General Privacy Statement
Scope
This General Privacy Statement (“General Privacy Statement”, “General Statement” or “Statement”) is issued on behalf of companies in Accountor Software Business, that consists of different legal entities operating in several countries. The entity who will control for your data is dependent on the situation where your personal data is processed.
Company in Accountor Software Business that you are interacting with in the specific situation, for example Software Company that has a contractual relationship with you, or with a company you represent, or Software Company you are visiting with make decisions about your personal data (act as data controllers in relation to you).
You may find contact details of the data controller in your specific situation as well as contact information for data protection at the end of this Statement.
When Statement talks about “Software Company”, “we”, “us” or “our”, it refers to the company in Accountor Software Business responsible for the processing of your personal data.
This General Statement aims to give you information on how we collect and process your personal data, with whom data is shared, how long it is stored and what are your rights as regards personal data.
This Statement applies to the processing of personal data. Personal data means information that can be associated with you either directly or indirectly. Also data referring to an individual representing or acting on behalf of a company, e.g. a managing director, is personal data. A company information that does not relate to any natural person is not personal data.
As Software Company processes personal data in different situations and related to several stakeholders, we have prepared some accessory statements that supplement this General Statement and provide more detailed information in the given situation. These specific statements can be found by clicking on the applicable headings provided. However, if there are any discrepancies between the General Statement and an accessory statement, the latter will primarily be determinative.
Collection of personal data
We may collect your personal data through different means. You may yourself provide information through direct interactions with us or data may be generated when you use our services. In addition, we may create data based on information we have about you. Your personal data may be obtained also from other Software Companies or external third parties, including publicly available sources.
We may combine the data collected about you from publicly available sources, and from our different interactions with you in connection with e.g. service provision and marketing communication.
You are not required to provide any personal data to us, but the consequences of your choice may vary depending on the circumstances. For example, it is possible that we will not be able to provide our service to you or act in accordance with your request.
Personal data categories
We process different kinds of personal data about you depending on the situation. The categories and scope of data is always limited to what is necessary for the purposes it is processed for. Categories of personal data in a given processing situation are detailed in a respective accessory statement.
We may also process personal data for statistical purposes, meaning that information is aggregated to the level where no natural person may be identified from the result. Such data is not considered personal data as this data cannot be associated with you.
As a rule, we do not process special categories of personal data like information about your health. However, in limited cases such data may be processed provided, that the processing is conducted in accordance with the applicable laws and you have been informed thereon.
Purpose and legal basis for processing personal data
We collect, process, and use only personal data, which is needed for operational purposes, efficient customer care and relevant commercial activities, including the processing of personal data for anonymising it.
We only use your personal data for the legitimate and explicitly defined purposes and do not process data in a manner that is incompatible with those purposes. Purposes of the processing in a given situation are detailed in a respective accessory statement.
We always have a legitimate basis for the processing of your personal data that is communicated to you.
We usually process your personal data for the performance of an agreement or contractual relation we have with you, or a company you represent, and us, or in order to enter into such relation.
We may process personal data in order to meet our statutory obligations e.g. in relation to accounting, to conduct sanction screening or to fulfil authorities’ (e.g. tax authority) requests as required by law.
Further, you may have consented to the processing of your personal data for one or more specific purposes. This is typical in activities conducted for promoting our business or services e.g., in marketing or social media campaigns. You will always be informed on the purposes of the processing with necessary details before asking a consent.
Personal data may also be processed based on our legitimate interest or those of a third party provided, that your fundamental rights do not override such interest. For example, we combine the data collected about you from different sources or process personal data to provide services, to develop our operations or in order to generate internal reports for management purposes. In these cases, the processing of personal data is based on our legitimate interest to ensure that our operations are effective and our offering is competitive, and that we have relevant information at hand to better understand our customers as well as to manage our operations.
