Privacy Policy

Last Updated: 16.11.23

Your privacy and the security of your personal information is important to Aibidia Oy (“Aibidia”). Aibidia is committed to protecting the personal data it processes about you in order to enable your use of the Aibidia solutions and services (“Aibidia Service”).

Aibidia processes personal data of for example the contact persons of our Customers and the users of the Aibidia Service. This Aibidia Privacy Policy (the “Privacy Policy“) applies to and describes the processing of personal data by Aibidia and forms a part of the Aibidia Terms of Service (or the “Agreement” as therein defined). Any capitalised term not otherwise defined herein shall have the meaning ascribed to it in the Agreement.

For the purposes of this Privacy Policy, “controller”, “processor”, “personal data” and “processing” shall have the meanings given to them in them in the applicable data protection legislation. For the purposes of this Privacy Policy, the “applicable data protection legislation” shall mean the applicable laws and regulations in respect of the processing of personal data and data protection, including the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation, “GDPR”) as well as supplementary Finnish legislation, case-law and guidance from supervisory authorities.

Please note that this Privacy Policy applies to personal data that Aibidia processes as a data controller. With respect to any personal data processed in the Aibidia Service, Aibidia acts as a data processor and processes personal data on behalf of its Customers. For this processing, Aibidia’s Customers are data controllers and are, therefore, responsible for the legality and appropriateness of this processing. Please also note that this Privacy Policy does not apply to any processing done by third parties, such as service providers, for their own purposes as data controllers. Aibidia assumes no responsibility for the privacy practices of such third parties. All such processing is subject to the applicable privacy policies of such third parties.

  1. CATEGORIES OF DATA SUBJECTS AND SOURCES OF PERSONAL DATA

1.1   Aibidia processes personal data of the following general groups of persons:

  • customers and their representatives and contact persons;
  • representatives and contact persons of subcontractors and suppliers;
  • potential customers and their representatives and contact persons;
  • other stakeholders and their representatives (such as co-operation partners); and
  • persons related to customer assignments.

1.2   Personal data is primarily collected from the data subjects during the course of our business and marketing activities, such as webinars and events. Personal data is also obtained from employers of the data subjects, or from representatives or business partners of customers. Some personal data is formed through the use of the website and the Aibidia Service.

1.3   Personal data may also be obtained from authorities, courts or other institutions, or public sources, such as trade registers or corporate websites.

1.4   Some of the personal data may also be generated by Aibidia based on the data it has. Aibidia may, for example, compile and analyse data it possesses in order to create new data.

  1. THE PURPOSES AND LEGAL GROUNDS FOR THE USE OF PERSONAL DATA

2.1   The main reason Aibidia processes your personal data is to allow it to provide the Aibidia Service to you.

2.2   Aibidia always processes your data in accordance with the applicable data protection legislation, including the GDPR. Personal data is processed based on Aibidia’s legitimate interest to run, develop and sell the Aibidia Service and to manage relationships with our customers. Personal data is also processed to comply with Aibidia’s legal obligations.

2.3   Aibidia processes personal data to extent necessary for the purposes of:

  • providing, operating, managing, developing and improving the Aibidia Service;
  • ensuring the technical functionality and security of the Aibidia Service;
  • personalising the Aibidia Service;
  • communicating with its customers;
  • enforcing the general terms and conditions for using the Aibidia Service;
  • auditing the Aibidia Service and analysing the Aibidia Service and usage patterns of the Aibidia Service;
  • charging applicable Aibidia Service fees;
  • market research and direct electronic marketing in accordance with applicable law;
  • protecting the rights and property of Aibidia as well as preventing and investigating fraud and other misuses; and
  • complying with the legal obligations of Aibidia and otherwise in connection with law enforcement or other civil or criminal legal proceedings.
  1. CATEGORIES OF PERSONAL DATA

3.1   The data processed by Aibidia varies from group to group, and generally the following personal data is processed:

  • name and contact details;
  • company and title;
  • location (country);
  • name and business ID of the company;
  • personal data processed on a case-by-case basis (such as emails, documents, other communication);
  • information gathered on the basis of visiting our website or using the Aibidia Service, such as IP address, browser and device information and usage statistics;
  • information on customer relationship, such as contact history, feedback and follow-up information;
  • invoicing and billing information; and
  • additional information provided by the data subjects or stakeholders.
  1. SHARING PERSONAL DATA

4.1    Unless otherwise stated below, Aibidia does not sell, lease, rent or otherwise disclose personal data to unauthorised third parties without your consent.

