We pledge to honor the following privacy protection policy, designed with our customers in mind. We collect information responsibly, in accordance with the applicable data protection legislation. We ask for personal information only for our own customer registration process as well as marketing activities, and to give you access to information pertaining to our conferences, such as newsletters and executive summaries of our mainstage events. The name, organization and title of attendees of each event can be shared with event partners and published on the event website. We will NOT distribute any additional information to third parties without your permission. The customer has the right to deny Nordic Business Forum the permission to share their information to third parties by emailing firstname.lastname@example.org.
The use of most of our services require you to provide us with personal data, such as use of a live stream account or accessing our events, but you may visit our public websites without disclosing your personal data.
Nordic Business Forum Oy
Kauppakatu 41 B 14
40100 Jyväskylä, Finland
Phone +358 20 775 1390
The controller is Nordic Business Forum Oy and its subsidiaries Nordic Business Forum AB and Nordic Business Forum AS.
Kauppakatu 41 B 14
40100 Jyväskylä, Finland
Phone +358 20 775 1390
Business ID 2241358-6
2. Filing systems
3. For what purposes we use your personal data?
Personal data is collected and used within the limits defined by the applicable data protection legislation to take care of and develop customer relationships and to offer, sell, market, deliver orders, and develop the services and products of the Nordic Business Forum and its main partners.
Personal data is used to help us better understand our customers and to help us conduct regular research into the trends and preferences of our customers. This market research and its raw data will be held within Nordic Business Forum and will never be sold, distributed, or forwarded to third parties without our customers’ explicit consent.
Information collected from the data subjects will be used for direct marketing purposes only, unless the data subject prohibits such use.
4. What is our data processing based on?
Processing of your personal data is based on the following grounds of the EU’s General Data Protection Regulation (one or more purposes may apply simultaneously):
a) Processing is necessary for the performance of a contract to which you are party, or in order to take steps at your request prior to entering into a contract.
b) Processing is necessary for compliance with a legal obligation to which the controller is subject (for example the duty to keep the records based on the Accounting Act).
c) Processing is necessary for the purposes of the legitimate interests pursued by Nordic Business Forum.
d) You have given consent to the processing of your personal data.
The legitimate interests of Nordic Business Forum or a third party referred to in point c) above may include, amongst others, the following matters:
- the right to promote the sales of Nordic Business Forum’s products and services by way of direct marketing, including profiling for the purposes of marketing and sales;
- business development;
- investigation of possible malpractice.
5. Information content
The filing systems include the following information, either in part or in full:
- Customer first and last name
- Company information and industrial classification
- Professional title
- Email address
- Postal address
- Phone number
- Dietary requirements (if it includes health data, such data is given to us by the customer based on your consent)
- Information pertaining to all purchases and orders on the web shop, such as invoicing address and payment details
- Any follow-up information pertaining to the customer’s purchases
- Feedback given by the customer
- Notes of discussions with customers
- when the customer’s data was put in to the filing system
- campaigns, promotions, and other communication directed to the customer, as well as their use, including participation in events
- interests and other information or survey data provided by the customer
- direct marketing choices
- use of the customer’s rights related to the customer’s personal data (such as right to rectification and right to data portability)
- information of the use of our digital services as well as digital content created by the customer
- automatically collected data (such as IP Address, the customer’s device’s operating system, browser type and language)
- mobile device identifiers (such as the customer’s unique device ID and device name)
- recordings of customer service telephone conversations, as well as e-mail and chat correspondence
We do not collect credit card information from our customers. If a customer chooses to pay with a credit card or online bank, etc., the payment is done through an external site from the credit card payment processor, or the bank, etc.
6. Where do we collect the personal data from?
Our filing system is derived from information given by our customers when registering for our newsletters or a seminar. This information is collected using an online form, as well as on paper, by phone, by email, or during the purchasing process of a service and/or product.
The information is collected, for example:
- on www.nbforum.com, live.nbforum.com, registration.nbforum.com, norway.nbforum.com.
- by phone
- by email
- during face-to-face meetings
We may gather personal data from business-to-business customers when the representative of the company gives personal data of other employees to us. We may also obtain and update the personal data in our filing systems from officials and companies offering personal data services.
7. With whom might we share your personal data
Nordic Business Forum does not sell, lease, or otherwise disclose your personal data to third parties outside of the Nordic Business Forum Oy and its subsidiaries unless otherwise stated below.
