Privacy Policy
Data Controller
Web1 Oy (Referred as “Web1“, “we“, “us“)
A Finnish limited liability company with business ID: 2988533-2
Address: Latokarinkatu 3, 20200 Turku, Finland
Phone: +358 20 778 0730
Website: https://web1.fi
Contact: [email protected]
Introduction
This privacy policy informs you why and how we process your personal data and how we respect your privacy. This policy applies to you if you are:
- Customer or a representive of Web1’s customer (“Customer”)
- Use our services (“User”)
- Potential prospect customer (“Prospect customer”)
- A business partner of Web1 (“Partner”)
- Visitor on our websites (“Visitor”)
This Privacy policy only covers personal data processing carried out by Web1. This policy does not address, and we are not responsible for, the privacy practices of any third parties. This applies also in cases where our services or websites include hyperlinks to third parties’ websites.
Please note that this Privacy policy applies to processing of personal data carried out by Web1 as a data controller. As regards any personal data that our Customers or Users store in or upload to our service, we process such personal data on behalf of our Customers as a data processor. This means that the Customer (or their end-customer, as the case may be) is considered as the data controller with respect to such personal data.
The collected personal data and the sources of data
Customers
When you sign up for our services either online or by agreement with us, we ask you to provide
- Contact information (name, email, phone number, address, user name, job title, employer/company name)
- Billing information (address, email, electronic billing information if applicable, credit card details if applicable)
We process the following data in relation to the service provision:
- Information about the customer relationship, such as the contract between us, start and end dates of customer relationship and details of the services ordered;
- Billing information, such as credit card details, invoicing, bank account information, payments made, outstanding payments
- All your interactions with us, such as communication with our Support or Sales Teams, contact requests, feedback and complaints
Please note that if you do not provide all the personal data we may reasonably request, we may not be able to provide our services to you.
If you participate in our webinars or events, we may process additional information about your attendance, such as your interest in the webinar/event topic, and any information that you provide us in connection with the registration (for example your dietary requirements).
Users
We collect two types of data from the Users:
- User data
- Technical data
Although technical data is not meant to identify individuals, sometimes individuals can be recognised from it, either alone or when combined or linked with user data. In such situations, technical data can also be considered to be personal data under applicable laws and we will treat the combined data as personal data.
Primarily the user data is received directly from Users when they register to the service or otherwise at the beginning of and during the customer relationship. We collect and process for example the following type of user data about the Users:
- Name & contact details
- Email address
- Phone Number
- Credit card details and/or other billing data such electronic invoicing information or billing address
- Invoicing and billing infomation
- Other personal data users provide themselves for example when they communicate with our support team
Please note that if you do not provide all the personal data we may reasonably request, we may not be able to provide our services to you or the Customer you represent.
We use cookies and other analytics technologies to collect and process the technical data when Users interact with our service through websites. You can control and inspect the technical data collected at our cookie policy page
This helps us to improve our services and better serve our Customers and Users. We also use cookies that make the use of the service easier, for example by remembering usernames, passwords and preferences, and to enable certain functions of the website, such as support chat. We may use website analytics to compile technical data and reports on the usage of our services to help us improve our services.
Prospect customers
We are continuously prospecting new customers and generating sales leads. We may create profiles of Prospect Customers and contact them to provide relevant information about our services, to schedule meetings, or to invite them to a webinar or event hosted by Web1.
For this purpose, we processed the following personal data:
- Basic contact details of prospect customers such as name, email address, job title, company name
- Any communication and interaction between us such as messages or contact requests
- Your intrests and/or participation to our webinars and events
- The information you may provide to us in connection with registration to our events (for example dietary requirements)
Source of this information:
- From you directly (eg. when you submit a contact request form)
- Through your interaction with us or Web1 website (eg. when you download a whitepaper or open a newsletter)
- From public resources such as Linkedin or other social media
- From external service providers who generate sales leads
Partners
We collect personal data of the representatives of our Partners to manage the partner relationship.