Sharing and disclosures of personal data
We may share your personal data with other Software Companies within the limits of applicable laws and for the purposes indicated in this Statement, including development of services, and marketing their products and services to you. Personal data may be shared between Software Companies for internal administrational purposes, for example, as part of our reporting activities on company performance and for the purposes of using centralized solutions e.g. in the use and maintenance of information and communication systems and hosting of data. Sharing of personal data is based on our legitimate interests to enable and develop efficient business operations and customer relationship management as well as to inform our customers of relevant services of other Software Companies.
We may also disclose your personal data to third parties, when:
- permitted or required by law, e.g. to comply with requests by competent authorities or related to legal proceedings;
- our trusted service providers process personal data on behalf of us and under our instructions, or when we and our partner process personal data for jointly defined purposes under the Statement. We control and are responsible for such processing of your personal data.;
- when we acquire services from our service providers as part of internal processes (e.g. in a recruitment process), to conduct or support our business (e.g., social media campaigns) or to provide services to you. In these cases, our service provider is responsible for the lawfulness of the personal data processing.;
- we are involved in a merger, acquisition, or sale of all or a portion of our assets;
- we assess that disclosure is necessary to enforce or protect our rights, such as to respond to legal claims, to protect your safety or the safety of others, investigate fraud, or respond to a government request;
- there is a legitimate interest for the disclosure, such as we are organising a joint conference or event with a third party, provided, that we have informed you on such sharing; and
- you have consented into such disclosure, but only to parties the consent relates to.
Note that from time to time our service providers may use personal data processed on our behalf and in connection with service provision further for their own purposes independently such as for their service development, training artificial intelligence, statistics or to fulfill their legal obligations. Software Company strives to ensure that this further processing is not incompatible with the original purposes personal data is processed for. In such case the service provider in question is responsible for the lawfulness of the processing.
Transfers of personal data outside the EU or EEA
The personal data we process is located primarily in the EU or European Economic Area. We may, however, transfer your personal data outside these areas if our partner, or service provider, who processes personal data, is located fully or partly (e.g., for technical administration) in a third country. Personal data may also be transferred to third countries in situations, where this is required from the service provider under binding non-EU legislation.
In these cases, we will take necessary steps to provide appropriate safeguards for international data transfers and to the extent necessary implement supplementary measures for protection of personal data as required by applicable laws.
This means that
- personal data is transferred only to countries that have been deemed to provide an adequate level of protection of personal data by the European Commission (“countries with adequate protection”). For further details, see Adequacy decisions | European Commission (europa.eu)
- with a service provider that is based outside countries with adequate protection, or which is otherwise not in a scope of the Adequacy decision, we will use specific contract clauses approved by the European Commission and implement necessary technical, organisational, or contractual supplementary measures to ensure that personal data has the same protection as in EEA. For further details, see Standard Contractual Clauses (SCC) | European Commission (europa.eu)
In limited cases, e.g., when you participate in Software Company’s marketing or social media campaigns, the transfer of personal data to a third country may be based on your explicit consent. In such cases you will be provided details on the transfer and related risks beforehand.
You will find contact details at the end of Statement, if you want further information on the specific mechanism used by us when transferring your personal data outside the EEA.
Retention of personal data
Your personal data is retained only for as long as necessary to fulfil the purposes it is processed for, including for the purposes of satisfying any legal, accounting, or reporting requirements and as defined in this Statement.
We have defined retention periods to all personal data we have on you. When defining such periods, we have considered various factors such as the nature and sensitivity of personal data and the purposes the data is processed for.
Your personal data processed based on a contractual relationship with you, or a company you represent, are stored, as a rule, for the duration of the contractual relationship or as long as the provision of the services requires. After our relationship or service provision has ended, we typically store personal data that are necessary to protect our legitimate interests e.g., enabling response on requests or claims under applicable provisions concerning statute of limitations, or we may store your personal data, to the extent necessary, in order to respect your request not to receive direct marketing from us.
Personal data processed based on legitimate interests are processed as long as there are grounds for their processing. If you object such processing, data will be erased after your request has been validated. An example of this kind of processing falling within the scope of legitimate interest is direct marketing.
If personal data is processed based on legal obligations, it is retained as long as required by law. Obligations to the storage of personal data are set, for example, by the Accounting and Money Laundering laws.