The name and organization of attendees of each event can be shared, as stated in the order confirmation of the conference ticket. Please contact us if you would prefer that your information is not shared.
Nordic Business Forum may share your personal data when obtaining payment for products and services, including the transfer or sale of delinquent accounts to third parties for collection.
Nordic Business Forum may share your personal data based on a valid order from a court or other official body with sufficient authority.
Nordic Business Forum may share your personal data as part of any merger, acquisition, sale of company assets, or transition of service to another provider. This also applies in the unlikely event of an insolvency, bankruptcy, or receivership in which your personal data would be transferred to another entity as a result of such a proceeding.
When a customer is buying a product or service from a Nordic Business Forum cooperating partner, the controller has the right to give the relevant personal data required for the purchase to the cooperating partner.
8. How long do we process your personal data?
The controller will process the personal data (mentioned in section 5) of its customers until the end of the year of the last purchase plus 6 years. Potential customers’ data is processed in our marketing database until a customer relationship has started or until the data subjects asks his/her data to be deleted. For information on how this data can be deleted, see section 10.
9. Reviewing, updating, and correcting of personal data
The data subject has the right to check, review, and update or correct his/her information maintained in the filing system at any time. Customers must inform us if any personal data changes in order to keep their record in the filing system up-to-date. For additional questions, or to review, update, or correct personal data, please email email@example.com.
10. The right of erasure (“right to be forgotten”)
You have the right to obtain the erasure of personal data that concerns you from Nordic Business Forum without undue delay on any of the following grounds:
(a) your personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
(b) you withdraw consent on which the processing is based and where there is no other legal ground for the processing;
(c) you object to the processing and there are no overriding legitimate grounds for the processing;
(d) your personal data have been unlawfully processed;
(e) your personal data have to be erased for compliance with a legal obligation in Union or member state law to which Nordic Business Forum is subject;
(f) the personal data have been collected in relation to the offer of information society services.
However, you do not have the right of erasure if the processing is necessary:
(a) for exercising the right of freedom of expression and information;
(b) for compliance with a legal obligation which requires processing by Union or member state law to which Nordic Business Forum is subject; or
(c) for the establishment, exercise, or defence of legal claims.
11. Right to data portability
You have the right to receive the personal data concerning you, which you have provided us in a structured, commonly used, and machine-readable format, and have the right to transmit that data to another controller where the processing is based on consent or on a contract and the processing is carried out by automated means.
12. Do we make decisions affecting you based on automated means?
Nordic Business Forum does not make decisions based solely on automated processing, which produces legal effects concerning you or similarly significantly affect you.
13. Principles of protection
The name and organization of attendees of each event can be shared as stated in the order confirmation of the conference ticket. If you wish your information not to be shared, please contact us. All other personal information is kept confidential.
Access to any personal information by the Nordic Business Forum will be restricted to designated individuals with a username and password. Access to this database will be given only to specifically appointed people.
The individuals managing the filing system are bound to professional secrecy.
Nordic Business Forum’s services may be provided using resources and servers located in various countries around the world. Therefore Nordic Business Forum may transfer your personal data outside the country where you use our services, including to countries outside the EU and EEA that do not have laws providing specific protection for personal data or that have different legal rules on data protection.
In such cases, Nordic Business Forum will ensure that a legal basis for such a transfer exists and that adequate protection for your personal data is provided, as required by applicable law, for example, by using standard agreements approved by relevant authorities (where necessary) and by requiring the use of other appropriate technical and organizational information security measures.
Nordic Business Forum is concerned with protecting your privacy and data, but we cannot ensure or warrant the security of any information you transmit to Nordic Business Forum or guarantee that your information stored by the Nordic Business Forum may not be accessed, disclosed, altered, or destroyed by breach of any of our industry standard physical, technical, or managerial safeguards. When you enter information (such as login credentials) on our registration or order forms, we encrypt all transmitted data using HTTPS with TLS (Transport Layer Security). However, no method of transmission over the internet or method of electronic storage is 100% secure. Therefore, we cannot guarantee its absolute security.
We do not collect credit card information from our customers. If a customer chooses to pay with a credit card or online bank, etc., the payment is done through an external site from the credit card payment processor, or the bank, etc., and they protect it.
Do you have any additional questions about our privacy protection?
We are happy to answer any questions you may have regarding our privacy protection policy! Feel free to give us a call at +358 20 775 1390, or send us an email at firstname.lastname@example.org.