We process basic contact information, such as
- Name
- Job title
- Employer / Company Name
Data is used to contact our partners and provide them relevant information about our services, to schedule meetings, or to invite them to webinars or events hosted by Web1. We also process personal data relating to any interactions the Partners may have with us, such as communications with our partner team via email or submissions through our contact forms.
Personal data of Partners is primarily received directly from the Partners. We may also search potential new Partners from publicly available sources, such as LinkedIn, and contact them.
Visitors
We collect personal data of our website Visitors with the help of cookies. Cookies that are not necessary for the provision of the website are created and stored on the basis of the consent given by the Visitor. Visitors can change their consent settings at any time from our “Cookie Policy” page.
Purposes and Legal Grounds
Customers and Users
We process personal data to be able to offer the services to our Customers and Users and for managing our relationships with Customers and Users. This includes, for example, managing user credentials to provide access to the service and facilitating transactions and payments. If a Customer or User contacts our Support Team, we will use the personal data for communication and solving possible issues with the service.
To manage the customer relationship with our Customers, we process basic contact information of our Customers and/or their representatives so that we may contact the Customer to provide them relevant information about our services, advertise new features and products, to schedule meetings, or to invite them to webinars or events hosted by Web1.
We process the personal data regarding the use of our services to improve the quality of our services and for research and analysis purposes. When possible, we will do this using only aggregated, non-identifiable data.
Legal grounds
The above described processing of personal data is based:
- On our legitimate interests to run and manage our business, to provide the services Customers have ordered, to run, improve and develop our services, and to promote our services.
- On our contractual obligations to provide the services to our Customers.
- In some cases, on your consent (e.g. subscribing to our newsletter).
- On our legal obligations (e.g. our obligation to report criminal activities to the law enforcement).
Prospect customers
We process personal data of Prospect Customers to sell, market and promote Web1 services, and to improve our brand reputation and recognition. We may create profiles of Prospect Customers by ranking them based on their interest in various topics relevant to Web1, such as data security or certain product features. The ranking of Prospect Customer profiles is influenced by interactions with our website, communications with us (e.g. opening a newsletter), registration to webinars or events hosted by Web1, and input by our sales and marketing teams. The processing does not involve automated decision-making.
Legal grounds
The above described processing of personal data is based on our legitimate interests to sell, market and promote our services and brand.
Partners
We process personal data of Partners to manage and develop our business partnerships and to communicate with our Partners. We may contact Partners to provide them relevant information about our services, to schedule meetings, or to invite them to webinars or events hosted by Web1.
Legal grounds
The processing of personal data is based on our legitimate interests to market and promote our services and to improve and develop our service offerings.
Visitors
We process personal data of our website Visitors in order to provide the website and to analyse its usage, e.g. to understand how the Visitors interact with the website and to gather analytics on the number of visitors and their geographical location.
Legal grounds
The above described processing of personal data is based on:
- Our legitimate interest to provide and maintain our website
- Your consent (e.g in case of non-essential cookies)
Data sharing
We may share the personal data with third parties in the following circumstances:
For provision of services, and managing and developing the customer relationship
We share personal data of our Customers, Prospect Customer, Users and Partners with third-party service providers to the extent necessary to provide our services, to manage the customer relationship and to promote Web1 services (data storage, analytics, sales, marketing and customer support services). While the customer database is hosted on Web1’s own servers within the EU, we use third-party tools for example to facilitate credit card payments and manage the communications between our Support Team and the Customers and Users. We have taken appropriate contractual and organisational measures to ensure that the personal data is processed exclusively for the purposes allowed by Web1 in a secure manner and in accordance with all applicable laws and regulations.
For legal compliance
We may share the personal data with third parties to comply with our legal obligations:
- When we have a good faith belief that we have to disclose the information in response to lawful requests by public authorities or law enforcement requirements, or legal process (for example, a court order, search warrant or subpoena).
- To satisfy any requirements of applicable laws or regulations.
- Where we believe that any of our property, equipment, data, technology, or other assets, are being used in illegal activities or committing a crime, including to report such criminal activity to the law enforcement, and other security precautions; and to detect, prevent, or otherwise address fraud, security or technical issues.
