• Contact us
  • Search

    Eficode Privacy Policy

    This Privacy Policy explains how Eficode and its subsidiaries collect, use and share personal data about the website’s users and other data subjects, and how they can exercise their privacy rights. This Privacy Policy applies to all subsidiaries of Eficode.

    Data controllers

    Within the Eficode group, the data controller will either be Eficode Oy, and/or the Eficode group company the data subject has a relationship with. Details of the data controllers are:

    Finland

    Eficode Oy (1971814-3)
    Pohjoinen Rautatienkatu 25
    00100 Helsinki, Finland

    Norway

    Eficode AS (915758440)
    Lørenveien 73
    0580 Oslo, Norway

    Sweden

    Eficode AB (556685-2032)
    Vasagatan 36
    211 35 Malmo, Sweden

    Eficode Consulting AB (556976-1959)
    Kalendegatan 10 E
    211 35 Malmo, Sweden

    Denmark

    Eficode A/S (30987225)
    Njalsgade 76, c/o Univate
    2300 København S, Denmark

    Eficode MBC ApS (32305083)
    Njalsgade 76, c/o Univate
    2300 København S, Denmark

    Germany

    Eficode GmbH (244945)
    Marcel-Breuer-Straße 15
    München 80807, Germany

    Netherlands

    Eficode B.V. (72383836)
    Hullenbergweg 278
    1101 BV, Amsterdam, Netherlands

    Switzerland

    Eficode Switzerland AG (CHE-101.061.401 MWST)
    Aargauerstrasse 180
    8048 Zürich, Switzerland

    Poland

    Eficode Poland Sp. z o.o.
    Łąkowa 29 st.
    Łódź 90-554, Poland

    United Kingdom

    Eficode UK Limited (13937840)
    24 Old Queen Street
    SW1H 9HP
    London, the United Kingdom

    General information about eficode data processing

    Eficode processes personal data in accordance with applicable legislation, including the General Data Protection Regulation (Regulation (EU) 2016/679, “GDPR”), and this Privacy Policy. All personal data will be processed securely and used only as described in this Privacy Policy.

    Eficode takes the protection of personal data into consideration in all its business activities, and expects the same from all business partners, subcontractors and suppliers.

    Eficode does not knowingly collect any personal data of data subjects under the age of 18 years. In case Eficode becomes aware that such personal data is collected, Eficode shall delete it immediately.

    Personal data collected by eficode and its purpose

    Eficode collects the following personal data from individuals belonging to the following groups;

    Customers & business partners

    • First name, last name
    • Email address, telephone number
    • Organization and the data subject’s role in the organization
    • IP address
    • Other personal data submitted by the data subject

    The personal data collected is used to manage the customer relationship between Eficode and the data subject and to improve the products or services of Eficode.

    The legal basis for processing this data is based either on a contract between Eficode and the data subject, or the legitimate interests of Eficode.

    Job applicants

    • First name, last name
    • Email address, telephone number
    • CV or other document listing the data subject’s competence, education, work history
    • Links to external sources of personal data, such as LinkedIn profile of the data subject
    • Contact information of references
    • Other personal data submitted by the data subject in the application process

    The personal data collected is used to evaluate the job applicant’s suitability for the positions they applied for, and to target marketing of new job openings.

    The legal basis for processing this data is based either on the legitimate interests of Eficode, to take steps at the request of the data subject prior to entering into a contract or the consent of the data subject.

    Participants in UX & customer research studies

    • First name, last name
    • Email address, telephone number, home address
    • Social security number
    • Answers to screening questions necessary to qualify for a study, for example:
      • Age
      • Sex
      • Profession
      • Hobbies, other activities
    • Answers to UX or customer research questions

    The personal data collected is used within the context of conducting UX & customer research studies conducted by Eficode on behalf of Eficode’s customers and to find and contact potential participants in further studies.

    The legal basis for processing this data is based either on the legitimate interests of Eficode, a contract between Eficode and the data subject, or on the consent of the data subject.

    Eficode uses the electronic signature service VismaSign when signing documents such as consent forms of participants to studies. When signing a form via VismaSign, name, email address and telephone number are mandatory. In cases where Eficode awards participants with gift cards, the data subjects are required to submit their home address and social security number.

    Marketing contacts

    • First name, last name
    • Email address, telephone number
    • Organization and the data subject’s role in the organization
    • IP address
    • Other personal data submitted by the data subject

    The personal data collected is used for direct marketing communications with which Eficode markets its products as well as the products of Eficode’s partners. The personal data is also used for marketing relating to events organized by Eficode or Eficode’s partners. Additionally, the personal data can be used to send newsletters or other marketing communications to those data subjects that have subscribed to newsletters or other digital communications. The personal data of marketing contacts can also be used to communicate about potential future job openings if consent has been received from the data subject.

    The legal basis for processing this data is based either on the legitimate interests of Eficode or consent of the data subject.

    Duration of processing of personal data

    Eficode only processes personal data for as long as it is required or as long as Eficode is entitled to. Eficode ensures that all personal data processed is up to date and that no unnecessary personal data is processed.

    The personal data of Eficode’s customers and business partners is processed for as long as the customer relationship is active, and for a period of six years after it. Certain information required for taxation or accounting purposes may be stored for up to ten years due to legal requirements.

    The personal data of job applicants is kept for a period of one year after the application is received. The duration may be increased one year at a time with the job applicant’s consent or if the personal data is actively used and the personal data is still up to date.

