1. Registrar and contact details
Valve Branding Oy 1884268-7 (hereinafter “Valve”)
Sturenkatu 16, 00510 Helsinki, Finland
+358 20 7450 200, email@example.com
2. Name of the register
Valve's customer and marketing register
The registrants are the contact persons of the registrar's customers and potential customers, users of the registrar's services and websites.
4. Purpose for the processing of personal data
Personal data will be processed for the following purposes, but not limited to: sales and marketing activities aimed at acquiring new customers, managing existing customer relationships, marketing the company's brand and products, including direct marketing and other similar marketing and sales measures, and maintaining direct marketing unsubscriptions. The processing of personal data also includes the processing and analysis of personal data for the purpose of marketing or targeting services. For example, we may display targeted messages or content on our websites and channels based on your past interest.
5. Information of the register
- First and last name
- telephone number
- Twitter username
- ip address information or other identifier
- Job title
- employer / company and its contact details
- information on marketing authorizations and prohibitions notified by the person
- profiling information collected through cookies and other similar technologies
- behavioral information
- information about the customer or direct marketing message sent by e-mail and whether the message has been opened
- information on the communication with the data subject, such as the content of the messages and the transmission times
6. Regular sources of information
The information stored in the register is mainly collected from the registrants themselves through Valve's website. Personal information may also be added to the register manually as a result of face-to-face, telephone, e-mail, or other interactions.
We use web analytics services to collect visitor information about our website so that we can analyze and develop our site and target relevant marketing and customer communications to our site visitors. Behavioral information is collected through Valve’s websites, emails and social media channels using cookies and other similar technologies. The information in the register can be updated manually and also collected from public registers.
8. Regular disclosures
The information in the register is shared between the companies belonging to Valve Group.
Your information is confidential and is handled primarily by only our employees or our subcontractors on a limited contractual basis.
The information may also be disclosed if the implementation of the service requires it, for example in connection with a co-organized event. Even then, only an absolute minimum amount of data will be disclosed, and only to the party who handles the data responsibly.
9. Data transfer outside the EU or the EEA
Registry information is stored on Amazon Web Services (AWS) servers used by our system vendor HubSpot in the East-1 region of the United States. HubSpot has a robust privacy program. HubSpot's data processing agreement includes the European Commission's standard contractual clauses (SCC) for the transfer of data from the European Union to the United States. In addition, HubSpot adheres to the Privacy Shield Principles.
10. Retention period of personal data
Personal data in the customer and marketing communications register will be kept for as long as we need it for the purposes mentioned above.
11. Security Principles of Registry
- There is no manual material
Information processed by IT
- Access to the register is protected by usernames and personal passwords. Only those employees who have the right to process personal data for their work are entitled to use the system containing customer data. All of Valve's premises are locked and movement is controlled by passes.
- The system login site is secured with an SSL certificate and 2-step authentication. The storage of system user passwords complies with industry security standards.
12. Rights of the data subject
According to the General Data Protection Regulation (GDPR), the data subject has the right to take the following measures regards to personal data:
- obtain information on the processing of personal data
- gain access to information
- correct information
- delete data and become forgotten
- restrict data processing
- transfer data from one system to another
- oppose the processing of data
- not be subject to automatic decision-making
If you wish to exercise any of these rights regarding your own personal data, please contact us by email at firstname.lastname@example.org
Contacts must be made in writing and with signature. Our handler must be able to verify the identity of the sender of the request and the legal basis of the request.