Privacy Policy

Privacy Policy

Updated: 30 November 2022

This Privacy Policy (“Privacy Policy”) describes how Eduhouse Oy and its Group companies collect, process and disclose your personal data when providing you with educational services in the form of online training, distance learning, online coaching or similar services (“Service”) and when you visit our website. The Service may be located on one or more systems. Eduhouse and its employees, partners, subsidiaries and affiliates are committed to protecting your privacy and personal data. Eduhouse processes your personal data in accordance with international and European data protection principles and current legislation on the processing of personal data.

We are constantly developing our services and therefore reserve the right to change this Privacy Policy by notifying you of any changes on this page. The changes will take effect when the updated Privacy Policy is published. The processing of personal data is necessary for conducting our business.

Who is controller?

The controller under the applicable data protection legislation is Eduhouse Oy (“Eduhouse”, “we”, “us” or “our”), also in relation to the company’s branches in other countries. Eduhouse is responsible for ensuring that your personal data is processed in accordance with this Privacy Policy and the applicable data protection legislation.

Contact details of the controller:

Eduhouse Oy

Business identity code: 1768399-5

Address: Leppäsuonkatu 6, 00100 Helsinki

Telephone number: +358 207 571 650

Email: asiakaspalvelu@eduhouse.fi,
Data protection officer: Marko Ekroth, tietosuojavastaava@eduhouse.fi

Where do we collect the data?

Your personal data can be collected in different ways. As a general rule, we collect and process personal data that

• you provide to us when you interact or do business with us, for example, when you register or log in to our Service, subscribe to our newsletter or a trial of our Service, participate in our marketing events or campaigns or contact us;
• your employer or other subscriber of the Service has provided to use when the decision to introduce the Service has been made and the end users of the Service have been identified;
• we have obtained from the internal or shared registers of companies belonging to the Eduhouse Group;
• we obtain in connection with your use of the Service, your visit to the website or our marketing activities.
• is obtained from other sources, to the extent permitted by applicable laws, such as Eduhouse’s social media channels, the Trade Register, the Population Information System, the Business Information System, the service providers that collect contact details of potential customers and representatives, or the Postal Service’s Address Information System.

What information do we collect?

We collect and process categories of personal data including:

• Basic information about the users and administrators (customer contact persons) of the customer organisation, such as name, job title and relationship to the represented company, email address, telephone number, organisation’s visiting, invoicing and postal address, and language of communication;
• Customer relationship data, such as service and subscription information, payment information, billing information, marketing authorisations and prohibitions, and customer satisfaction survey results;
• Customer communications and related correspondence and records of data subjects’ rights;
• Potential customers (prospects) and trial subscribers: first name, last name, organisation, title, telephone, email, organisation address and interests;
• Personal data generated or collected in connection with the use of our website, social media channels and Service, such as user IDs, passwords, identification data, IP address, log data concerning the use of the Service, chat conversations in online training sessions, use of the Notes field in the online training service and data collected through cookies or similar technologies;
• Video and audio with camera and/or microphone on during distance training, online coaching or other live sessions, as well as discussion during the event;
• Other information you provide in connection with free webinars or events, newsletter subscriptions, trial subscriptions or other sales and marketing activities, such as your interests related to the Service;
• Click-through and open rates for newsletters and advertisements;
• Other data provided on a case-by-case basis subject to your consent.

Eduhouse may combine the personal data collected from various sources for the purposes set out in this Privacy Policy. You do not have to provide us with personal data, but a failure to do so may make it impossible for us to provide the Service.

For what purposes do we process data and what are the legal bases for processing your personal data?

We only process personal data that is necessary for pursuing our business, managing customer relationships and developing the Service, as well as for other appropriate commercial purposes.

We process your personal data for the following purposes:

Provision of the Service and customer relationship management

We process your personal data primarily to provide and deliver our Service to you or the company you represent and to manage and maintain the customer relationship between you or the company you represent and us. Such activities include customer communications, such as sending newsletters, bulletins and event invitations, customer service, as well as managing direct marketing bans and any other customer-specific restrictions.