    The personal data of participants of UX & research studies is processed for two years at a time unless otherwise agreed. The duration may be increased by one year at a time if the personal data is actively used or if the legitimate interest of Eficode is still valid and the personal data is still up to date. In situations where participants are awarded with gift certificates or other consideration of monetary value, Eficode has a legal requirement to submit certain personal data to the national tax authority and to archive it for a period of up to ten years. The data subject’s right to erasure in situations where Eficode is required to store personal data due to legislation is not valid.

    The personal data of Eficode’s marketing contacts is processed for two years at a time. The duration may be increased by one year at a time if the personal data is actively used or if the legitimate interest of Eficode is still valid and the personal data is still up to date.

    All inaccurate and unnecessary personal data will be removed periodically once a year.

    The personal data processed by Eficode that is based on the information submitted by the data subject will be kept up to date when new personal data is submitted. Eficode also takes steps to keep the personal data collected from other sources up to date.

    Rights of data subjects

    Eficode takes the rights of data subjects seriously, and makes sure that all data subjects are able to practice their rights. Data subjects have the following rights:

    • Right to enquire whether personal data is processed by Eficode and if so, what the personal data processed is
    • Right to request that any incorrect or missing personal data is updated
    • Right to request that Eficode stops processing personal data for a specific purpose and/or request its deletion
    • Right to appeal to the national data protection authority in case a data subject feels that Eficode’s processing of personal data does not comply with relevant legislation or if the data subject feels that Eficode is not otherwise observing all the rights of data subjects

    Please note that in case Eficode has an overriding interest or legal obligation to process certain personal data, not all rights may not be available to data subjects at all times.

    General inquiries about this Privacy Policy, the security of personal data processed by Eficode, inquiries about personal data processing carried out by Eficode and/or requests to update or delete any personal data can be sent via email to dataprotection@eficode.com, or via the form below.




    The contact details of the relevant data protection authorities are:

    Finland

    Tietosuojavaltuutettu
    https://tietosuoja.fi
    tietosuoja@om.fi 

    Norway

    Datatilsynet
    https://www.datatilsynet.no/en 

    Sweden

    Integritetsskyddsmyndigheten (IMY)
    https://www.imy.se/en/ 
    imy@imy.se

    Denmark

    Datatilsynet
    https://www.datatilsynet.dk/english 
    dt@datatilsynet.dk

    Germany

    BayLfD
    https://www.datenschutz-bayern.de/ 
    poststelle@datenschutz-bayern.de

    Netherlands

    Autoriteit Persoonsgegevens
    https://autoriteitpersoonsgegevens.nl/en

    Switzerland

    FDPIC
    https://www.edoeb.admin.ch/edoeb/en/home 
    info@edoeb.admin.ch

    Poland

    UODO
    https://uodo.gov.pl/en 
    kancelaria@uodo.gov.pl

    United Kingdom

    Information Commissioner’s Office
    https://ico.org.uk/ 

    Eficode cookie policy

    Eficode uses cookies and other similar technologies on its websites for better user experience and content targeting. Cookies are small text files that are placed in the user’s device when the user is visiting Eficode’s website. By connecting information based on cookies and the user’s possible submission of form(s), Eficode creates a personal profile of the user, which helps Eficode offer personalized information and content in different channels. The use of cookies also enables Eficode to remember the user’s preferences and actions, as well as lets Eficode monitor and analyze the usability of the website.

    Eficode uses the following categories of cookies on its websites:

    • Essential cookies
      These cookies are strictly necessary to provide you with services available through our Websites.
    • Analytics and customization cookies
      These cookies collect information that is used either in aggregate form to help us understand how our Websites are being used or how effective our marketing campaigns are, or to help us customize our Websites for you.
    • Advertising cookies
      These cookies are used to make advertising messages more relevant to you. They perform functions like preventing the same ad from continuously reappearing, ensuring that ads are properly displayed for advertisers, and in some cases selecting advertisements that are based on your interests.

    Eficode always asks the user’s permission to collect cookie information when they access the Eficode website for the first time with a specific device. Most browsers accept cookies automatically, but the user can always edit their internet browser settings and remove cookies. Users can avoid cookies by changing the settings of the internet browser.

    Protection of personal data

    Protection of personal data and information security is of utmost importance to Eficode. All personal data within Eficode is handled with a high level of security and confidentiality. Personal data can only be accessed by employees of Eficode who require such access while performing their tasks or duties. All personal data is stored electronically and locations of personal data are reliably secured using appropriate technical and organizational measures. All service providers involved in processing personal data have signed appropriate data protection agreements and other relevant documents with Eficode.

    Eficode's Information Security Policy follows the guidelines of ISO27001 Information Security Standard.

    Regular destinations of personal data and transfer of personal data outside the european union or the european economic area

    Personal data is not disclosed or transferred outside of the European Union (EU) or the European Economic Area (EEA) unless Eficode has a legitimate interest to do so, and Eficode has concluded a data processing agreement with the recipient containing the EU Standard Contractual Clauses* with the recipient, or if the recipient is based in a country that has received an EU adequacy decision regarding the level of protection of personal data. Eficode does not accept the transfer of personal data outside the EU or the EEA based on the EU-US Privacy Shield.

    * https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?uri=CELEX%3A32021D0914&locale=en 

    Updates to eficode privacy policy and cookie policy

    Eficode may update this policy from time to time to ensure that the policy fully respects the rights of the data subjects and to stay compliant with the relevant legislation(s) governing the use of personal data, such as the EU General Data Protection Regulation (GDPR) and its national implementations. The most recent version of Eficode privacy policy is always available on this website.