- When we have a good faith belief that there is an emergency that poses a threat to your health and safety, to ours or to another person’s health and safety, or the general public.
Where possible, we will inform you in advance about such disclosure and processing.
For other legitimate reasons
We may share the personal data with third parties if we have a legitimate reason for it:
- To ensure complementary service offering for our Customers and to be able to respond to tenders, we may share personal data of Customers with our business partners.
- In case that Web1 undertakes efforts to engage in a business transition like a merger with or acquisition by another company, or sale of all or part of its assets, we may disclose or transfer relevant information we have, including personal data, to the prospective sellers or buyers in the transaction.
With your explicit consent
We may share personal data with third parties for other reasons than the ones mentioned above when we have your explicit consent to do so. You have the right to withdraw this consent at all times.
All of our affiliates and third-party service providers are required to take appropriate security measures to protect your data and they may only process personal data for the purposes mentioned in this Privacy policy and in accordance with our instructions
Embedded content from other websites
Retention
Web1 does not store personal data longer than it is legally permitted and what is necessary for the purposes described in this Privacy policy. The storage period depends on the nature of the information and the purposes of processing.
Customers and Users
we will store personal data for as long as the Customer or User is a registered user of our services. We may retain the personal data longer if it is required by law or authorities’ orders, if we have reasonable grounds to believe that it is necessary for investigations relating to illegal or criminal activities or breach of our Terms of Service, and if we need to retain the personal data for internal reporting and reconciliation purposes.
Partners
We retain the personal data for as long as the partner relationship continues and thereafter for as long as we may need it for internal reporting and reconciliation purposes or to initiate or defend against legal proceedings.
Prospect Customers
We retain the personal data for as long as you remain a potential customer of Web1. We review our prospective customer database regularly to ensure that the personal data remains relevant and accurate.
Visitors
You can delete the cookies stored on your device at any time through your browser settings.
What rights you have over your data
You have always the right to:
- Obtain confirmation as to whether or not personal data concerning you are being processed, and, where that is the case, access to the personal data.
- Request an electronic copy of the personal data for portability.
- Have incorrect, imprecise, incomplete, outdated, or unnecessary personal data we have collected about you corrected or completed.
- Request restriction of processing of your personal data in the circumstances referred to in Article 18 of the GDPR.
You have also the right to:
- Request erasure or deletion of your personal data. Web1 will always respond to your request and inform you whether your personal data will be deleted, or retained despite your request, including reasoning behind the retention.
- Withdraw your consent at any time, where the processing of your personal data is based on your consent.
Where the processing of your personal data is based on Web1’s legitimate interest, you have the right to:
- Object to the processing of your personal data in the circumstances referred to in Article 21 of the GDPR.
Please note that if you request deletion of or restrictions to the personal data we process about you, we may not be able to provide our services to you.
Direct marketing
Notwithstanding any consent granted beforehand for the purposes of direct marketing, you have the right to opt-out of receiving electronic direct marketing communications from us by using the unsubscribe possibility offered in connection with any direct marketing messages.
Regardless of your possible opt-out, we will use the Customers’ and Users’ email addresses to send occasional communications regarding updates to our services or important information regarding the Web1 infrastructure.
Lodging a complaint
You have the right to make a complaint at any time to the supervisory authority in your country of residence. The relevant supervisory authority overseeing Web1 Oy is The Finnish Data Protection Ombudsman. We would, however, appreciate the chance to deal with your concerns before you approach any supervisory authority.
Security
We have physical, technical, and organisational measures and procedures in place to safeguard and secure the personal data we collect and process. The measures include, for example, where appropriate, encryption, firewalls, secure facilities and managing access rights to systems. Our security controls are designed to maintain an appropriate level of data confidentiality, integrity, and availability. We regularly test our websites, data centres, systems, and other assets for security vulnerabilities.
However, please remember that you as a Customer or User are responsible for the confidentiality and security of the credentials and passwords used to access Web1 services. To protect your account with an extra layer of security, we encourage you to enable two-factor authentication (2FA).
Updates
We may update this Privacy Notice from time to time by publishing a new version on our website. If we plan to introduce material changes, we will inform you about it in advance.