First of all, thank you for your interest in Sormat products and services. Also during the use of our internet presence, the protection of your personal data is important to us. Personal data is all data personally relating to you, for example name, address, e-mail address. All personal data entered on the Sormat website (www.sormat.com) will be stored, processed and, if necessary, passed on to trusted Sormat partner companies, solely for the purpose of providing personalised service, product information or special offers and relevant news to the user.
With the following information, we would like to inform you about the nature, use, purpose and limitation of the data processing. SORMAT assures that our collection and use of your data is carried out in accordance with the relevant data protection regulations and laws.
This policy describes the privacy practices on our websites. By “websites” (or “sites”) this description refers to groups of pages within the sormat.com domain.
Some cookies are required for proper functioning of the site or for security reasons, and are always set. For the sake of keeping this document relevant, such essential cookies are not discussed herein.
- We do this to improve your experience on the sites, and to be better able to market our products and services to you.
- The specific set of technologies used varies depending on the product, service, and site you are interested in or use.
- We have a culture of respecting your privacy.
- We need to process certain data to provide you with our services.
- Whenever feasible, we make your data anonymous or near-anonymous.
- We know security
Description of file in accordance with the Personal Data Act (523/1999), § 10
- File controller
Business ID: 17077231
Harjutie 5, 21290 RUSKO, FINLAND
Tel. +358 20 794 0200
- Contact information of the controller’s representative
Marketing Manager Erkka Nevala, erkka.nevala (at) sormat.com, tel. +358 20 794 0200
- Name of the file
Sormat Oy’s stakeholder register
- Purpose of the file
The data is used for Sormat Oy’s marketing, sales and other similar deliveries requiring an address, unless the data subject has explicitly prohibited the collection and recording of his/her personal data.
- Data content of the file
First and last name, position in company
Email address, phone number
Contact details of the company
Information concerning participation in marketing measures
- Regular sources of data
Personal data is mainly collected from the data subject him-/herself. Data may be collected and updated by Sormat Oy’s personnel through public and commercial records, by making enquiries through companies’ telephone switchboards etc. and through information found on internet sites.
- Disclosure of data
The data in the file is not disclosed to third parties, but information such as a person’s name, address or email address may temporarily be made available to Sormat Oy’s subcontractor for the purposes described in Item 4. The third party may not use the data file for its own purposes, and the third party must be aware of the requirements of the Personal Data Act (523/1999).
- Principles of data protection
The data file is protected against use by outside parties. The data file can be accessed only by persons whose tasks require the processing of personal data in the file. Use of the data file is protected by personal user names and passwords.
- Data subject’s right of access
You have the right to the data that we have on you. In particular, you have the following rights to the personal data that we hold on you:
- Access and rectification. You have the right to ask us what personal data we have on you and to get a copy of the data that we can identify pertaining to you in this context. Should you find any errors (e.g. obsolete information) in such data, we urge you to contact our customer care to resolve the issue. Some of our service portals allow you to update your customer information. For such, you should update any changes to your personal data, for example, change of address or email address. If you cannot update the changes yourself, you may inform us of the necessary changes.
- Objection. You are entitled to object to certain processing of personal data, including for example the processing of your personal data for marketing purposes or when we otherwise base our processing of you on a legitimate interest. In the latter case, you need to establish a legally valid rationale for your objection.
- Right to be forgotten. You also have the right to request us to cease storing your personal data and erase it. In this case you need to establish a legally valid rationale for your request.
- Portability. You also have the right to ask for personal data that you yourself have provided – pursuant to a contract or your consent. You may request the data in a structured, commonly used and machine-readable format and further that the data is transmitted to another controller, where technically feasible.
- Withdrawing consent. In cases where the processing is based on your consent, you have the right to withdraw your consent at any time via relevant settings. For identifiable product analytics data, you can find the settings in the service user interface. You also have the right to opt out from our marketing communication via the preference center accessible from the link.
- Restriction. If you establish that the data we have on you is incorrect or we have no legal right to use it, you may request us to cease any further processing of your personal data, and merely keep it in store, until the issue is resolved.
Note that there may be situations where our confidentiality obligations, our right of professional secrecy, and/or our obligations to provide our services (e.g. to your employer) may prohibit us from disclosing or deleting your personal data or otherwise prevent you from exercising your rights.
If you have any complaints about how we process your personal data, or would like further information, please contact us at any time.
