Date of last revision: 2020-05-05
Data security and privacy are important to us. All individuals value privacy and so do we. That is why we are committed to respect your information security and follow all legislation concerning personal data management and privacy.
Why We Collect Data
Our Core Principles
Most companies in the digital business collect and manage personal data of their customers - so do we. We value your safety and privacy greatly and are committed to following the legislation applied to personal data.
Personal Data Is Confidential
Your data is confidential, and it is mostly managed by our own staff and for a limited part, our subcontractors. We collect and use personal data in an organized fashion. It is in our interest to avoid excessive collecting, managing, and storage of personal data.
Written Agreements With Subcontractors
We only use subcontractors who are willing to make a written agreement and commit to the protection of personal data.
We Manage Personal Data for Our Customers’ Benefit
Managing our customers’ personal data is always based on written agreements and we don’t use data in ways other than what is described in the agreements.
The Main Uses of Personal Data
We mainly use personal data for delivering, marketing, billing, and development of our services and management of customer relationships.
How Do We Use Your Personal Data
We collect, store, and manage data only for predetermined purposes. You can find our main uses for personal data later in this document.
Offering And Delivering Our Services
We use personal data for customer relationship management purposes such as offering and delivering services, billing and debt collection, managing complaints, customer support, and measuring customer satisfaction. Parts of our services are accessible via subscribing and logging in to our online service with personal account details. We use personal data also to communicate with our customers on matters related to services.
Marketing and Communications of Our Services
Within the limits of legislation and good faith, we might use personal data in marketing purposes and direct marketing. This may include managing and analyzing personal data in order to target marketing and services. We might, for example, show targeted messages or content in our channels based on your interests or online behavior. Development of Our Marketing Services We believe in continuous development. We might use personal data also to develop our marketing services like service concept design and launching or improving our processes.
Meeting Statutory Obligations
Your data may be collected and managed also to meet statutory obligations like accounting and authoritative purposes.
Human Resources Management
Information concerning employees and job applicants is mostly managed only on human resources management purposes, to meet obligations in the context of employment, to fulfill the statutory obligations of employment, as well as, to assess and choose job applicants for an open position.
Which Personal Data We Collect and Where?
We mostly collect your data directly from you when in contact with you or when you are using our services. We might also collect data from our customers from public sources and registers like LinkedIn or other social media channels that are related to the services we offer.
We collect usage data of our websites and newsletters with Convert Kit, MailChimp, Google Analytics, Hotjar, and HubSpot in order to analyze and develop them and to target relevant marketing to users of our services. In addition, we may from time to time use Facebook’s, Instagram’s, and LinkedIn’s ad pixels on our websites to show our customers relevant retargeting ads on other websites.
Typically, we may collect data from our Customers including, but not limited to, the following:
- Employer name, first name, last name, address, email, phone number, job title
- Information regarding customers’ marketing permissions or prohibitions
- Classification data like interests provided by the customers
- Data provided by customers on contact forms or chat
- Customer feedback
While using our services we may collect the following data:
- IP address or other ID
- Order, billing and delivery data
- Data collected via cookies
- Usage data of our online services
On other sources we might receive especially the following data:
- Usage data related to newsletters and social media, e.g. Facebook and Instagram.
Regarding employee and job applicant data we mostly manage data received directly from the person and other data that is generated during employment:
- Personal data of the employee or job applicant
- Applicant CV, cover letter and referral data received upon permission of the applicant
- Payroll data
- Data necessary to fulfill the obligations and rights related to the employment
- Certain data of delicate nature (union membership and state of health) limited exclusively to fulfilling employers’ statutory obligations.
We might collect and manage other data upon your consent.
The Basis On Which We Process Your Information?
We make sure that we always have justification required by the law to manage your personal data. We might manage your data for more than one reason but we make sure that always at least one legislative precondition exists to manage the data.
We manage customer and marketing register data mostly in order to follow and prepare agreements, as well as, based on our legitimate interests in service delivery, customer management, direct marketing, product development, management of customer feedback and reclamations, as well as, offering maintenance and further development services.
