Seidat Privacy Policy

Effective as of 25 May 2018.

We at Seidat Ltd. (later; “Company”, “We”, “Us”, “Seidat”) are committed to protecting your privacy. This Privacy Policy details our data collection, processing and usage practices. This Privacy Policy applies to the websites and services we control (www.seidat.com, app.seidat.com and other websites under the seidat.com domain). Capitalized terms that are not defined in this Policy have the meaning given in our Terms of Service.

This Policy explains how we collect, process, and protect personal information as part of the Service. Discussion of your use of the Service in this Policy refers to both visits and other interactions with the websites and Services, whether or not you are registered user of the Seidat Platform. If you do not agree with or are uncomfortable with any aspect of this Policy or the Terms of Service, you should stop accessing or using our Services.

We periodically update this Privacy Policy. The latest version will be on this page. If the changes are significant we will also notify all users through email or the Service. If you have any questions about this Privacy Policy or our treatment of your personal data, please contact us at support@seidat.com.

Purpose of collection and processing

Personal data is used for orders, billing, recovery, contacts, transactions, customer enquiries, service development, reporting, marketing, and other customer relationship management measures. Purchasing, transaction and location information can also be used for profiling and targeting marketing activities and customer communications to make them more interesting to the registered. Personal information is also used when sending newsletters, or when people attend events and other marketing activities.

Data content and information categories

Data that can be used includes contact persons of the controller’s current or past customer organisations, persons with connections to the controller, Seidat service users or persons who approved the marketing.

The registry may contain data from the following information categories relevant to the purpose of the use of the registry:

  1. Basic information such as name and contact details (address, email address, telephone number) of the controller’s current, past or potential customer organisations as well as their contact persons’ name and contact details.
  2. Information relating to the customer relationship between the controller and the registered persons, such as information on orders or appointments, possible direct marketing permits and prohibitions, emails, and other communications between the parties, and related information.
  3. Data, including the first and last name, address, contact details, position, employer, username and password of a person registered in the controller’s Seidat service or its ancillary service, or information obtained through the application and the various functions contained therein, such as location and information the user has provided in the application.
  4. Transaction information from the controller’s website on different websites, information on behaviour on websites and other related category information, participation in events, contacts made with customer service, contacts made with other Seidat employees and services, and information related to subscribing to the newsletter.

Legal basis for collection and processing

We are required under Data Protection Laws to notify you about our purposes and the legal basis for processing your personal information.

Purpose of processing:

To ensure network and information security
We process your information to:

    • Ensure the security of our services.
    • Monitor and verify service access.
    • To comply with applicable security laws and regulations.

Legal basis: Legal obligation

To enforce our Terms of Service
We have Terms of Service that define how our Services may be used. We may process your information to:

  • Investigate, prevent or mitigate prohibited or illicit activities.
  • Collect fees based on you or your company’s use of the Service.

Legal basis: Contract

To provide our Services
We process your information to provide our Services. For example for:

  • Transactional emails & onboarding.
  • User identification within teams.
  • Tracking of user activity within teams.

Legal basis: Contract

To provide customer service
We process your information to respond to your questions, issues, requests or other feedback regarding our Services. We may also process your information in issues related to your Teams.

Legal basis: Contract

For research and development
We may process your information to better understand you and how you use our Services, in order to improve the current Services or potentially develop new Services. We may also process your information in order to resolve bugs or issues in the Service.

Legal basis: Legitimate interest

For direct marketing
We may collect and process your information in order to contact you and offer services we believe could interest or benefit you.

Legal basis: Legitimate interest

For other marketing activities
We post and share customer testimonials on our Websites and social media accounts, which may contain Personal Information. We obtain each customer’s explicit consent before sharing any testimonial or name.

Legal basis: Consent

Regular sources of information

Information provided by the customer, customer data system and billing database, user and transaction information on websites, blogs and newsletters, information on customer relationship management and customer service systems and Seidat service information, partners and companies and authorities offering personal information services.

Regular disclosure of information

Collected information can be shared with Seidat Ltd’s dealers or subcontractors. Seidat Ltd can also outsource the processing of your personal data to companies outside the enterprise which may also be in countries outside the European Union and the European Economic Area, such as the United States of America. These companies can process personal data to provide, for example, infrastructure and IT services, or other services. In such cases, sufficient data security and the handling of the data are taken care of by an EU-U.S. – Privacy Shield arrangement, or by contract using templates approved by the EU Commission.

Principles of data protection

The information is technically protected. Physical access to data is blocked by access control, as well as other security measures. Access to information requires adequate rights and multi-stage identification. Unauthorised access is also prevented by firewalls and technical protection. The information can only be accessed by the controller and by specially designated technical persons. Only designated persons have the right to process and maintain the data. Users are bound by professional secrecy. The information is backed up safely and can be restored as needed. The level of secrecy is audited at recurring intervals either by external or internal auditing.

Your rights

You have rights to your Personal Information as described below. You can exercise these rights by contacting us at support@seidat.com. We may take steps to verify your identity before we consider or comply with your request. Your rights are however not without limit, and may be denied e.g. when required by law. This list is not exclusive.

  • You have the right to check what personal information we hold on you.
  • You have the right to amend any incorrect information.
  • You have the right to withdraw consent in the cases where our processing relies on your consent.
  • You have the right to request that we do not contact you for direct marketing.

Controller

Seidat Ltd
Epicenter Helsinki
Mikonkatu 9, 00100 Helsinki
Finland
‍support@seidat.com
www.seidat.com

Contact person

Paulus Perkkiö, CEO
support@seidat.com
www.seidat.com