1. Introduction

This Privacy Statement applies to your use of Netcontrol’s website, Netcontrol products and services and to our marketing activities (collectively “Services”).

Netcontrol is a multinational organization and this Privacy Statement applies to the following companies in Netcontrol Group: Netcontrol Oy, Netcontrol AB, Netcontrol AS, Netcontrol SIA, Netcontrol UK (hereafter “we” or “Netcontrol”).

Netcontrol Oy is responsible for the processing of personal data at the group level for the purposes and on the legal basis defined in this notice, e.g., group level marketing and sales; sourcing, financial and other administration and business management; customer and supplier relationship management; and analysis and development of products, services, customer and supplier relationships and businesses.

Each company in Netcontrol Group is responsible for the processing of personal data for its own purposes on the legal basis defined in this notice, e.g.,  for the performance of a contract or the management of the customer or supplier relationship. For such purposes, it can process personal data which has been collected for the same purposes by the other companies in the group.

Netcontrol South Africa is listed under Netcontrol offices on this website. Netcontrol South Africa is licensed to use the logo and brand of Netcontrol, but is, in fact, an independent reseller of Netcontrol products and services. We do not share information systems nor do we transfer personal data in the form of leads, orders or other communications to or from Netcontrol South Africa.

1.1. Controller(s)

Netcontrol Oy (business ID: 0834163-5) and other companies in Netcontrol Group

1.2. Contact information of Netcontrol Headquarters

Netcontrol Oy, Karvaamokuja 3, FI-00380 Helsinki, Finland (telephone: +358 20 1520 600)

1.3. Contact point in privacy questions

You can always contact us by email to privacy@netcontrol.com or via mail at:

Netcontrol Oy
ATTN: Privacy Team
Karvaamokuja 3
FI-00380 Helsinki
Finland

You can also contact our local service points in each country of Netcontrol’s operations.

2. What does Netcontrol process and why?

Netcontrol does not provide Services to consumers, but engages only in business to business transactions. However, people are in the core of any organisation and therefore Netcontrol must process the personal data of the contact persons with the various stakeholders.

2.1. Types of personal data we process

We process the following personal data of the contact persons of our prospective, current, and former business customers, suppliers, business partners, potential customers and other professional contacts. The following categories of personal data are processed for the purposes described in section 2.2:

  • Basic information of the data subject such as name, title and profession, contact details (postal address, email address, phone number, place of work) and preferred communication language;
  • Marketing and Sales data, e.g. positions and activities in business and public service; professional preferences and interests; other interests and information provided by the data subject; marketing efforts performed; participation in events and possible information regarding the event, such as special diets; marketing permissions and consents, restrictions and bans;
  • User data for digital services, e.g. registration data required for an account, such as username, password and any other identifier; information about the service use, such as use and browsing information of the service properties through the account of the user; information collected using cookies and other similar technologies, such as the Netcontrol’s websites and pages browsed by the user, the device model, individual device and/or cookie identifier, the channel through which the service is accessed (web browser, mobile browser, application), browser version, IP address, session identifier, session time and duration, screen resolution and operating system. Please refer to our Cookie Statement for further details.
  • Data related to contacts and communication, e.g. feedback and contact requests, emails, digital forms, chat discussions.
  • Other possible information gathered with the data subject’s consent. Please refer to our Cookie Statement for further details.
2.2. Legal basis for and purpose of the processing of personal data

The legal bases for processing personal data are:

  • Performance of a contract between Netcontrol and its business customer, supplier or business partner as well as fulfilment of requests of the data subject prior to entering into a contract, e.g., requests for information or quotation, newsletter subscriptions or purchase orders
  • Management of a customer, supplier, partner or other similar relationship as the legitimate interest of Netcontrol
  • Netcontrol’s legitimate interest for direct marketing of products and services to the contact persons of the business customers
  • Consent of the data subject
  • Compliance with Netcontrol’s legal obligations imposed by national legislation in each country of operation

Personal data is processed for the following purposes:

  • Delivery of products and services
  • Creation, management and development of customer, supplier or other account and relationship between the Netcontrol and the customer, potential customer or business partner
  • Development of products, services and businesses
  • Communication with the customer or business partner, including customer and supplier feedback and satisfaction surveys;
  • Opinion polls, surveys and marketing research, promotional sweepstakes and contests
  • Detection, prevention and investigation of fraud and other criminal offences
  • Compliance with Netcontrol’s legal obligations and/or orders of other official authorities
  • Analyzing, profiling, segmentation, and statistics for the purposes explained above

3. From where do we receive data?

Our primary source of data are the data subjects themselves; for example, at the time of entering a contract, the data subjects provide their contact information as they are performing their duties as representative of a business.

