Date of Last Revision: 20.3.2019
Data security and privacy are important to us. Every individual values privacy and so do we. That is why we are committed to respect your information security and follow all legislation concerning personal data management and privacy.
Why We Collect Data
Our Core Principles
Most companies in the digital business collect and manage personal data of their customers - so do we. We value your safety and privacy greatly and are committed to follow the legislation applied to personal data.
Personal Data Is Confidential
Your data is confidential and it is mostly managed by our own staff and for a limited part our subcontractors.
We collect and use personal data in an organised fashion.
It this in our interest to avoid excessive collecting, managing and storage of personal data.
Written Agreements With Subcontractors
We only use subcontractors who are willing to make a written agreement and commit to protection of personal data.
We Manage Personal Data for Our Customers' Benefit
Managing our customers' personal data is always based on written agreements and we don't use data in ways other than what is described in the agreements.
The Main Uses of Personal Data
For the biggest part we use personal data for delivering, marketing, billing and development of our services and management of customer relationships.
How Do We Use Your Personal Data
We collect, store and manage data only for predetermined purposes. You'll find our main uses for personal data below in this document.
Offering And Delivering Our Services
We manage personal data for customer relationship management purposes such as offering and delivering services, billing and debt collection, managing complaints, customer support and measuring customer satisfaction.
Part of our services are accessible via subscribing and logging in to our online service with personal account details. We use personal data also to communicate with our customers on matters related to services.
Marketing and Communications of Our Services
Within the limits of legislation and good faith we might use personal data in marketing purposes and direct marketing. This may include managing and analysing personal data in order to target marketing and services. We might, for example, show targeted messages or content in our channels based on your interests or online behaviour.
Development of Our Marketing Services
We believe in continuous development. We might use personal data also to develop our marketing services like service concept design and launching or improving our processes.
Meeting Statutory Obligations
Your data may be collected and managed also to meet statutory obligations like accounting and authoritative purposes.
Human Resources Management
Information concerning employees and job applicants is mostly managed only on human resources management purposes, to meet obligations in the contact of employment, to fulfill the statutory obligations of employment, as well as, to assess and choose job applicants for an open position.
Which Personal Data We Collect and Where?
For the major part we collect your data directly from you when in contact with you or when you are using our services. We might also collect data of our customers from public sources and registers like LinkedIn or other social media channels that are related to the services we offer.
We collect usage data of our websites and newsletters with Convert Kit, MailChimp, Google Analytics, Hotjar and HubSpot in order to analyze and develop them and to target relevant marketing to users of our services. In addition, we may from time to time use Facebook's, Instagram's and LinkedIn's ad pixels on our websites to show our customers relevant retargeting ads in other websites.
We mostly collect and manage our customers' (excluding potential customers), employees and job applicants data.
Typically we may get the following data from our customers:
Employer name, first name, last name, address, email, phone number, job title;
Information regarding customers' marketing permissions or prohibitions;
Classification data like interests provided by the customers;
Data provided by customers on contact forms or chat; Yhteydenottolomakkeiden ja chatin kautta syötetyt tiedot;
While using our services we may collect the following data:
IP address or other ID;
Order, billing and delivery data;
Data collected via cookies;
Usage data of our online services.
On other sources we might receive especially the following data:
Usage data related to newsletters and social media like Facebook and Instagram.
Regarding employee and job applicant data we mostly manage data received directly from the person and other data that is generated during the employment:
Personal data of the employee or job applicant;
Applicant CV, cover letter and referral data received upon permission of the applicant;
Data necessary to fulfilling the obligations and rights related to the employment;
Certain data of delicate nature (union membership and state of health) limited to exclusively to fulfilling employers' statutory obligations.
We might collect and manage other data upon your consent.
The Basis On Which We Process Your Information?
We make sure that we always have justification required by the law to manage your personal data. We might manage your data for more than one reason but we make sure that always at least one legislative precondition exists to manage the data.
We manage customer and marketing register data mostly in order to follow and prepare agreements, as well as, based on our legitimate interests that are specifically service delivery, customer management, direct marketing, product development, management of customer feedback and reclamations, as well as, offering maintenance and further development services.
