<img height="1" width="1" style="display:none;" alt="" src="https://dc.ads.linkedin.com/collect/?pid=70416&amp;fmt=gif">

Eficode Privacy Policy

This privacy policy details how Eficode uses and protects personal information (“personal data”) it collects, stores or otherwise processes. Eficode is committed to protect the rights of all individuals (“data subjects”) of whose personal data is processed. All data will be processed securely and used only as described in this privacy policy.

This policy may be updated from time to time to ensure that the policy fully respects the rights of the data subjects and the legislation(s) governing the use of personal data, such as the EU GDPR General Data Protection Regulation. Eficode controlled registries containing personal data is listed below. You always have the following rights with regards to any or your personal data stored in the registries:

  • Right to enquire whether your data is being processed and what the data is
  • Right to ask us to update any incorrect or missing data
  • Right to ask us to stop using the data for a specific purpose or for all purposes and/or request it’s deletion
  • Right to appeal to the data protection officials should you feel that our processing does not follow the legislation or you think that your rights are otherwise not observed

General queries related to this privacy policy, the security of personal data, enquiries about your personal data and/or requests to update or delete your personal data can be sent via email to: dataprotection@eficode.com. You may also use the form below.

 

Data queries

 

Eficode Website and Cookies

We use cookies in our website for better user experience and content targeting. By connecting information based on cookies and your possible form submit(s), we create a personal profile of you, which helps us to offer you personalized information and content in different channels.

We collect cookie information with Google, Hubspot, Facebook and LinkedIn tracking codes. In this website, we use a Google AdWords cookie, which is used to target marketing activities in Google ad network with user lists. Users are not recognized from the information which are linked based on cookie information. Please notice, that you can always decline the Adwords marketing based on cookie information. Read more here

We always ask permission to collect cookie information when you access our website for the first time with a specific device. Most of the browsers accept cookies automatically but you can always edit your browser settings and remove the cookies. You can avoid cookies by changing your browser settings.

Tracking information based on cookies and Google AdWords is stored for 26 months after which the information is removed.

 

Eficode Marketing Registry

Name of the registry: Eficode Marketing Registry

Last updated: 17.5.2018

Description: Registry description of personal data file according to Section 10 of the Personal Data Act (Finland) and Regulation (EU) 2016/679 of the European Parliament and of the Council.

 

Controller of the registry

Eficode Oy

Pohjoinen Rautatiekatu 25

00100 Helsinki

Queries related to the registry can be sent via email to: dataprotection@eficode.com. You may also use the form above in this page to contact us.

 

The purpose and justification of processing the personal data

The personal data stored to the registry file are used for marketing purposes. The data is used to direct marketing communications with which Eficode markets it’s or it’s partners products and services. The registry is also used for marketing related to events organized by Eficode or it’s partners.

The data is processed due to the legitimate interests pursued by Eficode.

 

Description of the group of data subjects and the data related to them

The personal data of the following groups of data subjects are processed:

  • Eficode’s customers, including contacts working in management, purchasing or similar positions of the customers
  • Eficode’s potential customers, including contacts working in management, purchasing or similar positions of the potential customers
  • Persons that have registered to Eficode mailing list(s) and subscribed to newsletter(s)
  • Persons that have registered to Eficode event(s)
  • Persons who have requested any other information from Eficode by entering personal data to a data form and thus agreeing to the related terms (e.g. contact form, material download form)

The following data is inputted to the registry file:

  • Basic personal information
    • person name and contact information (e.g. telephone and email)
    • used for identifying the person(s) and contacting them
  • Organization and title
    • organization contact information (e.g. telephone and address)
    • title of the person within the organization
    • used for targeting the communication
  • Other information submitted by the person him/herself

 

Regular destinations of disclosed data and whether data is transferred to countries outside of the European Union or the European Economic Area

The personal data may be disclosed to other companies belonging to the same group (concern). The current concern mother company is TCG Tech Consulting Group Oy. The subsidiary companies that information may be shared between are Eficode Oy (including it’s subsidiaries) and ePassi Payments Oy (including it’s subsidiaries).

The data is not disclosed or transferred outside of the European Economic Area except for organizations that have been certified to the privacy shield framework.

 

Duration of the processing

The customer data may be kept in the registry for as long as the customer relationship is active and for the period of five years after it. Information that is needed for accounting and taxation purposes may be stored for ten years due to legal requirements.

Other data will be kept for two years at a time. This duration will be extended one year at a time if the information has been actively used, the legitimate interest to keep the data is still valid and the information is still accurate.

Inaccurate data will be removed periodically once a year.

The data will be based on the information submitted by the data subject and kept up to date as and when new information is submitted.

 

Description of the principles in accordance to which the data file has been secured

Personal information is handled confidentially. The data file can only be accessed by persons who require the data while performing their tasks or duties. The registry is fully electronic and it has been secured reliably using appropriate technical security measures such as firewalls and backup procedures. All service providers hosting the information have signed an appropriate data protection agreement with Eficode.

 

Eficode Recruitment Registry

Name of the registry: Eficode Recruitment Registry

Last updated: 17.5.2018

Description: Registry description of personal data file according to Section 10 of the Personal Data Act (Finland) and Regulation (EU) 2016/679 of the European Parliament and of the Council.

 

Controller of the registry

Eficode Oy

Pohjoinen Rautatiekatu 25

00100 Helsinki

Queries related to the registry can be sent via email to: dataprotection@eficode.com. You may also use the form above in this page to contact us.

