NORDIC 247 SERVICES OY
Date: August 16th 2017
Customer register databases at Nordic 24/7 Services Oy
1 NAME OF REGISTER
Customer register database for Nordic 247 Services Oy (Nordic 247 from here on), consisting of following
- customer register
- register for sending newsletters, invitations and bulletins
- project database
2 REGISTER OWNER
Nordic 247 Services Oy
Luomannotko 3, 02200 Espoo FINLAND
3 RESPONSIBLE PERSON FOR REGISTER
The person responsible for the register is CFO Kenneth Rantala.
His responsibilities for ensuring that the register is used for intended purposes include:
• check access rights frequently
• ensure proper security measures (including security updates)
• ensure that database users have adequate instructions for using the register
4 RESPONSIBLE PERSON FOR REGISTER DETAILS
The person responsible for register details is CFO Kenneth Rantala. His responsibilities are to maintain
access rights for users, give out information about the register and inform customers about their rights for
checking and updating their data stored in the register.
5 THE PURPOSE OF THE REGISTER
The register contains a database of Nordic 247s customers and partners, both companies and persons for
maintaining business relationships. The register is used for producing services for customers and partners.
The register data is also used for marketing and dissemination targeting companies and persons. The data
will not be shared with third parties. Anonymous usage data is used for research and statistics.
6 REGISTER DATA
The data stored in the register consists of the following details:
- first and last names
- company or organisation and department name
- profile data (eg. company industry)
- grouping data (mailing lists etc.)
- address details
- phone numbers
- fax numbers
- email addresses
- internet addresses
- target language
- any additional details given by the customer
- customer history, log data (eg. date of last contact)
- subscription status (eg. unsubscription for emails)
The register consists of several parts and not all parts contain the previous details.
7 REGISTER DATA SOURCES
The data is received directly from customers: companies, organisations and private persons. Additionally,
public databases may be used as source.
8 PERSONAL DATA SHARING GUIDELINES
Personal data will not be shared with third parties otherwise than permitted by current legislation. The data
is stored in both EU/ETA server facilities as well as facilities in the Unites States. Nordic 247 maintains model
contract clauses with all of its service providers outside EU/ETA countries. Anonymous data (excluding
names and identifying details) may be exported for research purposes.
9 REGISTER USAGE
The register is accessed, maintained and edited by Nordic 247personnel. Access to the register is restricted
and only available with a personal account and password combination. The account username is granted
when access to the register is opened and will be closed when the employees contract is terminated or if
the employee is assigned to a different role in Nordic 247.
10 THE REGISTER IN RELATION TO OTHER PERSONEL REGISTERS
The register is solely for Nordic 247s use. Any updates will be performed by data submitted by customers
or data available via public access.
All data in the register is used only by Nordic 247. No social security numbers (or similar details) are stored.
Several service providers provide servers and storage space where the register is stored. Servers are located
in high security facilities with no unauthorized access. Register data is regularly backed up.
12 STORAGE OF PERSONAL DETAILS, REGISTER DATA, ARCHIVING AND DISPOSAL OF DATA
Register data is stored on a usage basis, archiving is not in use. The data is stored for the period for which
the data is needed for the register. Any expired data is deleted manually.
13 INFORMING REGISTERED PERSONS
In connection with signing up for events, newsletters or providing personal details through a webform, the
accessible on the nordic247.com website.
14 RIGHT TO INSPECT PERSONAL DATA
Persons have the right to inspect their stored data by request to the register owner. The right to inspect
their data is then granted by the person responsible for the register. Response time for such requests is
within a week. If the person requesting to inspect their data wants to inspect their data on location, such
requests will be carried out immediately if the person can be identified and the person responsible for the
register is available at that time. The register does not have classified person data.
15 CORRECTING OR REMOVING REGISTER DATA
Person data is usually validated when entered (either through public databases or other public sources).
Companies or persons can request correcting their data at any time by request to the register owner.
16 RIGHT TO NON-DISCLOSURE
No data is exported or disclosed from the register without written consent from the customer company or
17 REGISTER MANAGEMENT
CFO Kenneth Rantala is the owner and maintainer of the register.
The CFO is responsible for
- usage policy and data model of the register, granting access rights, informing registered
persons, responding to requests for data inspection and maintaining data integrity
- technical administration of the register
- security, archiving and backups, also any data deletions
- naming any additional responsible persons for the register
The register data is maintained collectively by Nordic 247 personnel.
18 INTERNAL INSTRUCTIONS AND TRAINING
Internal usage guidelines are maintained separately. Training is provided regularly.