The storage time of personal data processed with your consent is determined according to the purposes of processing.
Your rights
Your rights and options as regard personal data depend on the purposes of the processing and on the situation.
The right to access – You have the right to receive confirmation of whether your personal data is processed, and if it is, to access the data. This enables you to receive information on how we process your data and a copy of the personal data we hold about you in our registers.
The right to rectify data – You are entitled to have your personal data rectified or, in certain cases, to have defective personal data supplemented.
The right to object to the processing – You are entitled to object to the processing of your personal data that is based on Software Company’s legitimate interest or those of a third party, if your particular situation overrides such interest. We may reject your request, if the processing is necessary in order to implement mandatory and legitimate interests. You are always entitled to oppose to the processing of your personal data for direct marketing purposes and for related profiling.
The right to data portability – You have the right to receive your personal data you have submitted to us for the processing based on your consent or the implementation of an agreement. In such cases, we will provide you, or a third party you have chosen, your personal data in a structured, commonly used and machine-readable format.
The right to be forgotten – You may ask us to erase your personal data where there is no valid reason for us continuing to process it. For example, if you consider personal data unnecessary for the purposes described above or you cancel the consent you have given.
The right to restriction of the processing – You have the right under certain circumstances to require Software Company to restrict the processing of your personal data. For example, for the period needed for verifying the accuracy of your personal data.
The right to give and withdraw your consent – If the processing of your personal data is based on your consent, you have the right to withdraw your consent at any time.
We may need to request specific information from you to help us confirm your identity and ensure that you are entitled to exercise your rights.
You can execute your rights by sending the above-mentioned requests to us. You will find contact details at the end of the Statement. If you think that the processing of your personal data is not appropriate, you have a right to contact Data Protection Supervisor in your country.
Information security
We maintain security measures (including physical, technical, electronic, and administrative measures) that are appropriate to protect personal data from loss, destruction, misuse, and unauthorized access or disclosure. For example, we limit access to personal data to those authorized employees and service providers who need to know the information in the course of their work tasks. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
Please be aware that, although we endeavour to provide appropriate security measures for personal data, no security system can prevent all potential security breaches. If a security breach occurs, we will inform you in accordance with applicable laws.
Changes to this Statement
We may update this Statement at any time, if required in order to reflect the changes in our data processing practices. You can find the latest version at our website.
The last update of this Statement was on May 20th, 2024.
Contact details:
If you have any questions regarding this Statement or the personal data we process about you, please contact us. You may find contact addresses below.
Companies in Accountor Software Business:
Parent company:
Accountor Holding Oy
Business ID: 2480336-9
Keilaniementie 1, 02150 Espoo, Finland
Software Companies for employment and worktime:
Accountor HR Solutions Oy
Business ID: 2776178-2
Åkerlundinkatu 11
33100 Tampere
Software Companies for financial management:
Accountor Finago Oy Accountor Finago AB
Keilaniementie 1 Hälsingegatan 49
02150 Espoo 113 31 Stockholm
0836922-4 SE 556942-4467
Accountor Finago ApS
Herlev Hovedgade 195
2730 Herlev
DK 35418105
Apix Messaging Oy
Keilaniementie 1
02150 Espoo
2332748-7
Ecom Oy Ecom Tilit Oy
Lemminkäisenkatu 34 Lemminkäisenkatu 34
20520 Turku 20520 Turku
0968083-1 2092247-5
eTasku Solutions Oy
Åkerlundinkatu 11 A
33100 Tampere
2487226-8
Isolta Oy
Keilaniementie 1
02150 Espoo
1854047-8
Contact email of Software Companies for financial management privacy@finago.com
Privacy Statement for Website Visitors and Website Cookies
Scope
This Privacy Statement for Website Visitors and Website Cookies (“Website Visitor and Cookie Statement”) describes how companies in Accountor Software Business collect and process your personal data and use cookies in relation to your use of their websites, such as this website or product or service specific websites (“Website”), in other words, when you
- visit the Website, or
- communicate or interact with us via the Website e.g. download material, subscribe to our newsletters, take part in a promotion campaign or give us feedback.
