Privacy Notice for Potential Customers of N.Rich Technologies Products and Services

Data Subjects


This privacy notice explains how we collect and use personal data concerning the following groups of data subjects: Potential customers who are expected to have an interest in our products and services

Data Controller


N.Rich Technologies Oy c/o Kuopion Tilitieto Oy, Kirkkokatu 1, 70100 Kuopio, Finland email: privacy(at)n.rich. N.Rich Technologies Oy is a limited liability company established and operating under the laws of Finland.

Purposes of Processing


We may use the personal data we collect about you for the following purposes:
  • Further development of our products and services
  • Targeting and personalization of our products and services
  • Sales, commercial offers and other marketing
  • Market research and other statistical purposes
  • General administrative purposes and ensuring compliance with our legal and regulatory requirements

    Legal Bases of Processing


    For the activities described in this notice, we rely on the following legal bases for processing personal data:
  • Fulfilment of your requests prior to entering into a contract, for example, requests for information or quotation;
  • Compliance with our legal obligations, such as data retention obligations related to accounting and taxation;
  • Our legitimate interests to conduct and develop our business: This is the legal basis we mainly rely on for activities not covered by the above-mentioned legal bases, such as for managing our customer relationships as well as developing and marketing our products and services. In individual cases, and where legally required, we may also rely on your separate consent. You may later revoke your consent at any time.The marketing referred to above may include direct marketing carried out in accordance with Finnish laws and the Good B2B Email Marketing Practice maintained by the Data & Marketing Association of Finland (www.asml.fi), including e.g. email marketing directed at you based on your position or duties in your organization to the extent they are related to the services marketed. You have the right to opt-out of our direct marketing at any time by following the relevant instructions set out in each message.

    Categories and Sources of Data


    The types of information we may collect and use for the purposes detailed above are the following:
  • Information you provide to us yourself, such as your contact details or information necessary for the provision of our services
  • Customer account data gathered by us in the context of service provision or customer relationship management, such as details on your communication with us
  • Information related to you or your business and/or organization we have collected from publicly available sources, such as updates to your contact information from public registers or similar sources

    Disclosure and Transfer


    Where necessary for the purposes detailed above, your personal data may be disclosed to the following categories of recipients:
  • Our group companies
  • Our third party services providers who assist us in providing you with our products and services
  • Our service providers for the purposes of accounting, financial, ICT, legal and other services provided to us
  • Potential buyers (and their agents and advisers) in connection with any proposed purchase, merger or acquisition of any part of our business, provided that the buyer is informed that it must use your personal data only for the purposes set out in this notice
  • Competent courts, law enforcement bodies, or other authorities or third parties where we deem that disclosing your personal data is necessary for compliance with laws or regulations, or to exercise, establish or defend our legal rights, or to protect your vital interests or those of any other person
  • Any other person – but only with your separate consent

    As a general rule, your personal data will not be transferred to countries outside the European Union or the European Economic Area, except where the European Commission has held that the country ensures an adequate level of protection for personal data, or where we have taken appropriate safeguards to require that your personal data remains protected in accordance with this notice, such as by implementing the European Commission’s Standard Contractual Clauses for transfers of personal data. You may contact us for more information on the safeguards in place. In individual cases, however, such transfers may also take place based on your separate consent or in order to provide you with a service you have specifically requested, or where otherwise allowed by applicable data protection laws.

    Automated Decisions


    In order to optimize the products and services we offer, we reserve the right to make automated decisions, including using machine learning algorithms, about our potential customers.

    Data Retention


    We keep your personal data only as long as we have a legitimate business need to retain it for the purposes described above. We will regularly assess the existence of such need against the data we keep, and where we have no such ongoing business need, we will either erase or anonymize your personal data or, if this is not possible – for example, for information stored in backup archives – we will store your personal data securely and block any further processing until deletion is possible.

    Personal data related to a customer relationship will be usually retained only for the duration of the ongoing customer relationship and for a reasonable period thereafter in order for us to be able to answer inquiries related to the relationship. However, some data may be retained for longer where we believe retention is necessary for compliance with laws or regulations (such as in the fields of accounting and taxation), or to exercise, establish or defend our legal rights or those of our customers, affiliates or partners. We may also retain your email address to make sure we do not send you marketing communications you have decided to opt out from.

    Security


    To protect your personal data, we use appropriate technical and organizational measures designed to provide a level of security appropriate to the risk of processing.

    Data Subject Rights


    You have the right to obtain from us confirmation as to whether or not personal data concerning you is being processed by us, and where that is the case, access to that personal data as well as to have any inaccurate or incomplete personal data rectified or completed. In certain circumstances, you may also have the right to request the erasure, or the restriction of processing, of your personal data or parts of it, to object to the processing and/or to receive the data in a structured, commonly used and machine-readable format. Please contact us for any inquiries related to exercising the above rights. If you consider our processing activities of your personal data to be inconsistent with applicable data protection laws, you may lodge a complaint with the responsible supervisory authority. Contact information for the supervisory authority in Finland can be found here: www.tietosuoja.fi

    Changes


    We may update this notice from time to time in response to changing legal, technical or business developments. When we update this notice, we will strive to inform you in a manner consistent with the significance of the changes we make.