We at Intito respect your privacy and apply the EU General Data Protection Regulation (Regulation 2016/679 EU, the “GDPR”) to our operations.
In this privacy notice you will find information on what personal data we process and how we process it.
a. Customers and business contacts
We collect the names and contact details of our customer contact persons, such as their email, phone number, position in the company and office address.
We process and store the correspondence related to offering and maintaining the customer relationship. We also process customer feedback and customer support requests and our replies to them. These include the details of the sender, such as their name, position and contact details, as well as the contents of the feedback, support request and correspondence.
We collect and maintain lists of sales leads and prospective customers. These may include the name, position and relevant business contact details of companies’ contact persons.
The contact information is collected directly from the customer and their contact persons. We may also collect sales leads from other sources, such as online and offline event participation lists, direct marketing campaigns, public directories, and social media.
b. Website visitors
Chat and contact form
We provide our website visitors an opportunity to contact us directly via the contact form on our website. On the contact form you may provide us your name, email and the message of your choice.
The information provided by you via contact form may be combined with the other information we process related to you or your organization (see sections 1 a, c and d).
c. Marketing contacts
We may send you emails containing information regarding our services and, for example, invitations to our events from time to time if you are our customer or if the communication is otherwise related to your work tasks. We may also send you information regarding our services if you have subscribed to our mailing list.
For email marketing purposes we process your name, email address, contact status (customer, prospect, partner), role (invoice contact, decision maker, general contact), interests regarding our business (xPA, Data & AI, Fina & ESG), as well as the contents of the communications we have sent to you.
We may also call you if we think our services may interest you. We direct our calls to B2B-contacts only. For this purpose we process your name, phone number and your position in your company. We also take notes from the contents of our conversation.
We collect the contact details used for marketing purposes either from you directly or from other sources, such as online and offline event participation lists, direct marketing campaigns, public directories, and social media. You have a right to object to direct marketing as explained below in section 7.
d. Event participants
We may from time to time organize events and webinars. At the event registration we ask for your name, organization, and position, as well as email address. If we have event catering, we may also ask for your special dietary requests and allergies to be able to meet your special requests. The information is collected from you directly.
Depending on the nature of your relationship with us, we will process your personal data for the following purposes:
The legal bases for the personal data processing are:
Legal bases related to cookies are explained below in section 3.
What are cookies?
Cookies are little text files sent by our or our partners’ web server and stored in your browser or device.
What information do we collect through cookies?
We collect the following information about you by means of cookies: IP address, Google Analytics identification number that is unique to each visitor, device type, operating system, browser type, date and time of visitation, source of navigation (website from which you navigated onto our website), pages visited within our website, length of your visit.
You cannot be directly identified through cookies, but we can connect certain information to the same visitor by means of the ID number given to each visitor, even though we do not know who exactly they are.
The cookies can be set by either us directly or by our online partners (so called 3rd party cookies).
With respect to other than strictly necessary cookies, which are necessary for the functioning of our website, our right to collect information by means of cookies is based on your consent, which you can at any time manage on our website.
How long are the cookies stored?
The cookies placed by our website expire within 2 years.
What if I don’t want any cookies?
You can manage your cookie preferences at any time through our website cookie manager and in your browser and/or device settings.
What is Google Analytics?
We use Google Analytics on our website. Google Analytics creates reports for us about the use of our website which help us understand and improve it. The reports are created through gathering information about the use of our website by means of cookies. In addition to the cookies described above, Google Analytics collects the IP address of the visitor and creates a unique identifier for the visitor which can be connected to other stored online identifiers. The information provided to us is in form of aggregated statistics from where a single visitor cannot be identified. However, due to the identifiers used by and sent to Google, we cannot guarantee that you will remain anonymous with respect to Google.
What is LinkedIn Insight Tag?
We use LinkedIn Insight Tag on our website. LinkedIn creates reports for us about the visitors of our website, who came from LinkedIn. The reports are created through gathering information about the use of our website by means of cookies. The information provided to us is in form of aggregated statistics from where a single visitor cannot be identified.