Please read this Website Visitor and Cookie Statement together with the General Privacy Statement, if necessary, before you visit our Website.
To read more about cookies, see the section Use of cookies in the processing in this Statement.
Collection of personal data
We collect your personal data through different means. Primarily, we collect and process data, which
- is provided by you when you communicate with us, e.g. via chat, or do business with us like subscribe to our newsletter, contact us requesting an offer or provide information to us through forms available at the Website;
- is generated when you visit our Website or use our services provided therein, e.g. when browsing, downloading brochures or searching information; and
- is obtained from publicly available sources or third parties, where permitted by applicable law, e.g. Trade Register or technical data from analytics providers, advertising networks and search information providers.
We may combine the data collected about you from publicly available sources, and from our different interactions with you e.g. via e-mail or Website activity.
You may decide not to provide any personal data, but that may affect to the functionality of our Website or we will not be able to execute certain activities you have requested from us.
Personal data categories
The personal data we collect and process in our Website includes the following categories of data:
- basic information, such as name, your title and relation to a company you represent and contact details (email, address and phone), or other identifiers;
- marketing and communication data e.g. your interests and preferences, selections, marketing permissions and prohibitions;
- your interaction and related records such as correspondence, your comments or responses to our surveys;
- personal data generated in connection with the use of our services or collected while visiting our Website through cookies or otherwise e.g. user IDs, passwords, authentication details, and how you use the Website or our services;
- technical data on browsing the Website e.g. login information, language, device ID and type, operating system, application settings as well as other data collected by means of cookies and similar technologies; and
- other data, which is based on your consent and defined in detail on a case by case basis.
We may collect and use for any purpose aggregated data, where no natural personal may be identified. Examples of such data are statistical data or demographic data collected in connection with the use of our Website.
Purpose and legal basis for processing personal data
We only collect and process personal data, which is needed for managing our relationship with you and for other relevant operational or commercial purposes, including the processing of personal data for anonymizing it.
Your personal data is processed for the following purposes:
1. RELATIONSHIP MANAGEMENT
The main purpose of processing personal data is to manage the relationship between us and you, or a company you represent, including managing and responding to your activities, asking your feedback or communicating with you. In these cases, our processing is based on the contract between you, or a company you represent, and us, or our legitimate interests to serve you based on your choices and provide you enhanced customer experience.
2. MARKETING AND ANALYTICS
We may market and inform you about our services. We may combine the data collected about you from publicly available sources, and from our different interactions with you. Further, your personal data may also be used for market research and customer surveys. Processing of personal data is based on our legitimate interest to collect and analyze relevant information to better understand our customers and develop relevant services.
Based on your consent we may store and access information, including personal data, on your device in order to create personalized ads profile and deliver relevant content at the Website (e.g. information and ads about our services) as well as to measure the effectiveness of the advertising. Respectively, your personal data may also be processed to develop and improve the Website, or for developing our own or our partners’ services.
3. WEBSITE ADMINISTRATION, INFORMATION SECURITY AND INTERNAL REPORTING
We process personal data to administer and maintain the Website, including hosting and delivering of content therein and for preventing faults and repairing thereof. Your personal data may be used to ensure the information security of the Website and any services provided, including prevention of possible frauds and relevant investigations. We may also generate internal reports for management purposes based on personal data. In these cases, the processing is based on our legitimate interest to operate business effectively and to ensure that the Website and provided services are appropriately protected. Our legitimate interest is also to collect and analyze necessary information to develop our operations e.g. functionality of the Website.
Based on your consent we may process personal data for measurement and reporting including statistical information about the use of our Website.
4. COMPLIANCE WITH THE LAW
We process your personal data in order to meet our statutory obligations e.g. to fulfil authorities’ requests based on the law.
5. OTHER PURPOSES YOU HAVE CONSENTED TO
We may process your personal data also for one or more specific purposes, if you have consented to such processing. Processing of data on browsing the Website and your preferences related thereto as well as sharing such data with nominated third parties is primarily based on your consent.