4.2    Aibidia discloses personal data to third parties working with Aibidia for the purposes mentioned above, including service providers that provide Aibidia with website, application development, hosting, maintenance and other services who have access to, or process personal data as part of providing such services for Aibidia. Such parties are not permitted to use personal data about you for other purposes, and they are required to act consistently with this Privacy Policy and to use appropriate security measures to protect your personal data.

4.4    Aibidia may be obligated by mandatory legislation to disclose personal data about you to certain authorities, such as law enforcement agencies.

4.5    Aibidia may transfer, assign and disclose personal data about you to its affiliates or a subsequent owner, co-owner or operator of the Aibidia Service in connection with a corporate merger, consolidation, restructuring, or the sale of substantially all of the stock or assets or in connection with bankruptcy proceedings or other corporate reorganization, in accordance with this Privacy Policy.

  1. STORAGE TIMES OF PERSONAL DATA

5.1   Aibidia does not store personal data longer than is permitted and necessary for the purposes described in this Privacy Policy. The more detailed storage periods depend on the nature of the information and the purposes. Generally, data is stored for a maximum of two years.

  1. YOUR RIGHTS

6.1    You have the following legal rights relating to your personal data which you may, as appropriate and in accordance with the applicable data protection legislation, exercise by contacting Aibidia through the contact points referred to below under section 8 below:

(a) the right to know what personal data Aibidia holds about you and to request access to such information;

(b) the right to request the rectification of personal data if the data is inaccurate or incomplete;

(c) the right to request Aibidia to delete personal data about you if it is no longer needed for the purposes for which it was collected;

(d) the right to request Aibidia to restrict the processing of your personal data if the personal data is not accurate, the processing is illegal and you object to the deletion of the personal data and instead request for its use to be restricted, if the personal data is no longer needed for the purposes for it was collected but you need it to establish, bring or defend yourself against legal claims, or if you object to the processing by Aibidia where Aibidia has collected personal data based on its legitimate interest and Aibidia is investigating whether your privacy interest overrides the legitimate interest of Aibidia;

(e) the right to object to the processing of personal data that Aibidia processes based on its legitimate interest;

(f) the right to request Aibidia to provide the personal data that you provided to Aibidia in a structured, commonly-used and machine-readable format and the right to transfer your personal data to another controller if the processing is based on your consent or a contract with you and the processing takes place automatically; and

(g) the right to file a complaint with a relevant supervisory authority regarding the processing of personal data by Aibidia. The supervisory authority for data protection in Finland is the Data Protection Ombudsman’s Office (https://www.tietosuoja.fi).

6.2   Aibidia aims to provide you with a reply as soon as possible and, where needed, provide you with additional instructions or ask additional questions based on the request. Please note that prior to fulfilling a request Aibidia has a right as well as an obligation to verify the requestor’s identity, due to which Aibidia must be able to recognize the requestor in an adequate manner. If the request is manifestly unfounded or excessive, Aibidia may charge a reasonable fee for administrative costs to carry out the request or refuse to act on such request.

  1. COOKIES AND OTHER SIMILAR TRACKING TECHNOLOGIES

7.1    Cookies are small text files sent and saved on your device that allow Aibida to identify visitors of our website and facilitate its use and to create aggregate information of our visitors. This helps Aibidia to improve its website. The cookies will not harm the visitor’s device or files.

7.2    Aibidia uses cookies and other similar technologies for managing and developing the website, improving and analyzing user experience and ensuring improved targeted advertising in our and our partners’ services. Cookies allow Aibidia to collect certain information including from which website users arrive to, which pages are browsed on the Aibidia website and when as well as which browser is used and the IP address of the device.

7.2    Cookies are stored according to the following retention periods:

  • Axeptio: 11 months
  • Facebook: 90 days
  • Albacross: 1 year
  • Hotjar: 1 year
  • Google Ads: 13 months
  • Google analytics: 2 years
  • LinkedIn: 90 days
  1. THE CONTROLLER OF YOUR PERSONAL DATA

Your personal data is controlled by Aibidia Oy, Kalevankatu 30, 00100 Helsinki, Finland.

If you have any questions concerning the way Aibidia processes your personal data or want to contact Aibidia for any other reason relating to your personal data, you may contact Aibidia by email at info@aibidia.com.

  1. CHANGES TO THIS PRIVACY POLICY

Aibidia may update this Privacy Policy from time to time. If the Privacy Policy is modified, it will be made available through the Aibidia Service and Aibidia website and any substantive changes will be notified to you.