1. Data Controller

Contact information of the company in charge of the personal data register

Dista Oy (later Dista)
Näsilinnankatu 25 B 202
33200 Tampere

Helena Tirinen
+358 40 833 5492
helena.tirinen@dista.fi

2. Data Registered

Dista registers data from the following groups of people:

• Customers
• Potential customers
• Website users
• Corporate contact persons

Dista handles personal & contact data solely for the purpose of business-to-business communication, sales and marketing.

3. The Purpose and Grounds for the Processing of Personal Data

Customers

Purpose of processing data: Enabling communication necessary for customer service and maintenance of customer relationship.
Ground for processing data: Controller’s legitimate interests.

Potential customers and website users

Purpose of processing data: Contact requests through the website, newsletter sign-ups and enabling communication necessary for customer service purposes.
Ground for processing data: Controller’s legitimate interests.

Contact persons of companies

Purpose of processing data: Offering Dista’s services, contacting companies, direct marketing, distance selling, statistics.
Ground for processing data: Controller’s legitimate interest.

4. Content of the Register

The register may contain i.e. the following information:

• Name
• Title / role
• Phone number
• Email address
• IP address

Personal data is used to provide our services i.e. for the purposes of:

• Informing the customers
• Targeted marketing used in the services for our customer
• Customer relationship management
• Exchanging information on customer relationships
• Distance selling
• Direct marketing
• Statistics and analysis of sales actions taken

5. Data Processing Period

Personal data is processed as long as it is necessary for the purpose of customer transactions and customer service. Thereafter, the processing of data is determined by whether it subject to a retention regulation other than data protection law.

The data of corporate contact persons are used and stored until found to be either out of date or erroneous, after which said data is either updated or deleted.

We record the information in the register as we obtain it from the registree themselves or from registers acting as a source of information. The information is updated according to what the registree themselves informs to the data controller or as the business register used as the source is updated.

You may remove yourself from our marketing register at any time through the opt out link found in the emails. We delete unnecessary personal data every six (6) months.

6. Your Rights

You have the following rights, which you may request by contacting info@dista.fi

Right to Access and Rectification
You have the right to review the personal data we have collected about you. In case you notice incorrect or incomplete information, you may ask us to correct or complete the information.

Right to Object
You have the right at any time to object to the processing of your personal data if you feel that we have unlawfully processed your personal data or that we have no right to process some of your personal data.

Direct Marketing Restriction
You have the right at any time to prohibit us the use of your data for direct marketing purposes.

We perform online marketing and advertising i.e. through the services of Google and Facebook. However, these companies are never given your personal data by us and it is not considered direct marketing. Online marketing is based on the cookies collected by our browser, which is describer more in detail in the part of Cookie usage.

Right to Erasure
You have the right to ask us to delete your personal data in case you experience that processing your data is not necessary for our operations. We will process your request, after which we either delete your data or inform you the reason for why the data cannot be deleted. In case you are not satisfied with the decision, you may contact the data protection supervisor, see detailed contact information here.

Right to Lodge a Complaint
You have the right to lodge a complaint to the data protection supervisor in case you experience that by processing your personal data we are in breach of the valid data protection legislation (instructions for filing a complaint).

Please note that we require the verification of your identity when requesting the deletion or verification of your personal data to prevent fraud or abuse.

7. Regular Data Sources

The personal data of potential customers are obtained with their consent in the context of a website visit or through any other form of personal or digital interaction. In addition, we collect personal data from the registree themselves as well as from the register owner’s systems when using and producing the services.

Moreover, personal data may be collected and updated from business partners’ and customers’ registers, from Suomen Asiakastieto’s register as well as other similar publications and public or private registers and information sources.

8. Disclosure of Data

Dista hands over the data of corporate contact persons to its customers to enable the organisation of business-to-business meetings i.e. in the form of contact lists and calendar invitations. The data ownership is not transferred to third parties but third parties have the right to use the data to create and collect its own records and to carry out communications related to its business.

We have made sure that all our service providers comply with the data protection legislation. We regularly use the following service providers:

• Hubspot
• MailChimp
• Leaddesk
• Google (Gmail)
• Microsoft (Azure and PowerBI)
• Gapps

9. Data Transfers Outside the EU

Whenever possible, we have chosen to store your data in servers or data centers located in Europe.

Some of the service providers mentioned above may provide their services or back up data from their servers outside the EU/EEA to the United States of America. The data is backed up so that your data is protected even in the event of services being interrupted, denied from access or technical problems with the servers or network connections.

10. Principles of Register Protection

The appropriate processing of your personal data is important for us and we want to comply to the new data protection regulation. We use the following safeguards to ensure the security of your data.

• In order to access our systems, a username and password are required. The systems are protected by firewalls and other technical means.
• The information in the register stored in our systems shall be accessible and authorized only to the employees of the controller who, by reason of their duties, have a need to access the information.
• Access to the registers is protected by user-specific logins, passwords and access rights.
• Registers are located in cloud services and in physical locations that only authorized personnel may access.
• The data in the registers are located in locked and guarded spaces.
• Registers are regularly backed up.

11. Cookies Usage

Dista’s website uses cookies. Our site sends to your browser a cookie, a small text file, that is saved on your computer’s hard drive. We use both temporary, session-specific cookies, which are deleted by the browser once you close your Internet browser as well as permanent cookies that are saved on your computer’s hard drive. Cookies allow us to identify the browser you are using and to use the information we receive to count site visitors and to analyze the use of our site, for example through statistical tracking and to offer you our services and products based on your previous visits on our site. Cookies allow us to view and track user interests and therefore to improve our website and its findability and so on.

Your internet browser most likely allows cookies automatically, but you can modify your browser settings and opt out of cookies at any time. You can avoid cookies by modifying your browser settings and disabling cookies. Please note that by disabling cookies may affect the functionality of our services and prevent you from using some of them.

Advertising cookies allow us to choose the most suitable and interesting ads, products and search results for you. Cookies also prevent the repeated display of the same ads. Some third-party services may also use cookies or web beacons (1 x 1 pixel image) to show you interesting ads when you are visiting other websites. The information collected through cookies and web beacons does not tell us or any third party any personal information about you, such as your name or contact information.

The site may also use technology to measure the impact of the ads. For this, we collect anonymous data with a one-pixel tag placed on our website. Through the collection of anonymous data about user visits on Dista’s website and other websites, advertisers are able to better design ads and services that may interest the user.

For more information about browser-based advertising targeting, visit the website of Your Online Choices.