Use of cookies in the processing
We use cookies and other similar technologies (“cookies”) on our Website. Cookies are small text files placed on your device to collect and remember useful information, deliver relevant content, ensure the functionality of our Website and provide us information about the use thereof.
When collecting personal data through cookies we are committed to, and working to adhere to the principles of the IAB Europe Transparency and Consent Framework. You may find information about the Framework here.
Cookies may be placed by the Website indicated in a domain address, or with your consent by a nominated third party for the purposes, you have been informed about. Such third parties may be e.g. marketing networks, analytics or social media providers. Third parties may transfer data collected via cookies outside the EU or EEA.
Information on cookies used on a specific Website is available through Cookie Management Platform on each Website, where available. Click on the Privacy settings icon visible on the Website in question. We use following categories of cookies, which are described generally herein, on our Website:
STRICTLY NECESSARY COOKIES
These cookies are required for the Website to work and they cannot be disabled. They are usually only used when you access a site or use features that generate service requests, such as configure data protection settings, log in or use forms. You can set your browser to block these cookies or show an alert. However, some parts of the Website may not work if you do this. Processing of personal data is based on our legitimate interest to ensure functionality of the Website and its strictly necessary features.
MEASUREMENT AND ANALYTICAL COOKIES
Using analytical cookies enables us to track the number of users and traffic sources so that we can measure the effectiveness of ads and content provided at the Website. They help us to identify the popular and less popular sites as well as how the users move around the site or interact with ads and content. If you do not consent placing of these cookies, we won’t know e.g. when you have accessed our Website or which part you have visited.
FUNCTIONAL COOKIES
Functional cookies enable us to provide better and more tailored services, such as videos or a real-time chat or personalized ads. Data collected through functional cookies may also be used to improve the functionality of the Website or to improve or develop services provided. Such cookies may be set by us or a third party service provider, whose services have been added to our Website. If you do not accept such cookies, some or all of the features of the Website may not work properly.
ADVERTISING AND SOCIAL MEDIA COOKIES
These cookies have been set on our Website or in our services by our advertising partner or a social media service provider. They enable these companies to create a personalized ads profile of your areas of interest and show you adverts or social media contents accordingly. Sometimes, collected information may also determine the contents and messages you see on other sites. If you do not accept the cookies, you will not see tailored advertising on different websites or you may be unable to use sharing on social media.
Where available detailed information on specific cookies, strictly defined processing purposes and third party cookies is available in Cookie Management Platform, where your consent for placing the cookies is requested.
RETENTION OF COOKIES
Cookies remain on your device until they are expired or you delete them. The storage time for cookies on your device is divided into following two categories.
Session cookies
Session cookies are used to remember relevant settings of your browsing session. They are set per session, meaning that they last until you close your browser. Such cookies are not stored on the hard drive of your device.
Persistent cookies
Persistent cookies are typically used for targeted advertising or gaining insight on how you use our Website. Persistent cookies are stored on your hard drive in between browser sessions until you delete them or they reach their expiry date.
Information on retention time for each cookie is available through Cookie Management Platform on each Website, where available. Click on the Privacy settings icon visible on the Website in question.
MANAGEMENT OF COOKIES
You can accept or refuse cookies or change your earlier choices through Cookie Management Platform at our Website, where available. To view or change your consent regarding cookies, click on the Privacy settings icon visible on the Website in question.
You can always disable cookies or clear your cookie history for all visited websites from your browser settings. You can usually find the navigation settings relating to cookies in the “Options”, “Tools” or “Preferences” menus of the browser you use to access our Website.
Accepting cookies will enable you to get the best from our Website. If you refuse cookies, some aspects of Website site may not work on your device, and you may not be able to access all areas thereof.
To the extent applicable, we regularly request your consent for placing of cookies, and whenever there have been changes.
Third party links
The Website may include links to third-party websites, plug-ins and applications. You may manage third party cookies through your browser settings or, where applicable, in Cookie Management Platform at our Website. Clicking any other links or enabling those connections may allow third parties to collect or share data about you. These third parties typically base processing of your personal data on their legitimate interest. We do not control third-party websites and are not responsible for their data processing practices. Third parties may transfer the data collected via cookies outside the EU or EEA. Please check relevant information on third-party data processing from their websites.