If you are a subscriber to the Service, we also process your personal data for billing purposes and customer relationship analysis. We also collect operational information related to reporting on the customer usage of the Service, including end user training, testing, and content reviews.

In such situations, the legal basis for processing the data is the fulfilment of the contract or a legitimate interest. We need to process your personal data in order to process and manage your purchases, orders, payments, requests for information or communications or to provide you with our Service.

Marketing and sales

Existing customer and website visitor

We may contact you to inform you about new features, content or additional services of the Service or to promote our partners’ services to you. Unless otherwise agreed, we may contact you regardless of whether you are a user or an administrator within the customer organisation. For these purposes, we process your data on the basis of legitimate interest.

We also collect statistical and analytical information about your website behaviour and process your purchase and viewing history to provide you with targeted communications and marketing materials and to improve our services. We also use website statistics for customer segmentation for our sales processes. The use of cookies and other similar technologies is based on your consent.

Prospect and trial subscriber

If you are not yet our customer and have subscribed to our newsletter or a trial of our Service, or have participated in our other marketing campaigns or events, we may send you marketing communications related to our Service based on your consent. In certain circumstances, we may also market or sell our services to you on the basis of a legitimate interest if we feel that our Service is relevant to you based on your job role and position. You have the right, at any time, to object to the processing of your personal data for direct marketing, telemarketing and profiling purposes (see section 9 of this Privacy Policy).

Service development, data security and in-house reporting

We may also process your personal data for marketing research, customer surveys, opinion polls and internal reporting, as well as to develop our services.

We also process your personal data to ensure the security of the Service and website, to improve the quality of the Service, and to test and develop the Service and related services, systems, tools and processes. We may also use personal data to compile internal reports for the proper management of our business.

In addition, we may process your personal data if it is necessary to prevent fraud or other criminal activity or to respond to possible legal actions or claims.

In these cases, the processing of personal data is based on our legitimate interest.

Data processing within the Group

A company within the Eduhouse Group may disclose personal data to other companies within the Eduhouse Group to the extent permitted by applicable law for the purpose of selling and implementing the Group’s services and managing customer relationships. In order to conduct our business efficiently, personal data may also be transferred between companies within the Eduhouse Group for internal administrative purposes, such as for reporting purposes or to use centralised information and communication systems.

In these cases, the processing of personal data is based on our legitimate interest.

Other purposes

We may also process your personal data for other purposes that you have given your consent to.

You always have the right to object to the processing of your personal data on the basis of your legitimate interests.

Transfer and disclosure of personal data

We may disclose your personal data to third parties:

• to the extent permitted or required by law, for example, to comply with a request for information by a competent authority or in connection with legal proceedings;
• when our partners process personal data on our behalf in accordance with our instructions. Such processing may include, for example, outsourcing the planning of Eduhouse’s sales and marketing activities and training courses. We will always ensure that your personal data is processed properly;
• if we are involved in a merger, reorganisation or sale of business or part thereof;
• when we believe that disclosure is necessary to exercise our rights, protect your safety or the safety of others, investigate abuses, or respond to a request from a public authority;
• if your user licence has been purchased by your employer or someone else, we will, for example, share your performance data with designated contacts; and
• with your consent, to the parties to whom the consent relates.

Disclosure of personal data within the Eduhouse Group

A company within the Eduhouse Group may disclose personal data to other companies within the Eduhouse Group to the extent permitted by applicable law for the purpose of selling and implementing the Group’s services and managing customer relationships. In order to conduct our business efficiently, personal data may also be transferred between companies within the Eduhouse Group for internal administrative purposes, such as for reporting purposes or to use centralised information and communication systems.