Upon your consent, we might manage other data or use your email address to send you newsletters and marketing messages. For the data we only manage upon your consent, you are free to withdraw your consent at any time.
We might manage your data also to meet statutory obligations.
Who Manages Your Data?
Regarding our customers' personal data, we use subcontractors specifically for data storage, customer management (cloud storages, online course services, project management tools, communication tools, and CRM), technical support, as well as, designing and implementing websites and apps.
Regarding personnel, we use subcontractors specifically for financial management, payroll and online data storage (cloud storage).
Will Your Data Be Transferred Outside EU
Your data might be transferred outside the EU under certain circumstances. Some of the cloud services we use might be located outside the EU. At times, we have used system and design subcontractors that are located outside the EU.
If your data is transferred outside the EU; we make sure that the country is a country of sufficient data protection, the transfer receiver is Privacy Shield certified (transfer receivers located in the USA) or that the transfer is executed under the model clauses published by the European Commission. We always see through that the potential data transfer is executed with sufficient protection and as justified by the law.
How Long Is Your Data Stored?
We don't store your data longer than necessary, or what our agreement or the law requires or allows. We store data only as long as it is needed for the purpose it was collected for. Storage periods may vary depending on the use of the data and other circumstances. How long data is stored may also be defined by legislation like accounting law. We aim to keep your information updated and unnecessary data will be deleted.
How We Protect Your Data?
Your information is primarily stored in a digital format at our service provider's servers, which are protected according to the general practices of the industry.
The personal data we collect remains confidential and is only disclosed to employees who need the data in their work and confidentially and limited by an agreement to our subcontractors.
Access to your personal data is limited and protected by user names, passwords, and access rights. Our premises are locked and secured.
Is Providing Personal Data Mandatory?
We might use third-party analytics software for collecting usage data and statistics from our apps and websites. These services might include services like Hotjar, HubSpot Analytics, Google Analytics, Localytics, and MixPanel. We use these services for analyzing usage data and developing our services.
Cookies are short text files which a network server stores to user devices. Cookies provide us information on how users use our services.
Which Rights And Choices Do You Hold
Withdrawing Your Consent
If we are managing your data based on your consent, you may at any time withdraw your consent by sending us a request for example by sending an email to firstname.lastname@example.org.
Access To The Data
You hold the right to receive a verification of whether we manage your personal data, as well as, which data we manage. In addition, you hold the right to receive more specific information regarding the usage of your personal data.
Right to Have Errors Corrected
You hold the right to have insufficient, flawed, or outdated personal data corrected.
Right to Forbid Direct Marketing
You hold the right to forbid the management of your personal data for direct marketing purposes. Please send us an email at email@example.com.
Right To Deny Managing Your Data
If we manage your personal data for a general benefit or for our justified benefit, you have the right to deny the managing of your data for the part that is not justified by prominent reason that would supersede your rights or is not necessary to fulfill a legislative requirement.
Please note that we will most likely not be able to be of service anymore in succession to the denial.
Right to Restrict Data Management
In certain circumstances, you hold the right to demand us to restrict the management of your personal data.
Right to Have Data Transferred
If we have managed your data upon your consent or to fulfill an agreement, you have the right to receive your data in a generally accepted format so that the data can be transferred to another service provider.
How Can I Execute My Rights
You can execute your rights described above by contacting us, for example, by contacting us at firstname.lastname@example.org.
Please provide us with your name, address and phone number, as well as, a copy of your passport, driving license, or other identification so that we can confirm your identity.
If you feel that managing your personal data is not legal, you can make a reclamation to the competent authority (data protection supervisor).
Who Should I Contact Regarding Data Protection Matters
Your personal data is managed by Family in Music Ltd. Contact information of the company, data protection officer, and contact person are below.
Family in Music Oy
Business ID: FI-3003543-1
Family in Music's contact person and data protection officer:
Juka Hynynen, email@example.com