Privacy Policy of Ilves Solutions Ltd and Ilves Valmisohjelmistot Ltd
Data protection is your fundamental right, which we commit to safeguard. This Data protection statement explains what kind of personal data the Ilves companies (Ilves Solutions Ltd, Ilves Valmisohjelmisto Ltd and Ilves Invest Oy) process and for what purpose. This privacy statement applies to:
- interaction between you and the Ilves companies;
- certain Ilveshaku-products;
- Ilves Enterprise products in situations where we act as data processors in compliance with data protection legislation;
- newsletters managed by Ilves companies (“Newsletter”);
- networks partially or fully administered by Ilves companies (“Network”), such as the Legal Tech Glögit network.
1. General Information
Ilves Solutions Oy, Ilves Valmisohjelmistot Oy and Ilves Invest Oy (“Service Provider”) are committed to protecting the privacy of our customers, the users of Ilvessolutions.fi ilveshaku.fi internet services (“Service”) and users of the Networks we administer in accordance with the General Data Protection Regulation (EU) 2016/679 and the Data Protection Act 2018/1050, as well as other applicable regulatory provisions, as they apply to the Service Provider.
By using the Service or providing data to the Network, the user (“User”) accepts the terms (“Terms”) included in this privacy policy. If the User does not accept the terms the User must cease using the Service, or prohibit the use of their data in the Service Provider’s or Network administrator’s communication by unsubscribing from the Newsletter’s email list.
2. Collected Information
The Service provider or Network administrator collects from the User such personal data that is necessary for the processing purposes described in Section 4 of the Terms. The data collected from the User includes:
User’s personal information:
- Work contact information such as name, address, phone number, and email address
- Registration data required for the user account, such as username, nickname, password, and other possible individual identifier of the User
- Communication between the User and the Service Provider, such as messages, feedback, and requests
- User-provided profiling and interest information
- Permissions, consents, and authorisations
- Prohibitions
- Other information collected with the User’s consent
Data describing the use of the Service or Network:
- Data related to the identified User’s use of the Service or Network, such as use and browsing of the Service functionalities
- Data collected by using cookies or other similar technologies such as the page browsed by the User, the site through which the User accessed the Service, emails opened by the User or clicked by the User from the Network or Service provider, the device model, individual device or cookie identifier, communication channel (web browser, mobile browser, application), browser version, IP address, session identifier, session time and duration, screen resolution, and operating system
- All other information, which the User enters or uploads to the Service or Network (such as information entered by the User in online forms or a photo uploaded by the User to the Service).
The Service Provider stores the following information in the customer register:
- User’s name, title, or profession
- One additional identifying information
- Contact information for future communication
- Email communication with the User
The Network administrator stores in the register:
- User’s name, title, or profession
- User’s employer
- User’s location
- Contact information for future communication
- Email communication with the User
3. Sources from which information is collected
Personal data concerning the User is primarily collected from the following sources:
- Information provided by the User during registration or while updating the user profile in the Service or Network
- Information obtained through the technologies described in these Terms regarding the use of the Service.
4. Purpose of Collecting Personal Data
The Service provider collects personal data for predefined purposes, which can be categorized as follows:
- Management, provision, maintenance, and improvement of the Service or Network
- Development and definition of the Service or Network and related products and services
- Answering questions and implementing requests
- Fulfilling legal obligations as the Service provider or Network administrator
- Other purposes authorized by the User
- Other purposes in compliance with the applicable law
- Other communication with the User
5. Storage of personal data
The Service Provider or Network administrator stores personal data only as long as it is necessary for the purposes set forth under Section 4, in accordance with current legislation and regulatory requirements.
If the User has not logged onto the user account for an extended period, typically 12 months, most of the personal data concerning the User is deleted, transferred to a permanent archive register, or transformed into a format that no longer identifies the User.
Notwithstanding the aforementioned, data published by the User shall remain in the public sections of the Service or Network.
The Service Provider or Network Administrator also stores personal information as required by current legislation.
6. Processing of personal data
Personal data shall primarily be processed by Service Provider’s employees.
In case the Service Provider has outsourced the processing of personal data to a third party, Service Provider will ensure through contractual measures that personal data is processed in accordance with the applicable laws and regulations.
Personal data is primarily stored within the EU or EEA. Personal data may need to be transferred outside the EU or EEA (e.g. when using Mailchimp or HubSpot), the level of information protection may be lower than that offered within the EEA.
The Service Provider will ensure sufficient level of privacy protection by, among other things, contractual measures required by the law, for example by using standard contractual model clauses approved by the European Comission.