You may also submit feedback, requests or other communications via our webpage, email or telephone, in which case you provide the information you deem necessary for us to have for contacting you. Such contacts are stored in our Customer Relationship Management System.

For the purposes described in this Privacy Statement, personal data may also be collected and updated from publicly available sources (e.g., social media) and based on information received from the authorities or other third parties (e.g., partners, authorities, from marketing sources) within the limits of the applicable laws and regulations.

4. To whom do we disclose data and do we transfer data outside the EU or the EEA?

Personal data will not be disclosed to external parties except when it is necessary to comply with the legal or contractual obligations of Netcontrol.

We disclose data to e.g. the following parties: our contractors, suppliers, Customer Relationship Management system operator, other business partners and service providers.

We may use subcontractors that process personal data on our behalf. We may outsource IT management to an external service provider, on whose administrated and secured server the personal data is stored. One example of such a situation is our use of cloud-based services to enable efficient day-to-day business. In such a case, we may transfer personal data to these subcontractors to the extent necessary for the provision of their services. These subcontractors will process the personal data on behalf of Netcontrol and must comply with our instructions and this Privacy Statement. Netcontrol will ensure through contractual measures that the personal data is processed in compliance with the legislation.

Our products and services may be provided using resources and servers located outside EU/EEA. Therefore, your personal data may be transferred across international borders outside the country where you use our services. In such cases we use measures to provide adequate protection for your personal data by using European Commission Standard Contractual Clauses or other legal and binding safeguards.

Personal data collected by a company in Netcontrol Group may be disclosed to the other Netcontrol Group companies when necessary to fulfil the purposes described in this Privacy Statement.

5. How do we protect the data and how long do we store it?

Only those of our employees who on behalf of their work are entitled to process customer data are entitled to use the system(s) containing personal data. Each user has a personal username and password to the system. The personal data is collected into databases that are on servers protected by firewalls, passwords and other technical measures reflecting the current best practices. The databases and their backup copies are in locked premises and can be accessed only by certain pre-designated persons.

We store personal data only as long as it is needed for us to fulfil our contractual and legal responsibilities, responsibilities towards our customers and authorities. Should you wish to have more details on the data we store of you and the applicable retention periods of that data, please contact us as instructed in section 1 of this Privacy Statement.

We evaluate the need for data storage regularly, taking into account the applicable legislation. In addition, we take such reasonable actions as are required to ensure that no incompatible, outdated or inaccurate personal data is stored in the register taking into account the purpose of the processing. We correct or erase such data without delay.

6. What are your rights as a data subject?

You have the right to inspect the personal data stored in the register concerning yourself and the right to demand rectification or erasure of the data.

Insofar as the processing is based on consent, you also have the right to withdraw or change your consent. Withdrawing your consent does not affect the lawfulness of processing before the withdrawal of the consent. You are entitled to prohibit the use of the data for direct advertising, telemarketing and other forms of direct marketing, as well as to prohibit the use of the data for use in questionnaires and market research even in situations where initial communication has been sent based on legitimate interest of Netcontrol.

You have the right to object to or demand restriction of the processing of your data and to lodge a complaint with the supervisory authority. Please find the contact information for the local Data Protection Authorities in the countries where Netcontrol offices are located in the last section of this Privacy Statement.

7. Cookie Statement

Netcontrol’s website uses cookies. Please review the full Cookie Statement.

8. Data protection authorities

You have the right to contact data protection authorities for inquiries, complaints and other guidance. Below you can find contact information for the local data protection authority in each country of Netcontrol’s operations.

Country Name of authority and  address URL
Finland Tietosuojavaltuutetun toimisto
PL 800
FI-00531 Helsinki
www.tietosuoja.fi
Latvia Datu valsts inspekcija
Elijas iela 17
Riga, LV-1050
www.dvi.gov.lv
Norway Datatilsynet
Postboks 458 Sentrum
NO-0105 Oslo
www.datatilsynet.no
Sweden Integritetsskyddsmyndigheten
Box 8114
SE-104 20 Stockholm
www.imy.se
United Kingdom The Information Commissioner
Wycliffe House
Water Lane
Wilmslow
Cheshire SK9 5AF
www.ico.org.uk