Marketing communication
We send commercial e-mails that may include technologies (web beacons, cookies or similar) that allow us to know what you do with the message (open, read etc.) and links you may click. When you click a link in our marketing e-mail, we will also use a cookie to log what pages you view and what content you download from our Website.
You may control the use of your personal data for direct marketing purposes. You can ask us to stop sending you marketing messages by following the opt-out links on any marketing message sent to you or by contacting us at the email address mentioned at the end of the General Privacy Statement at any time. In such case, we will retain minimum amount of personal data to respect your choice in order to avoid contacting you again.
Please note that even though you opt-out of direct marketing, we may need to contact and communicate with you in connection with the other purposes your personal data is processed for.
Changes to Website Visitor and Cookie Statement
We may update this Website Visitor and Cookie Statement at any time, if required in order to reflect the changes in our data processing practices. The last update was on May 20, 2024.
Privacy Statement for applicants
Scope
This Privacy Statement for Applicants (“Applicant Statement”) describes how companies in Software Business (“Software company”) collect and process your personal data in connection with your job application and the recruitment process.
Please read this Applicant Statement together with Accountor General Statement, if necessary, before sending a job application or entering a recruitment process with us.
Collection of personal data
We collect your personal data through different means. Primarily, we collect and process data, which
- is provided by you in connection with the recruitment process e.g., when you provide your CV, fill out an application form or provide information about you in an interview;
- is generated during the process e.g., in an aptitude or personality test: and
- is obtained from publicly available sources or third parties, to the extent permitted by applicable laws e.g., from your referees, recruitment consultants, assessment companies or an external website that you have referred to, or use of which you have consented.
We may combine the data collected from different sources, e.g., from publicly available sources, and from your CV.
You may decide not to provide any personal data to us, but we may not be able to proceed the recruitment process with you.
Personal data categories
The personal data we collect and process includes the following categories of data:
- basic information, such as name and contact details (email, address and phone), and date and place of birth;
- information contained in your job application and cv as well as documents presented in that context, e.g., information about your education, previous work experience, qualifications, language skills and references;
- information collected and processed during the recruitment process, e.g., information about the progress of the recruitment process, notes concerning your application and possible interviews, information concerning possible personality assessment or aptitude tests, and references; and
- other data, which is based on your consent and defined in detail on a case-by-case basis such as information on credit checks or security clearance in accordance with applicable laws.
Purpose and legal basis for processing personal data
We only collect and process personal data, which is needed for recruitment purposes and evaluating suitability of the applicants.
Your personal data is processed for the following purposes:
1. MANAGING RECRUITMENT PROCESS
We collect and process personal data, which is needed for managing the recruitment process such as to handle job applications, to inform applicants about the progress of recruitment, to arrange interviews and to examine and test professional and personal capabilities. The legal basis for processing personal data is to take steps prior to entering into a possible employment contract at your request by submitting your job application to us.
2. SUITABILITY ASSESSMENT
We may process your personal data to assess your suitability for an open position by evaluating your working methods, personal characteristics and professional competence. Such processing is based on our legitimate interest to ensure successful recruitment and that necessary capabilities and competences required in the given position are fulfilled by an applicant.
Under specific circumstances and to the extent permitted by applicable laws, we may also process personal data based on your consent for a reliability assessment or security clearance or to perform appropriate personality and suitability assessment tests to ensure that the prerequisites related to the given position are met.
3. FUTURE RECRUITMENT PROCESSES
With your consent we may process your personal data for future open positions for a specified time period.
4. DEVELOPMENT OF RECRUITMENT PROCESS AND STATISTICS
We may process your personal data to improve our recruitment process. In addition, personal data may be processed for statistical and recordkeeping purposes. In these cases, the processing is based on our legitimate interests to improve our processes and to ensure collection of necessary information for HR management purposes such as reporting.