Upon your consent we might manage other data or use your email address to send you newsletters and marketing messages. For the data we only manage upon your consent, you are free to withdraw your consent at any time.
We might manage your data also to meet statutory obligations.
Who Manages Your Data?
Your personal data is mostly managed by our own personnel.
Regarding our customers' personal data, we use subcontractors specifically to data storage, customer management (cloud storages, online course services, project management tools, communication tools and CRM), technical support, as well as, designing and implementing websites and apps.
Regarding personnel we use subcontractors specifically for financial management, payroll and online data storage (cloud storage).
We might also disclose information in order to meet agreement obligations or if required by the law or authorities.
We might also hand over your data should we take part in business acquisition.
Will Your Data Be Transferred Outside EU?
Your data might be transferred outside EU under certain circumstances. Some of the cloud services we use might be located outside EU. At times we have used system and design subcontractors that are located outside EU.
If your data is transferred outside EU, we make sure that the country is a country of sufficient data protection, transfer receiver is Privacy Shield certified (transfer receivers located in the USA) or that transfer is executed under the model clauses published by the European Commission. We always see through that the potential data transfer is executed with sufficient protection and as justified by the law.
How Long Is Your Data Stored?
We don't store your data longer than necessary or what our agreement or the law requires or allows. We store data only as long as it is needed for the purpose it was collected. Storage periods may variate depending on use of the data and other circumstances. How long data is stored may also be defined by legislation like accounting law. We aim to keep your information updated and unnecessary data will be deleted.
How We Protect Your Data?
Your information is primarily stored in digital format at our service provider's servers, which are protected according to general practises of the industry.
The personal data we collect remains confidential and is only disclosed to employees who need the data in their work and confidentially and limited by an agreement to our subcontractors.
Access to your personal data is limited and protected by user names, passwords and access rights. Our premises are locked and secured.
Is Providing Personal Data Mandatory?
We might use third party analytics software for collecting usage data and statistics from our apps and websites. These services might include services like Hotjar, HubSpot Analytics, Google Analytics, Localytics and MixPanel. We use these services for analyzing usage data and developing our services.
Cookies are short text files which network server stores to user devices. Cookies provide us information of how users use our services.
Which Rights And Choices Do You Hold?
Withdrawing Your Consent
If we are managing your data based on your consent, you may at any time withdraw your consent by sending us a request for example by sending and email to firstname.lastname@example.org.
Access To The Data
You hold the right to receive a verification of whether we manage your personal data, as well as, which data we manage. In addition, you hold the right to receive more specific information regarding the usage of your personal data.
Right to Have Errors Corrected
You hold the right to have insufficient, flawed or outdated personal data corrected.
Right to Forbid Direct Marketing
You hold the right to forbid the management of your personal data for direct marketing purposes. Please send us email at email@example.com.
Right To Deny Managing Your Data
If we manage you personal data for general benefit or for our justified benefit, you have the right deny the managing of your data for the part that is not justified by prominent reason that would supersede your rights or is not necessary to fulfil legislative requirement.
Please note that we will most likely not be able to be of service anymore in succession to the denial.
Right to Restrict Data Management
In certain circumstances you hold the right the demand us to restrict the management of your personal data.
Right to Have Data Transferred
If we have managed your data upon your consent or to fulfil an agreement, you have the right to receive your data in generally accepted format so that the data can be transferred to another service provider.
How Can I Execute My Rights
You can execute your rights described above by contacting us, for example, by contacting us at firstname.lastname@example.org.
Please provide us with your name, address and phone number, as well as, with copy of your passport, driving lisence or other idetification so that we can confirm your identity.
If you feel that managing your personal data is not legal, you can make a reclamation to competent authority (data protection supervisor).
Who Should I Contact Regarding Data Protection Matters
Your personal data is managed by Jiffel Music Ltd. Contact information of the company, data protection officer, and contact person are below.
Jiffel Music Oy
Business ID: FI-2036182-3
Jiffel Music's contact person and data protection officer: