We use cookies on our website

Privacy Policy

This is CF Events Oy's registration and privacy policy in accordance with the Data Protection Act and the EU General Data Protection Regulation (GDPR). This document was prepared on 9 July 2019. 

1. Data Controller

CF Events Ltd
1502158-4

Hämeentie 157, 5th floor
00560 Helsinki

contactforum@cfevents.fi
www.contactforum.fi

2. Contact person responsible for the register

Christoffer Högström
+358 45 635 3562
christoffer.hogstrom@cfevents.fi

3. Register name

The company's customer and marketing register.

4. Legal basis and purpose of processing personal data

According to the EU General Data Protection Regulation, the legal grounds for processing personal data are the person's consent (documented, voluntary, specific, informed and unambiguous), a contract to which the data subject is a party, and the legitimate interest of the controller (customer relationship).

The purpose of processing personal data is to communicate with customers and maintain customer relationships, as well as to market services and the event.

5. Data content of the register

The information stored in the register includes: person's name, position, company/organization, contact information (telephone number, email address, address), website addresses, IP address of the network connection, social media accounts/profiles, information about ordered services and their changes, billing information, other information related to the customer relationship and ordered services. The information is stored for five (5) years.  

6. Regular sources of information

The information stored in the register is obtained from the customer, for example, through messages sent via web forms, email, telephone, social media services, contracts, customer meetings and other situations in which the customer provides their information.

7. Use of cookies

We use cookies on our website, which enable the administrator to identify frequent visitors to the website and to compile aggregate information about visitors. 

If a user visiting our website does not want us to receive the above information using cookies, browser programs allow the function to be disabled.

8. Regular data transfers and data transfers outside the EU or EEA

The information is not routinely disclosed to other parties. Information may be published to the extent agreed with the customer.

9. Principles of register protection

The register is handled with care and the data processed by the information systems are protected appropriately. When the register data is stored on Internet servers, the physical and digital security of their equipment is appropriately ensured. The controller ensures that the stored data, as well as the access rights to the servers and other information critical to the security of personal data, are handled confidentially and only by employees whose job description requires it.

 10. Right to inspect and request correction of information

Every person in the register has the right to check their data stored in the register and to demand correction of any incorrect data or completion of incomplete data. If a person wishes to check the data stored about them or to demand correction, the request must be sent in writing to the controller. The controller may, if necessary, ask the person making the request to prove their identity. The controller will respond to the customer within the time period stipulated in the EU Data Protection Regulation (generally within one month). 

11. Other rights related to the processing of personal data

A person registered in the register has the right to request that personal data concerning him or her be deleted from the register (the “right to be forgotten”). Data subjects also have other rights Rights under the EU General Data Protection Regulation such as restricting the processing of personal data in certain situations. Requests must be sent in writing to the controller. The controller may, if necessary, ask the requester to prove their identity. The controller will respond to the customer within the time period set out in the EU Data Protection Regulation (generally within one month).

en_GBEnglish