Updated 13 November 2023
1. General
We are committed to respecting your privacy and processing your personal data in accordance with the applicable data protection legislation. This document concerning the processing of your personal data (“Privacy Policy”) aims to fulfill our obligation to inform you as a data subject regarding our personal data processing practices and your rights as the data subject, as required by the General Data Protection Regulation 2016/679 of the European Union ("GDPR"). We reserve the right to reasonably amend this Privacy Policy and kindly ask you to visit this page recurringly and review this Privacy Policy for possible changes.
Our website may also include links to websites and services operated by third parties, for which this Privacy Policy does not apply. Rather, we encourage you to consult the respective privacy policies of those third parties, would they apply to you.
2. Contact information
Utopia Analytics Oy (“we”), acting as the data controller in accordance with this Privacy Policy.
VAT ID: FI26411588
Data Protection Officer
Mikonkatu 6 C FI-00100, Helsinki,Finland
dpo@utopiaanalytics.com
3. Categories and sources of personal data as well as the purposes and legal bases for the processing of personal data
Categories of Personal Data
Purpose of processing
Source of personal data
Legal basis for processing
Customer’s contact and communication data, such as company name, contact person, phone number, email address, position/role and personal data contained in surveys and messages between us and the data subject. We may also collect meeting details and data necessary (e.g. specific interest/reference expressed by data subjects or observed by us) to tailor our offers and services to the customer.
Customer relationship management; Fulfilling of contractual obligations towards the customer; Invoicing; Service development; Marketing of new services
Data subjects themselves; Public registers; Company websites; Data may be also obtained in the course of business
Consent; Legitimate interest of the data controller (communicating with customer, customer relationship management, marketing of new services); Legal obligations; Performance of a contract
Potential customer’s contact and communication data, such as company name, contact person, phone number, email address, position/role and personal data contained in surveys and in certain messages between us and the data subject. We also collect data necessary to tailor our offers and services to the potential customer.
Obtaining new customers; Service development; Marketing
Data subjects themselves; Public registers; Company websites; Our business partners; Data may be also obtained in the course of business
Consent; Legitimate interest of the data controller (marketing our services and communicating with potential customer)
Job applicant’s data, such as name, address, phone number, employment background, academic history, data on aptitude assessments, photographs, identity data on referees, data collected from referees, and other information the applicant provides in, for example, a resume or a cover letter
Recruitment of employees
Data subjects themselves and with their consent, their referees
Consent; Actions necessary prior to entering into an employment contract; Legitimate interest of the data controller (recruitment of the appropriate employee)
Website visitor’s data, such as IP address and other observed data (see cookie policy)
Developing the website; Marketing; Statistics; Ensuring that the website works properly and in a secure manner
Personal data accumulated by website visits; Our business partners
Consent; Legitimate interest of the controller (ensuring the security and functioning of the website)
Data of other persons contacting us, such as name, phone number, email address of the data subject, meeting/event details, personal data contained in certain communications between us and the data subject.
The purpose can vary pursuant to the nature and contents of the contact. The purpose can be answering to your enquiries, event/meeting organization and/or taking other necessary actions pursuant to your request(s).
Data subjects themselves
Consent; Legitimate interest of the controller (answering to your enquiries)
4. How long do we store your personal data?
We will store your personal data for the period of time required for the purpose of processing listed above, unless mandatory laws require us to store certain personal data for longer. The storage period may differ greatly from one type of processing to another.
5. Where is your personal data stored and where is it transferred to?
We aim to store your personal data within the European Union and the European Economic Area (“EU/EEA”). However, due to certain systems and services used to support our business and providing our services, some personal data may be transferred outside the EU/EEA. We ensure such transfers are in accordance with applicable data protection legislation, e.g. by means of the personal data remaining in a country recognized by the European Commission as ensuring an adequate level of protection, by using the European Commission’s Standard Contractual Clauses, or by means of other transfer mechanisms designated by the GDPR, and where necessary, additional safeguards.
6. Who may we disclose or transfer your personal data to?
Your personal data may be shared with and processed by our partners and subcontractors for the purposes of marketing, sales, accounting, recruiting, website maintenance, statistics, invoicing as well as providing our services.
We may also share personal data with third parties where such is reasonably necessary to meet any obligations of applicable legislation and / or authority order, or to detect, prevent, or otherwise address crime or security issues.
7. Your rights as a data subject
As a data subject, you have the following rights.
- The right to access: You have the right to request copies of your personal data. However, to protect the confidentiality of our clients, we may not agree to requests for data that could jeopardize the processing of confidential client data.
- The right to rectification: You have the right to request that we correct any information you believe is inaccurate. You also have the right to request us to complete the information you believe is incomplete.
- The right to erasure: You have the right to request that we erase your personal data, under certain conditions.
- The right to restrict processing: You have the right to request that we restrict the processing of your personal data, under certain conditions.
- The right to object to processing: You have the right to object to our processing of your personal data, under certain conditions.
- The right to data portability: You have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.
- The right to withdraw consent: Where personal data processing is based on your separate consent, you have the right to withdraw your consent. The withdrawal shall not affect the lawfulness of processing based on consent performed before the withdrawal.
Please send your request to our contact address mentioned above. You may need to provide proof of your identity or answer certain questions for us to be able to process your request.
As a data subject you are always entitled to contact the relevant data protection authority in case of complaints. In Finland, the supervisory authority is the Data Protection Ombudsman. Further information is provided at www.tietosuoja.fi.
An error has occurred somewhere and it is not possible to submit the form. Please try again later or contact us.