You can find out more about LinkedIn’s data protection policies at https://www.linkedin.com/legal/privacy-policy
What is Leadfeeder?
We use Leadfeeder on our website. Leadfeeder creates reports for us about the use of our website and identifies the companies visiting our site. The reports are created through gathering information about the use of our website by means of cookies. The information provided to us is in form of aggregated statistics from where a single visitor cannot be identified.
You can find out more about Leadfeeder’s data protection policies at https://www.leadfeeder.com/privacy/.
We rely on digital services provided by external service providers when processing personal data. Such services are subcontracted in terms of the GDPR and include e.g. email, data storage, website hosting, digital co-working space, service management platform, email marketing platform, CRM, webinar platform, etc. These services are governed by separate service agreements between us and the service provider, and we remain responsible for the personal data processed through them as data controllers.
We share our website visitor data collected through 3rd party cookies to Google, LinkedIn and Leadfeeder who may use it for their own online marketing purposes. This is based on your voluntary cookie consent (learn more about cookies in section 3).
We do not share your personal data with other commercial partners.
Your personal data is regularly stored within the EU. Some of our service providers may exceptionally transfer information classified as personal data to server locations outside of the EU, namely to the USA or Australia. These transfers are, however, always governed by appropriate safeguards, such as the standard contractual clauses approved by the European Commission.
We retain the information necessary for the management of our customer relationship for the period of our agreement with our customer and 12 months after the termination of our contract to ensure proper performance of our obligations.
Our prospective customers’ information is stored as long as our communications or negotiations are active and 12 months after that.
Event registration data is retained for 12 months after the event, except for the dietary requests / allergies, which are deleted after each event.
We are obliged under the law to keep certain billing and other financial information, which may include personal data, for the period of 10 years.
We retain customer feedback, including complaints and claims, for the period of the claim’s expiry defined by law or our contract for the protection of our rights and to be able to troubleshoot reported problems. We also keep the contracts and other communications between us related to the services indicated in the feedback/claim/complaint for the same period.
Cookie expiry times are explained in section 3.
Data subjects have the following rights under the GDPR:
Right to access your information: You have the right to know what information we have and process about you and may request us to provide you access to this data.
Right to rectification: You have the right to request incorrect or incomplete information about you to be rectified.
Right to erasure or restriction: You have the right to request your data to be erased when the processing of your personal
data is no longer necessary and in certain other situations provided for in the GDPR. If we have a right to deny your demand of erasure, or if the retention of your personal data is necessary for the investigation of your claim otherwise, you have the right to require for the restriction of its processing from us.
Right to objection and right to withdraw consent: you have the right to object to the use of your personal data for profiling and direct marketing, as well as processing of your personal data when it is based on our legitimate interest. If our processing of your personal data is based on your consent, you have the right at any time to withdraw such consent.
You may object to our email marketing or withdraw your consent by clicking the unsubscribe-link provided at the bottom of each email communication.
With respect to telemarketing you may object to it and ask us to remove your contact information on the phone when we call you or otherwise by contacting our customer service.
Right to data portability: If our data processing is based on your consent or a contract between us, you have the right to receive a copy of the personal data you have provided to us yourself in a structured machine-readable format.
Right to lodge a complaint with the supervisory authority: Finally, if you feel that your rights have not been respected in connection with our data processing procedures, you do have the right to lodge a complaint with the national supervisory authority. However, before doing so we would kindly ask you to contact us and voice your concern so that we may try to find a solution together.
The national supervisory authority in Finland is the Finnish Data Ombudsman’s Office (“Tietosuojavaltuutetun toimisto”): https://tietosuoja.fi
If you have any questions regarding our privacy practices or would like to exercise your rights explained above, please contact us at firstname.lastname@example.org.
We act as data controllers with respect to the personal data described above. In addition to the data processing described in this notice, we may also have access to or otherwise process personal data on behalf of our customers when providing our services. In the latter case, please primarily contact our customer organization, who is the data controller when using our services.
Our official details are:
Business ID: 2657499-3
Tel. +358 20 7870 220