We will use your personal data for predefined purposes based on contract, consent, legal obligation and legitimate interest. We will use your personal data for the following purposes:
3.1 Service delivery & customer service
We collect and use personal data about you to process orders, deliver products and services, to provide customer service and to manage payments, contracts and transactions.
The data needed for delivering services vary depending on the product or service in question. We may communicate with you in contract-related matters via phone, mail, email, SMS, chat, automated calls, and other digital channels including social media.
When required by law, we may ask for your consent to deliver certain services, for example, location-based services.
3.2 Sales, marketing and stakeholder communications
We may contact you through marketing even if you are not our customer. We will ask for your consent to contact you when required by law, otherwise, our contacting is based on legitimate interest.
Without consent, we can send automated electronic marketing messages that relate to your customer or business relationship with us, and use traditional marketing channels (e.g. post, telephone), when allowed by law. Below you can read more about the different types of marketing.
- 3.2.5
What data is used to optimize sales & marketing (“Profiling”)
For marketing and advertising, we use data that is collected during the customer relationship and from customer surveys; online behavioral data; and derived data that for example predicts the users’ interests - 3.2.6
Stakeholder relations
We manage stakeholder relationships by communicating about relevant topics and promoting events which we arrange. Communications are sent directly by email to the contact addresses received from the stakeholders or their company.
3.3 Product and service development
We may process personal data to improve and develop better services for our customers, to support our business decision making, and to consider our customers’ feedback and needs. The basis for processing data for product and service development is legitimate interest.
This is done, for example, by collecting feedback directly from users using surveys, test panels, interviews, questionnaires and other forms of market research; by utilizing the data generated from the use of our services in analytics; by using recorded or transcribed phone calls for training and service quality improvement; and by testing system functionality with temporary sample data that is collected during normal service use.
Data processing for our product and service development generally happens with de-identified data to the extent possible. In the case that the customer’s real contact details are collected in connection to the survey, or if we conduct interviews personally with the customer, we may inform you specifically about the use of the contact details in connection to the survey or interview. We may occasionally use samples of real data, for example, to test the functioning of our systems.
In analytics, we do not process identifying data, but we aggregate large volumes of service use data in order to create statistical models, reports, predictions and trend analyses for the support of business decision making, create analyses about service/feature performance, and calculate customer segments that are used to improve our sales and marketing as described in Chapter 3.2.5.
3.4 Legal obligations
We process personal data to comply with our legal requirements, for example, accounting and tax laws, and anti-money laundering laws.
3.5 Defense of legal rights & ensuring the security of our services and customers
We use personal data to defend and secure our own rights and our customers’ rights.
The basis for processing data for the defense of legal claims, debt collection, credit checking, information security, and prevention of fraud and misconduct is typically legitimate interest. Personal data is used for ensuring the security of our products and services, for example, by keeping access logs and system backups, authenticating users, and preventing attacks.