Edenred Finland Oy’s Privacy Policy

09 May 2018


1. Data controller

Edenred Finland Oy
Business ID 1057825-2
Elimäenkatu 15, 00510 Helsinki
Telephone: (09) 7594 2848
E-mail: privacy-fi@edenred.com

We shall reply to any queries and feedback concerning the register latest within two business days.


2. Name of register

Edenred Finland Oy’s Customer and Marketing Register.


3. Purpose of use of the register data and data content

The collection of information and the purpose of use of the data in the register shall include the management, maintenance and development of the customer relationship between Edenred Finland Oy and the service user, planning and development of the company’s business operations as well as marketing of products and services. Furthermore, the implementation of the rights and obligations of the customer and the data controller, along with the processing of personal data as provided for under the Finnish Personal Data Act for purposes pertaining to online services, for research activities, focusing of the advertising and/or direct marketing of the data controller and/or of its co-operation partners through the data controller’s media and services.

The register may contain the following information:

–         Name (first name and/or surname)

–         E-mail address

–         Mobile and/or other telephone number

–         Organisation and position

–         Address details of the organisation

–         Log data

–         Cookies, pixels, IP details

–         Other information voluntarily provided by the person


4. Regular data sources of the register

Information for the register is obtained from Edenred Finland Oy’s customer information system, information provided by the customer and the service user themselves, from cookies and from purchased registers. As a main rule, the sources of addresses have been specified, in case they are other than the first-mentioned.


5. Regular disclosure of information and transfer of information outside of the EU and the EEA

Edenred Finland Oy shall not disclose the personal data of its customers to any third parties, unless so required by the actions of the Finnish authorities. Edenred Finland Oy mainly processes the personal data of customers and service users within the EU and the European Economic Area (“EEA”). However, in order to be able to provide, inter alia, services and directed communications, Edenred Finland Oy may from time to time have to disclose or transfer personal data also outside the EEA. These situations may include cases where Edenred Finland Oy’s subcontractors’ or their systems are located outside of the EEA. In such cases, Edenred Finland Oy shall always implement necessary legal safeguards to ensure the security and confidentiality of personal data in accordance with the applicable laws. The customer and the service user acknowledges and accepts such disclosures and transfers. Edenred Finland Oy shall, upon the request of the customer and of the service user, provide further information regarding such transfers and the legal safeguards applicable to same.


6. Principles for protecting the register

At Edenred Finland Oy, personal data is maintained confidential. Edenred Finland Oy has instructed its personnel participating in the processing of personal data regarding the correct processing of personal data and of the confidential nature thereof. We ensure the adequate expertise of the personnel and maintain expertise pertaining to the processing of information. Access to data processing is restricted to pre-designated persons whose work tasks require that they process personal data. Each designated user has a personal user ID and password. All of Edenred Finland Oy’s employees are bound by a confidentiality obligation either on the basis of legislation or separate confidentiality undertakings.

All manual material is retained in a locked space, and access to same is only granted to relevant persons. Appropriate access control has also been arranged for all of such spaces. The data network and hardware of Edenred Finland Oy and of its subcontractors (if any) housing personal data has been protected with a firewall, passwords and other appropriate technical measures.


7. Inspection right, correction of data, deletion of data and implementation of same

Everyone shall have the right to inspect the information concerning them as well as the right to demand the rectification of any erroneous information. Furthermore, everyone shall have the right to have erroneous, unnecessary, deficient or out-dated personal data from the point of view of the purpose of the processing corrected, erased or supplemented.

The correction, inspection or erasure of information may be requested by submitting a written information correction request to Edenred Finland Oy in the form of a document signed by the requesting person, or certified in another manner by contacting Edenred Finland Oy’s customer services. In some cases we may be compelled to request additional information in order to ascertain that the person requesting any actions is entitled to make such requests.

In the case of a customer relationship, we shall retain the information at least for the duration of the customer relationship. After the cessation, the retention period is dependent upon the information and the intended use thereof, any unnecessary information shall be deleted as soon as it becomes unnecessary. We comply with the statutory obligations in the retention of information.

The rights set forth under this section shall be available to the data subject as of the moment the application of the EU General Data Protection Regulation commences in May 2018.


8. Right to prohibit, retracting consent, restricting processing and implementation of same

Everyone shall have the right to prohibit the use of their personal data for direct marketing, market research and polls, professional registers and genealogy by contacting Edenred Finland Oy’s customer service in writing. In case the processing of personal data is based upon consent, the data subject shall additionally at any time have the right to retract their consent to the processing by informing Edenred Finland Oy’s customer service of same in writing.

In addition, everyone shall have the right to demand that the processing of their personal data be restricted, for instance in situations in which Edenred Finland Oy no longer has any basis for processing the personal data and they should essentially be deleted, but in lieu of deletion, the customer or service user wishes only to restrict the processing of the said data by Edenred Finland Oy. The data subject shall have the right to request the restricting of the processing of their personal data by contacting Edenred Finland Oy’s customer service.

The rights set forth under this section shall be available to the data subject as of the moment the application of the EU General Data Protection Regulation commences in May 2018.


9. Amendments to the Privacy Policy

Edenred Finland Oy reserves the right to amend this Privacy Policy by announcing the amendments on Edenred Finland Oy’s website. Please review the content of the Privacy Policy on a regular basis.


10. Availability of the Privacy Policy

The privacy policy devised by Edenred Finland Oy, is made available to everyone on Edenred Finland Oy’s website at www.edenred.fi