If you feel that we are not enabling your statutory rights, you have the right to lodge a complaint with a supervisory authority. In most cases, this authority is the Finnish Data Protection Ombudsman (www.tietosuoja.fi).
- Rectification of data
The controller shall, on its own initiative or at the request of the data subject, rectify, erase or supplement personal data contained in the data file which is erroneous, incomplete or obsolete as regards the purpose of the processing. The data subject shall contact the person in charge of the file controller’s data file matters to have the data rectified.
What do we collect?
We typically need to ask at least for your email address, phone number, and name to be able to provide our services. The individual services also collect additional data directly both on our service and from your device and related data traffic. In cases of such automated collection, the focus of data collection is on our services, not on your private data.
The adjoining service and interaction-specific policies explain in more detail the personal data collected per service type.
What do we do with it?
This list describes the general purposes for the collected personal data.
- Customer journey. To identify authorized users and check customer qualifications, process and track transactions such as administering accounts, shipping, invoicing, and managing licenses;
- Deliver, fix, and enhance. To deliver our services to you, maintain and develop our services and web sites, and to provide help and support for the services;
- To track how our services are acquired and used so that we can improve the services, manage your customer relationship, and approach you with relevant messages;
- To send you information relating to the services, conduct customer surveys, arrange competitions, advertise and market our services to you;
- To prevent fraudulent activities, remove or stop sharing of illegal or infringing material, and comply with legal or regulatory requirements.
The adjoining service and interaction-specific policies explain in more detail the specific purposes for the collected personal data.
Website personalization and development
The information collected via cookies and other web technologies helps us understand when and how visitors discover, interact with, and leave our websites. We then use this information to
- improve the visibility and usability of our sites,
- locate and address technical issues you might experience,
- and to deliver customized and relevant content to you.
We generate statistics and aggregate reports for internal use, as well as for sharing with F‑Secure group companies, partners, and subcontractors. Our third-party web analytic providers may also create and publish aggregate reports of the data collected. The statistics and aggregate reports do not contain any data that could be linked to an individual website visitor.
Web marketing activities
The data we collect can also be used for marketing purposes. Information about the pages you have visited or the products you bought in the past helps us market more relevant services to you in the future.
We also work with data aggregators and ecommerce sites to provide targeted advertising to our customers. In practice, this means that when you visit our site or a third-party website we have partnered with, or click an advertisement for F‑Secure products or services, your activity may be tracked through cookies. These cookies are generated by our marketing partners and used to display personalized F‑Secure-related advertisements on other websites.
General information about cookies
Cookies help us collect information about the use of our website. This information includes, among other things,
- the web browsers and operating systems used,
- the domains of referring sites (traffic origin),
- the date, time, number, and duration of visits,
- which pages or elements within pages were viewed,
- which links, buttons, or other items were clicked,
- and what was typed into text fields in forms.
Cookies may contain IDs, typically random strings of numbers and letters, that are unique to your browser. This helps us recognize your browser when you visit our website again.
We use both first-party and third-party cookies. Third-party cookies convey information to that third-party site upon your visit to an Sormat site.
Cookies are also used to track your reaction to emails sent to you, so that we know whether we have been successful in relaying the messaging to you.
You can discontinue cookie-based data collection at any time, by adjusting your browser settings or opting out on third-party provider pages (see the table below). Do note that some features of our website rely on cookies to function. There are many sites, such as aboutcookies.org, that give advice related to cookie settings and how to change them.
We use the following service providers to achieve some of the collection of data via cookies, as described above. If you do not wish to disable tracking cookies entirely (from your browser settings), you can follow the links below to opt out from individual third-party providers.
|Cookie provider||Cookie purpose||Read more||Opt out|
|Facebook Custom Audiences||Providing relevant advertisements||Read more||Opt out|
|Google AdWords||Providing relevant advertisements||Read more||Opt out|
|Google Analytics||Website measuring and improvement||Read more||Opt out|
Please note that these opt-out mechanisms work by placing a cookie on your browser. Therefore, your browser must be configured to accept cookies for your preference to take effect. If you delete your cookies or switch to a different web browser, you will need to set your preferences again.
We are not responsible for any third-party websites you enter via our website, and their practices are not covered by this policy. Our personal data policy does not cover data collected by any third-party websites, so you should read the privacy statements of those websites carefully.
Sormat does not control cookies from third-party websites. The third parties are responsible for how these cookies work and how the personal data is processed.
The practices related to accepting or blocking third-party cookies vary by marketing campaign and are defined by the third party and applicable laws.