5. COMPLIANCE WITH THE LAW
We may process your personal data in order to meet our statutory obligations such as to fulfil authorities’ requests based on the law.
Consent withdrawal
If you have provided your consent to the collection and processing of your personal data in connection with the recruitment process, you have the right to withdraw your consent for that specific processing at any time. If you wish to withdraw your consent, you may contact the recruitment channel used in the given process or by contacting us at the email address mentioned at the end of the General Privacy Statement at any time.
Changes to Applicant Statement
We may update this Applicant Statement at any time, if required, in order to reflect the changes in our data processing practices. The last update was on May 20, 2024.
Privacy Statement for Customers and Business Stakeholders
Scope
This Privacy Statement for Customers and Business Stakeholders (“Stakeholder Statement”) describes how companies in Accountor Software Business (“Software Company”) collect and process personal data in following contexts:
- marketing and sales of services;
- customer agreements and customer management;
- provision and use of services (e.g., access rights management)
- acquiring services, vendor agreements and vendor management;
- co-operation activities and stakeholder management;
- sales opportunities and management thereof; or
- events organized by the Software Company and management thereof.
Please read this Stakeholder Statement together with General Privacy Statement, if necessary, before you start using our services or engaging in business with us.
Collection of personal data
We collect your personal data through different means. Primarily, we collect and process data, which
- is provided by you when you communicate or do business with us, e.g. in connection with entering into a contract or in the process of knowing customer (Know Your Customer), when you buy our services or contact us for providing services, visit our premises or participate in our marketing or social media campaigns or other events;
- is generated in different contexts e.g., when using or logging into our services, performing various transactions (e.g., paying bills) and making entries or participating an event organized by the Software Company; and
- is obtained from other companies in Accountor Software Business, publicly available sources or third parties, where permitted by applicable laws, e.g. information obtained from the company you represent or with which you are otherwise connected to, from the Trade Register or other official registers, the Business Information System or other similar publicly available databases such as financial sanctions and the asset freezing registers.
We may combine the data collected from different sources, e.g. from publicly available sources, and from our different interactions with you e.g. in connection with entering into a contract or related to service provision and events.
You may decide not to provide any personal data to us, but that may complicate or prevent us doing business with you, or a company you represent, or executing certain activities you have requested from us.
Personal data categories
The personal data we collect and process includes the following categories of data:
- basic information, such as name, title and your relation to a company you represent and contact details (email, address and phone), nationality and language preferences;
- information relating to our relationship, such as service and order details, contract information, payment details, billing information or information related to your visit at our premises (such as surveillance camera footage, vehicle license plate number);
- Information related to knowing the customer as required by applicable legislation, such as identification information, information on right to represent the company, basic information about the customer and related representatives, responsible persons and actual beneficiaries (including their personal identity numbers), as well as information whether some of the above persons or any individual otherwise closely associated with is to be categorized as a politically exposed person and the basis thereto, and sanction register information;
- marketing data, e.g. product preferences, marketing permissions and prohibitions;
- your communication and interactions with us as well as generated records and material, such as correspondence, service requests, call recordings, your contribution to our campaigns (video, audio or other material e.g. content in social media) and events organized by us as well as entries on the use of individual’s rights;
- service-related information, e.g. user IDs, passwords, and other authentication credentials as well as data generated in connection with service provision e.g., login information, and how services are used;
- project related data, such as resourcing, assignments and hour bookings; and
- other data, which is based on your consent and defined in detail on a case by case basis.
We may collect and use for any purpose aggregated data, where no natural person may be identified. Examples of such data are statistical data or demographic data collected in connection with service provision or events organized by us.
Purpose and legal basis for processing personal data
We only collect and process personal data, which is needed for conducting our business, establishing and managing our business relationships and for other relevant operational or commercial purposes, including the processing of personal data for anonymizing it.
Your personal data is processed for the following purposes:
1. SALES AND CUSTOMER RELATIONSHIP MANAGEMENT
We will process your personal data to sell our services and to manage customer relationship between us and you, or a company you represent, including entering into a customer relationship and for customer support, invoicing and contracts. In these cases, our processing is based on the contract between you, or a company you represent, and us, or our legitimate interests to manage our customer relationship and to serve you based on your choices.