7. Transferring or disclosure of data
Service Provider or Network Administrator will not sell, rent or transfer User’s personal data to third parties except in the cases set forth below in this Section 7.
Personal data may be disclosed to a third party in case the User has given their express consent thereto.
Personal data may be disclosed due to an order, which is compelling on Service Provider or Network Administrator, issued by a competent authority or another party based on the current legislation.
Personal data may be transferred to a party of such transaction or their advisors in case of re-arrangements of the business relating to the Service or Network such as sale or acquisition of business, merger or diffusion.
8. Protection of personal data
Service Provider or Network Administrator uses necessary technical and organizational measures to protect personal data against unauthorized access, transfer, deletion, or other unauthorized handling.
Such methods include the use of firewalls, encryption technologies and safe server rooms, proper access control, the controlled provision of user rights and supervision of their use, providing instructions for data processors, and diligent selection of competent subcontractors.
Although Service Provider or Network Administrator strives to protect personal data from possible risks and disclosures, it is not possible to achieve perfect data security in a network environment. Therefore, the User should not disclose any such information in the Service, Network or through communication with the Service Provider, which is especially sensitive, or which is not required to be disclosed in the relevant context.
9. Use of cookies
Cookies are small files that the browser saves in the User’s device, and they contain an individual identifier, which Service Provider or Network Administrator can use to identify the User and to track browsers which have visited the Service.
Service Provider or Network Administrator may collect data from User’s terminal and concerning the use of the Service by using cookies and other techniques such as browser’s local data storage.
10. Collection of data by third parties
Third parties mean parties, who are not part of the Service or Network, but are connected to the Service such as providers of online measurements and analytics services (e.g. Leadfeeder) as well as providers of so-called social plugins, such as LinkedIn and Google.
Due to the fact that the services provided by the above mentioned third parties are based, if and to the extent they are offered or utilized in connection with the Service or Network, on data transfer between the Service or Network and the respective services offered by the third party, it is possible, that such a third party may collect information regarding the User for example by installing cookies on the User’s terminal.
Service Provider undertakes to ensure, to the extent possible, through contractual measures that such third parties comply with the current legislation.
Where possible, the Service Provider or the Network Manager will seek to ensure, through contractual arrangements, that such third parties comply with the legislation in force.
11. User’s influence
Direct marketing consent
The User has the right to prohibit the transfer or handling of their information for direct advertising, distance selling or other direct marketing by giving a notice thereof to the following e-mail address info@ilvessolutions.fi or by unsubscribing from the mailing list through the provided link.
Right to access and rectification
The User has the right to access personal data collected and to demand rectification, erasing or supplementation of erroneous, unnecessary, incomplete, or obsolete personal data by giving notice thereof to the following e-mail address info@ilvessolutions.fi.
Right to be removed
The data subject has the right to ask for removal of registered data by giving notice thereof to the following e-mail address info@ilvessolutions.fi.
Withdrawal of consent
When it comes to processing personal data based on consent, the subject has the right to withdraw consent for processing of such data at any point by giving notice thereof to the following e-mail address info@ilvessolutions.fi.
Right to limit the process
The data subject has the right to request that we limit the processing of controversial data until the matter has been settled by giving notice thereof to the following e-mail address info@ilvessolutions.fi.
Right to transfer
The data subject has the right to request that the subject’s personal data is transferred to another system by giving notice thereof to the following e-mail address info@ilvessolutions.fi.
Preventing the use of Cookies
The User can prevent the use of cookies by changing their browser settings. Preventing cookies may have an impact on the User’s user experience.
Clearing Cookies
The User can clear the cookies from their browser settings. Clearing cookies may have an impact on the User’s user experience.
Right to appeal to supervising authority
If the data subject has grounds for suspecting that we are in not complying with effective legislation regulating data protection, the subject has the right to make an appeal to the Data Protection Ombudsman. The Data Protection Ombudsman’s contact information can be found here.
12. Changing privacy policy
Service Provider (in this context same as Network Administrator) strives to continuously develop the Service and Network, which may result in a need change these Terms. Changes may also result from changes in laws and regulations.
Service Provider reserves the right to change these Terms. Changes to the Terms will be announced in the Service and Network.
Service Provider recommends that the User regularly reads the content of the Terms. Continued use of the Service after the release of new Terms shall be deemed acceptance of the amended Terms.
13. Contact
We request that the User primarily directs all contacts relating to these Terms to the following contact person responsible for issues relating to personal data:
Heikki Ilvessalo, phone +358 40 5471501
The User can also contact use in relation to these Terms through the following address:
Ilves Solutions Oy
Niittymäentie 9
02200 Espoo, Finland
This privacy policy was last updated 19 January 2024
