., group level marketing and sales; sourcing, financial and other administration and business management; customer and supplier relationship management; and analysis and development of products, services, customer and supplier relationships and businesses.

Each company in Netcontrol Group is responsible for the processing of personal data for its own purposes on the legal bases defined in this statement, e.g.,  for the performance of a contract or the management of the customer or supplier relationship. For such purposes, it can process personal data that has been collected for the same purposes by the other companies in the group.

This website lists Netcontrol South Africa under Netcontrol offices. Netcontrol South Africa has been licensed to use the Netcontrol brand, but it is, in fact, an independent reseller of our products and services. We do not share information systems with Netcontrol South Africa, nor do we transfer personal data in the form of leads, orders or other communications to or from that organisation.

1.1. Controller(s)

Netcontrol Oy (business ID: 0834163-5) and other companies in Netcontrol Group

1.2. Contact information of Netcontrol Headquarters

Netcontrol Oy, Takomotie 1-3, FI-00380 Helsinki, Finland (telephone: +358 20 1520 600)

1.3. Contact information for privacy questions

You can always contact us by email to privacy@netcontrol.com or via mail at the following address:

Netcontrol Oy
ATTN: Privacy Team
Takomotie 1-3
FI-00380 Helsinki
Finland

You can also contact our service points in each country of Netcontrol’s operations.

2. What does Netcontrol process and why?

Netcontrol does not provide Services to consumers; it engages only in business-to-business transactions. However, people are in the core of any organization, and Netcontrol must process the personal data of its contacts at various stakeholder organizations.

2.1. Types of personal data we process

We process the following personal data of the contact persons of our prospective, current, and former business customers; our suppliers and business partners; potential customers; and other stakeholders. For the purposes described in section 2.2, the following categories of personal data is processed:

  • Basic information of the data subject such as their name, title and profession; their contact details (postal address, email address, phone number, place of work) and their preferred communication language
  • Marketing and sales data, e.g., the data subject’s positions and activities in business and in public service; their professional preferences and interests; their other interests and the information provided by them; marketing efforts directed at them; their participation in events and related information, such as any special diets; their marketing-related permissions and consents, restrictions and bans
  • The data subject’s user data for digital services, e.g., the registration data required for an account, such as a username, a password and any other identifier; information about their browsing and service use through the user account; information collected by means of cookies and other similar technologies, such as the Netcontrol websites and pages browsed by the user, the device model or individual device they are using and/or a cookie identifier, the channel through which they access the service (web browser, mobile browser, application), their browser version, their IP address, the session identifier, the session time and duration, their screen resolution and operating system. Please refer to our Cookie Statement for further details.
  • Data related to contacts and communication, e.g., feedback and contact requests, emails, digital forms and chats.
  • Any other information gathered with the data subject’s consent. Please refer to our Cookie Statement for further details.
2.2. Legal bases for and purpose of the processing of personal data

The legal bases for processing personal data are:

  • Performance of a contract between Netcontrol and its business customer, supplier or business partner as well as fulfilment of the data subject’s requests before entering a contract, e.g., requests for information or quotation, newsletter subscriptions or purchase orders
  • Netcontrol’s legitimate interest in the management of a customer, supplier, partner or other similar relationship
  • Netcontrol’s legitimate interest for direct marketing of products and services to the contact persons of our business customers, suppliers and leads
  • Consent of the data subject
  • Compliance with the legislation of each country of Netcontrol’s operations

Personal data is processed for the following purposes:

  • Delivery of products and services
  • Creation, management and development of a customer, supplier or other account and the relationship between Netcontrol and the customer, potential customer or business partner
  • Development of products, services and businesses
  • Communication with the customer or business partner, including feedback and satisfaction surveys
  • Opinion polls, surveys and marketing research, promotional sweepstakes and contests
  • Detection, prevention and investigation of fraud and other criminal offences
  • Compliance with Netcontrol’s legal obligations and/or orders of other official authorities
  • Analyzing, profiling and segmentation for the purposes explained above

3. From where do we receive data?

Our primary source of data are the data subjects themselves; for example, at the time of entering a contract, a data subject provides their contact information as part of performing their duties as a representative of a business.

You may also submit feedback, requests or other communications via our webpage, email, telephone or in person, in which case you provide the information you deem necessary for us to contact you. Such contacts are stored in our customer relationship management system.