Transfer of personal data outside the European Union (EU) or the European Economic Area (EEA)

As a rule, your personal data is not transferred outside the EU, but as data is primarily stored and processed electronically, some of our service providers and contractors may be located in countries outside the EU. They include HubSpot Inc, ActiveCampaign Inc and Leadfeeder, which we use to send activation messages, improve the quality of our services, manage customer loyalty and carry out skills surveys. In this case, we put in place appropriate safeguards to ensure that the rights and freedoms of data subjects are honoured as provided in the data protection legislation, such as the European Commission decision on the adequate level of data protection or the use of Standard Contractual Clauses. User performance data is not transferred outside the EU/EEA.

Cookies

We also use cookies and similar technologies on our websites at www.eduhouse.fi at https://app.eduhouse.fi. Cookies are small text files placed on your device to collect and remember useful information and to improve the functionality and usability of our website. We may also use cookies and other similar technologies for statistical purposes, such as compiling statistics on the use of the website to understand how users use the website and thereby improve the user experience. We also use cookies to target marketing. You can disable cookies, restrict their use or delete them from your browser. As cookies enable our website to function, restricting their use affects the usability of the website.

You can read more about cookies here:

https://cdn2.hubspot.net/hubfs/4318930/Tietosuoja,%20k%C3%A4ytt%C3%B6ehdot,%20ev%C3%A4ste%20-dokumentit/Ev%C3%A4stek%C3%A4yt%C3%A4nt%C3%B6.pdf

Retention of personal data

We will only retain your personal data for as long as necessary to fulfil the purposes of use specified in this Privacy Policy. As a rule, your personal data will be stored for the duration of your relationship with us. Parts of your personal data may be retained, to the extent permitted or required by applicable laws, even after the expiry of the customer relationship or for as long as required for the purposes of this data file and the rights and obligations of the parties involved.

In addition, we may process your personal data for sales and marketing purposes before the start, or after the expiry, of the customer relationship, where there is a legitimate legal basis for doing so. Your personal data will be deleted when its retention is no longer necessary to comply with the law or the rights and obligations of either party.

Data subject rights

You have the right to verify your personal data. You can also request at any time that your personal data be corrected, updated or deleted. Please note, however, that personal data that is necessary for the purposes defined in this Privacy Policy or that is required to be retained by law cannot be deleted. You have the right to object to or restrict the processing of your personal data, such as profiling, to the extent required by applicable laws. If you object to direct marketing, the processing of your personal data will be prevented with regard to active use in direct marketing. However, your data may be retained to the extent necessary to comply with the opt-out.

In certain cases, you have the right to transfer the personal data you provide to us from one system to another, i.e. you have the right to receive your personal data in a structured, commonly used, machine-readable format, and to transfer your personal data to another controller in accordance with applicable laws.

If the processing of your personal data is based on your consent, you have the right to withdraw your consent at any time. After that, we will not process your personal data unless there is another legal basis for doing so.

You can exercise your rights by sending a request for inspection or other request concerning your personal data to asiakaspalvelu@eduhouse.fi. We will respond to your request within one month of your request, unless there is a specific reason to extend the response time.

If you feel that your personal data is not being processed appropriately, you have the right to complain to the Data Protection Ombudsman. You can find the contact details of the Data Protection Ombudsman here:

Contact details of the Office of the Data Protection Ombudsman | Office of the Data Protection Ombudsman

Data security

Your personal data is protected by physical, organisational and technical means against loss, destruction, misuse and unauthorised access or disclosure. The register is stored in a database protected by firewalls, passwords and other technical means, which is only accessible to authorised persons for the performance of their duties.

Please note that all data security violations cannot be prevented even by appropriate safeguards. Any data security breaches are reported to you in accordance with applicable laws and recommendations.

Changes to the privacy policy

We are constantly developing our services and therefore reserve the right to change this Privacy Policy by notifying you of any changes on this page.

Contact us

If you have any questions about this Privacy Policy or the processing of your personal data, please contact asiakaspalvelu@eduhouse.fi or Marko Ekroth, tietosuojavastaava@eduhouse.fi