2. ACQUIRING SERVICES, COLLABORATION AND BUSINESS RELATIONSHIP MANAGEMENT
When acquiring services or in connection with collaboration projects, we may process your personal data to manage business relationship between us and you, or a company you represent, and related interactions, including managing invoicing, reporting and contracts. In these cases, our processing is based on the contract between you, or a company you represent, and us, or our legitimate interests to acquire services necessary for conducting our business and to collaborate with our selected partners as well as to manage associated business relationships.
3. SERVICE PROVISION
In connection with service provision we may process your personal data for offering and delivering services to you or the company you are representing, as well as to manage our projects and field operations, including access rights management, customer assistance and support, service requests and fault repair, invoicing and reporting. In these cases, our processing is based on the contract between you, or a company you represent, and us, or our legitimate interests to manage our service provision, projects, deliveries and field operations appropriately.
4. COMMUNICATION, MARKETING AND RELATED ANALYTICS
We may process personal data for marketing and informing you about services the companies in Accountor Software Business are offering or about them as a company. Such processing may also relate to producing material or content for marketing or social media campaigns. Your personal data may also be used for market research and customer surveys. In addition, personal data may be used for analytics in order to develop and improve customer or user experience, or our own or our partners operations. We may combine the data collected about you from publicly available sources, and from our different interactions with you. Processing of personal data is based on the contract between you, or a company you represent, and us, or our legitimate interest to have relevant information at hand to better understand our stakeholders, e.g. customers, and to promote our services and to develop our operations.
You may object to the processing of your personal data for direct marketing at any time (please see General Privacy Statement section of “Your rights”).
5. SERVICE DEVELOPMENT, INFORMATION SECURITY AND REPORTING
Your personal data is processed to ensure the quality and information security of our services. Further, we may process personal data for analyzing and developing our services and operations such as to create new features to our products, automate our operations, train artificial intelligence or to improve our processes as well as for statistical purposes e.g. for managing our business. In these cases, the processing is based on our legitimate interest to ensure that our services have an adequate level of information security and to provide our services effectively by utilizing available technologies as well as to assure competitiveness of our services and operations.
6. ENFORCEMENT OF OUR LEGAL RIGHTS AND COMPLIANCE WITH THE LAW
We may also process your personal data for the purpose of investigating misconduct and for protecting, defending, or enforcing our rights in official procedures or disputes, such as for demonstrating compliance with our contractual obligations or responding to legal claims. In these situations, the processing is based on our legitimate interest being able to demonstrate compliance of our operations and protect our rights in an appropriate manner.
Legislation regarding the prevention of money laundering and terrorist financing obliges us to identify our customers and to find out information about their business and the ownership of customer company, e.g., to identify politically exposed persons or persons subject to financial sanctions as well as actual beneficiaries of the customer company. We may process your personal data in order to fulfill also other statutory obligations such as to respond authorities’ (e.g. tax authority) requests based on the law.
7. OTHER PURPOSES YOU HAVE CONSENTED TO
We may process your personal data also for one or more specific purposes, if you have consented to such processing.
Marketing communication
We send commercial e-mails that typically include tracking technologies (web beacons, cookies or similar) that allow us to know what you do with the message e.g., whether you open the message or click any links. When you click a link in a marketing e-mail you receive from us, we will also use a cookie to log what pages you view and what content you download from our Website.
You may control the use of your personal data for direct marketing purposes. You can ask us to stop sending you marketing messages by following the opt-out links on any marketing message sent to you or by contacting us at the email address mentioned at the end of the General Privacy Statement at any time. In such case, we will retain minimum personal data to comply with your choice in order to avoid contacting you again.
Please note that even though you opt-out of marketing, we may need to contact and communicate with you in connection with the other purposes your personal data is processed for, e.g. in connection with service delivery or due to price changes.
Changes to Stakeholder Statement
We may update this Stakeholder Statement at any time, if required in order to reflect the changes in our data processing practices. The last update was on May 20, 2024.