For the purposes described in this Privacy statement, personal data may also be collected and updated from publicly available sources (e.g., social media) and based on information received from the authorities or other third parties (e.g., partners, authorities, survey tools, email marketing platforms and website visitor identification tools) as permitted by applicable laws and regulations.

4. To whom do we disclose data, and do we transfer data outside the EU or the EEA?

Personal data will not be disclosed to third parties except when this is necessary to comply with Netcontrol’s legal or contractual obligations.

We disclose data, e.g., to the following parties: our contractors, suppliers, customer relationship management system operator, other business partners and service providers.

We may use subcontractors who process personal data on our behalf. We may outsource IT management to an external service provider, on whose administered and secured server the personal data is stored. One example of such a situation is our use of cloud-based services to enable efficient day-to-day business. In such a case, we may transfer personal data to these subcontractors to the extent necessary for the provision of their services. These subcontractors will process the personal data on Netcontrol’s behalf and must comply with our instructions and this Privacy statement. Through contractual measures, Netcontrol will ensure that the personal data is processed in compliance with applicable laws.

Your personal data may be transferred outside the country where you use our services. Personal data is generally stored within the EU / EEA, but it may be transferred elsewhere when this is necessary. In such cases, we use measures to provide adequate protection for your personal data by using European Commission Standard Contractual Clauses or other legal and binding safeguards.

Personal data collected by a company in Netcontrol Group may be disclosed to the other Netcontrol Group companies when that is necessary to fulfil the purposes described in this Privacy Statement.

5. How do we protect the data and how long do we store it?

Only those of our employees responsible for the processing of personal data are entitled to use the system(s) containing such data. Each user has a personal username and password to those systems. The personal data are is collected into databases on servers protected by firewalls, passwords and other technical measures reflecting the current best practices. The databases and their backup copies are kept in locked premises and can be accessed only by predesignated persons.

We store personal data only as long as it is needed for us to fulfil our contractual and legal responsibilities, responsibilities towards our customers and authorities. or us to fulfil our contractual and legal responsibilities and our responsibilities towards customers and authorities. Should you wish to have more details on the data we store on you and the applicable retention period of those data, please contact us as instructed in section 1 of this Privacy Statement. Should you wish to have more details on the data we store of you and the applicable retention periods of that data, please contact us as instructed in section 1 of this Privacy statement.

We regularly evaluate the need for data storage, considering the applicable legislation. In addition, we take such reasonable actions as are required, considering the purpose of the processing, to ensure that no incompatible, outdated or inaccurate personal data is stored in our databases. We correct or erase such data without delay. Some systems have a grace period during which the data remains retrievable but after which the data is fully deleted.

6. What are your rights as a data subject?

You have the right to inspect your personal data stored in our databases and the right to demand the rectification or erasure of that data.

Insofar as the processing is based on consent, you also have the right to withdraw or change your consent. Such withdrawal does not affect the lawfulness of the processing that took place before the withdrawal. You are entitled to prohibit the use of the data for direct advertising, telemarketing and other forms of direct marketing, as well as to prohibit the use of the data in questionnaires and market research, even in situations where the initial communication was based on Netcontrol’s legitimate interest.

You have the right to object to or demand restriction of the processing of your data and to lodge a complaint with the supervisory authority. Please find in the last section of this Privacy Statement the contact information for the local Data Protection Authorities in the countries where Netcontrol offices are located.

7. Cookie Statement

Netcontrol’s website uses cookies. Please review the full Cookie Statement.

8. Data protection authorities

You have the right to contact data protection authorities for inquiries, complaints and other guidance. Below you can find contact information for the local data protection authority in each country of Netcontrol’s operations.

 

CountryName of authority and  addressURL
FinlandTietosuojavaltuutetun toimisto
PL 800
FI-00531 Helsinki		www.tietosuoja.fi
LatviaDatu valsts inspekcija
Elijas iela 17
Riga, LV-1050		www.dvi.gov.lv
NorwayDatatilsynet
Postboks 458 Sentrum
NO-0105 Oslo		www.datatilsynet.no
SwedenIntegritetsskyddsmyndigheten
Box 8114
SE-104 20 Stockholm		www.imy.se
United KingdomThe Information Commissioner
Wycliffe House
Water Lane
Wilmslow
Cheshire SK9 5AF		www.ico.org.uk

[Last updated: 2025-08-08]