Data controller and contact details
Aiforia Technologies Oyj
Business ID: 2534910-2
Address: Pursimiehenkatu 29-31 D, FI-00150 Helsinki, Finland
Representative: For further information about your data processing please contact the Service Desk
The data subjects are the persons who visit Aiforia Technologies’ website, subscribe to our newsletters and to whom marketing is targeted on social media platforms.
Purposes of and legal bases for processing personal data
Purpose of processing
Legal basis for processing
Categories of personal data
Using other than strictly necessary cookies and similar technologies:
Legitimate interests of the controller when retrieving the data through the cookie and further processing it. Under the ePrivacy Directive and the Finnish Act on Electronic Communications Services, consent of the data subject must be acquired prior placing other than strictly necessary cookies.
Targeting ads on social media platforms
Legitimate interests of the controller
Aiforia targets advertising on social media platforms (e.g., LinkedIn) but has no access to the personal data that the platforms process.
Sales and marketing related activities, such as sending direct marketing (e.g., newsletters)
Legitimate interests of the controller when providing direct marketing. Under the ePrivacy Directive and the Finnish Act on Electronic Communications Services, in some instances, consent of the data subject must be acquired prior sending electronic direct marketing.
Categories and sources of personal data
The table below defines the categories and sources of personal data mentioned above.
Categories of personal data
Specific description of the personal data
Data collected by cookies and similar technologies
Data is collected by cookies and similar technologies that are placed on Aiforia's website and newsletters.
In addition, when Aiforia targets advertising on social media platforms (e.g. LinkedIn), the social media platforms use personal data of their users collected by cookies and similar technologies. For the sake of clarity, Aiforia has no access to such data collected by a social media platform.
Data is collected for the purposes described above, and may include the following:
Consents and prohibitions
The consents and prohibitions given by the data subjects for different purposes of processing of personal data, such as marketing permissions and bans, cookie consents and subscriptions to our newsletters.
Client information includes the information a data subject has provided to Aiforia when establishing the client relationship, when subscribing to a newsletter or filling out a form (e.g., webinar registration). This may include the following:
If one or more cookies are blocked or removed, the website may not function properly.
The provider of our cookies, Cookiebot, in regards to personal data processing: the logging of user consents for documentation is done in a way so that no personal data about users is stored. The provider also does not sell, trade or otherwise transfer to outside parties any personally identifiable information. You can find out more about the provider's policy here.
Below are listed the cookies in use currently on our website, their expiration times, their purposes, their providers and whether they are set by a third-party:
Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.
Expiration: 12 months
Preference cookies enable a website to remember information that changes the way the website behaves or looks, like your preferred language or the region that you are in.
Expiration: 12 months
Statistic cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously.
Expiration: 12 months
Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third party advertisers.
Expiration: 12 months
Personal data retention periods
You can always object to processing your data or withdraw your consent in relation to this processing. Regarding the retention periods of the personal data of website visitors, please see "Cookies" above.
Recipients of personal data
We may use the following service providers in processing your personal data:
In some cases, Aiforia acts as a joint controller with our social media, advertising and analytics partners. Joint controllers are present in a situation where more than one actor is involved in the processing and determination of the purposes and means of a processing operation. The processing would not be possible without both parties' participation in the sense that the processing by each party is inseparable. As an example, joint controllership may arise when Aiforia and the social media provider jointly decide to display ads to a certain group of people on a social media platform by choosing available targeting criteria. In such a situation, Aiforia acts as a targeter by choosing to use the services of the social media provider and by requesting it to target a certain audience based on certain criteria. The social media provider then shall process the personal data of its users in a way that the ads will be shown to the users that fit in to the criteria set by Aiforia.
We enter into a data processing agreement with every service provider who processes personal data on our behalf. In accordance with the data processing agreement, each service provider processes personal data only to the extent necessary for the provision of that service.
In addition, we may disclose your personal data to the extent permitted and obligated by existing legislation, including in connection with business transactions, unless you deny the disclosure of your personal data. We may also transfer or disclose personal data to authorities, where required to do so by applicable laws.
If Aiforia Technologies is involved in a corporate transaction, personal data may be disclosed to third parties in relation to such transaction in accordance with the applicable data protection laws.
Personal data transfers outside the EU/EEA
We, we together with our joint controllers and/or processors may transfer personal data outside the European Union or the European Economic Area. We ensure that such transfers are subject to appropriate safeguards as required by data protection laws, such as the applicable standard contractual clauses approved by the European Commission and the applicable supplementary measures.
Security of processing
We have taken and will maintain the necessary and appropriate technical and organizational measures to ensure the security of processing and to monitor the use of personal data, such as access control and rights, event logging, protection of hardware and files, physical access restrictions, encryption of sensitive data, pseudonymization, user guidelines and supervision. In addition, we have internal procedure for controlling non-conforming products and services, such as IT equipment or software components, at Aiforia.
Your rights as a data subject
As a data subject, you have the following data protection rights:
- Right of access: You have the right to receive information from us whether we are processing your personal data. If your personal data is being processed, you may request a copy of your personal data that is being processed.
- Right to rectification: You have the right to request that inaccurate or incomplete personal data relating to you be rectified or completed. This is provided, as a rule, free of charge.
- Right to erasure ("right to be forgotten"): You have the right to request the erasure of your personal data in some cases without undue delay.
- Right to restriction of processing: You can request us to restrict the processing of personal data concerning you, when it is processed with your consent.
- You may in some cases have the right to restrict the processing of your personal data.
- Right to object: You may have the right to object to the processing of your personal data in some cases. If your personal data is processed for direct marketing, such as for newsletters, you always have the right to object to the processing of your personal data.
- Right to data portability: To the extent that we process your personal data on the basis your consent and the processing is carried out automatically, you have the right obtain the personal data relating to yourself that you have provided to us in a structured, commonly used and machine-readable form, and the right to transmit this data to another controller.
- Right to withdraw consent: You have the right at any time to withdraw your consent to the processing of personal data. Withdrawal of consent has no effect on the lawfulness of processing carried out prior to withdrawal.
- Right not to be subject to a decision based solely on automated processing: You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.
- Right to lodge a complaint with a supervisory authority: You have the right to lodge a complaint with the competent supervisory authority, in particular in the EU/EEA member state of your habitual residence, place of work or place of the alleged infringement, if you consider that your personal data has been processed in violation of applicable data protection laws. In Finland, the supervisory authority is the Office of the Data Protection Ombudsman, whose contact information is accessible through the following link: https://tietosuoja.fi/en/contact-information