 

The purpose and justification of processing the personal data

The data stored to the registry file are used for recruitment purposes. The data is stored of persons that have applied to an open position or have otherwise shown interest towards open positions by submitting their contact information to Eficode or their partners. The data is used to evaluate the person’s suitability to the open positions of Eficode and it’s group companies and to target marketing of new positions.

The data is processed due to the legitimate interests pursued by Eficode.

 

Description of the group of data subjects and the data related to them

The personal data of the following groups of data subjects are processed:

  • Persons who have applied to an open position posted by Eficode
  • Persons who have sent an open application to Eficode
  • Persons who have sent other recruitment related queries to Eficode
  • Persons who have submitted their information to a recruitment partner of Eficode
  • Persons who have otherwise given clear consent to receiving recruitment related marketing information from Eficode e.g. at an recruitment event or at Eficode web pages

The following data is inputted to the registry file:

  • Basic personal information
    • person name and contact information (e.g. telephone and email)
    • used for identifying the person(s) and contacting them
  • Curriculum Vitae or similar listing of the person’s competences, work history and educational background
    • used in evaluating the person’s suitability to open positions
  • Data submitted via the application, including descriptions of desired position and duties, salary request and/or descriptions of personal qualities
    • used in evaluating the person’s suitability to open positions
  • Any links submitted as part of the application such as links to further information stored in outside services (e.g. LinkedIn) and/or contact information of references
    • used in evaluating the person’s suitability to open positions
  • Other information provided by the person him/herself
    • used in evaluating the person’s suitability to open positions

 

Regular destinations of disclosed data and whether data is transferred to countries outside of the European Union or the European Economic Area

The personal data may be disclosed to other companies belonging to the same group (concern). The current concern mother company is TCG Tech Consulting Group Oy. The subsidiary companies that information may be shared between are Eficode Oy (including it’s subsidiaries) and ePassi Payments Oy (including it’s subsidiaries).

The data is not disclosed or transferred outside of the European Economic Area except for organizations that have been certified to the privacy shield framework.

 

Duration of the processing

The data will be kept for two years at a time. The duration will be extended one year at a time if the information has been actively used, the legitimate interest to keep the data is still valid and the information is still accurate.

Inaccurate data will be removed periodically once a year.

The data will be based on the information submitted by the data subject and kept up to date as and when new information is submitted.

 

Description of the principles in accordance to which the data file has been secured

Personal information is handled confidentially. The data file can only be accessed by persons who require the data while performing their tasks or duties. The registry is fully electronic and it has been secured reliably using appropriate technical security measures such as firewalls and backup procedures. All service providers hosting the information have signed an appropriate data protection agreement with Eficode.

 

Eficode Usability Research Registry

Name of the registry: Eficode Usability Research Registry

Last updated: 17.5.2018

Description: Registry description of personal data file according to Section 10 of the Personal Data Act (Finland) and Regulation (EU) 2016/679 of the European Parliament and of the Council.

 

Controller of the registry

Eficode Oy

Pohjoinen Rautatiekatu 25

00100 Helsinki

Queries related to the registry can be sent via email to: dataprotection@eficode.com. You may also use the form above in this page to contact us.

 

The purpose and justification of processing the personal data

The data stored to the registry file are used for usability research purposes. The data is stored of persons that have participated or have otherwise shown interest towards participating in usability research by submitting their contact information to Eficode or their partners. The data is used within the context of usability research conducted by Eficode and used to find and contact potential research subjects.

The data is processed due to the legitimate interests pursued by Eficode.

 

Description of the group of data subjects and the data related to them

The personal data of the following groups of data subjects are processed:

  • Persons who have applied to participating or have participated in usability research
  • Persons who have given the consent to use their information for usability research to Eficode customers and where that consent extends to Eficode
  • Persons who have submitted their information to a partner of Eficode and which partner Eficode is using to locate potential usability research subjects
  • Persons who have otherwise given clear consent to receiving usability research related information from Eficode e.g. at an event or at Eficode web pages

The following data is inputted to the registry file:

  • Basic personal information
    • person name and contact information (e.g. telephone and email)
    • used for identifying the person(s) and contacting them
  • Answers to screening questions
    • information such as age, sex, hobbies etc.
    • used to evaluate the research subjects suitability for a given research
  • Answers to usability research questions and recordings of research activities
    • any information communicated by the research subject during the research
    • used for the purpose of usability research

 

Regular destinations of disclosed data and whether data is transferred to countries outside of the European Union or the European Economic Area

The personal data may be disclosed to other companies belonging to the same group (concern). The current concern mother company is Eficode Oy.

Research related personal data may be disclosed to the relevant customer companies of Eficode in connection to a specific research.

The data is not disclosed or transferred outside of the European Economic Area except for organizations that have been certified to the privacy shield framework.

 

Duration of the processing

The data will be kept for two years at a time. The duration will be extended one year at a time if the information has been actively used, the legitimate interest to keep the data is still valid and the information is still accurate.

Inaccurate data will be removed periodically once a year.

The data will be based on the information submitted by the data subject and kept up to date as and when new information is submitted.

Due to tax legislation, if the data subject has been issued a gift voucher the personal data related to the transaction will be archived for taxation purposes for the period of ten years after the end of the financial year during which the transaction was made. The right to ask the personal data connected to the gift voucher to be removed is not valid due to enforceable legislation.

 

Description of the principles in accordance to which the data file has been secured

Personal information is handled confidentially. The data file can only be accessed by persons who require the data while performing their tasks or duties. The registry is fully electronic and it has been secured reliably using appropriate technical security measures such as firewalls and backup procedures. All service providers hosting the information have signed an appropriate data protection agreement with Eficode.