Fortsätt till innehållet

Privacy notice of Oddlygood’s corporate customer and stakeholder register

In this privacy statement, we describe how Ogglygood Global Oy (hereinafter “OGG” or “we”) processes your personal data when you interact with us as a representative of one of OGG’s corporate customers, partners or other stakeholders (including potential corporate customers and partners). OGG may update this privacy statement from time to time, when legislation changes, for example.

1. Data controller

Oddlygood Global Oy (Business ID: 0112421-6)
Meijeritie 6
FI-00370 Helsinki

2. Contact information

If you wish to exercise your rights under this privacy statement or if you have questions about the processing of your personal data, please contact us by email at privacy.office@valio.fi or by calling +358 10 381 2185.

3. For what purposes and on what basis do we process the personal data?

We process the personal data to the following purposes:

PurposeLawful basis
To establish, manage and maintain the customer or cooperation relationship between OGG and the organisation that you representAgreement between OGG and the organisation that you represent, as well as legitimate interest
To conduct customer satisfaction surveys, market research or other studies that enable us to better serve our customersLegitimate interest
To send event and campaign invitations and to organise events and campaignsLegitimate interest
To respond to contact requests and product enquiriesConsent and legitimate interest
To manage and maintain OGG’s electronic servicesLegitimate interest
To sell and market OGG’s products and services, including sending newsletters and other marketing materialsLegitimate interest

We also process your feedback for statistical purposes and for the purposes of the OGG’s product and service development and other business development in order to better understand our customers and develop our operations in response to their needs. In these contexts, we anonymise your personal data so that you can no longer be identified based on the data.

4. What personal data do we process?

5. Where do we collect the personal data?

We collect your personal data 1) directly from you for example when you submit a contact request through our website, 2) from the organisation that you represent (and that is one of OGG’s current, possible or previous customers or partners), 3) from public sources (e.g. the website of the organisation that you represent), and 4) from the purchase register of Alma Talent or other similar third party register. In addition, we collect personal data concerning potential customers, partners and stakeholder representatives from Taloustutkimus and other data controllers, such as Valio, by means of personal data transfer.

6. Who processes your personal data and to whom do we disclose the data?

Your personal data is only processed by employees who need such data to perform their duties. In addition, your personal data is processed by subcontractors (including but not limited to Valio) working for us and on our behalf, such as service providers delivering newsletters and marketing materials, organisers of events and IT service providers. Subcontractors process personal data for OGG and on OGG’s behalf.

We do not regularly transfer your personal data to other data controllers. On a case-by-case basis, we disclose your personal data to restaurants, hotels and similar partners that organise OGG’s events and process your personal data on their own account. In addition, we disclose your personal data, if necessary, to auditors to process personal data on their own account or on our behalf, depending on the case. On a case-by-case basis, we also disclose your personal data to the authorities if there are legal grounds for doing so.

7. Do we transfer your personal data outside the EU or the EEA?

We have outsourced part of the personal data processing to data processors located outside of EU/EEA. In such situations, we will ensure that your personal data is transferred lawfully in one of the following ways:

The data subject has a right to acquire information on the used transfer mechanism from the contact person set forth in the section 2.

8. How long do we store your personal data?

As a rule, we store your personal data 1) for the duration of the contractual relationship or other cooperation relationship between you and OGG, 2) for the duration of the contractual relationship or other cooperation relationship between the organisations that you represent and OGG or 3) for as long as you serve in a position to which our product or service is related.

We store personal data related to subscriptions to newsletters or other materials until you cancel your subscription. If you prohibit the processing of your personal data for direct marketing purposes, we will store information about the fact that you have refused to receive direct marketing messages. With regard to events and prize draws, we store your personal data for the duration of the event or prize draw, after which we will erase the data without undue delay and no later than one year after the event has been organised.

We will store your personal data for longer to the extent that this is required by mandatory legislation (e.g. accounting obligations), a legal requirement concerning us or a statute of limitations or complaint period based on the law or an agreement. In such a case, we will only store the data required by the legislation, statute of limitations or complaint period or the data required to process a legal claim and will erase any other data.

9. How do we ensure the security of your personal data?

We have implemented appropriate technical and organizational safeguards to protect personal data against accidental or unlawful destruction, loss or alteration, unauthorized disclosure or access and other unlawful or unauthorized processing. We have limited the processing of personal data to those persons whose duties include the processing of such data. The data is collected in databases and processed only in systems protected by firewalls, passwords and other technical measures appropriate to the level of risk and purpose of use. In addition, all our subcontractors have committed themselves in writing to the same level of information security standards as we apply to our own processing of personal data.

10. What rights do you have?

In accordance with the applicable data protection legislation, you have, at any time, the right to:

You must submit a request to exercise your rights in accordance with section 2. With regard to electronic marketing messages such as newsletters, the easiest way to refuse to receive such messages is through the link provided at the end of the message. If you refuse to receive a newsletter or other electronic marketing messages, we will no longer send you such messages.

If you object to the processing of your personal data, you must specify in your request the purpose or purposes of processing that you oppose. In addition, if you object to the processing of your personal data for purposes other than direct marketing, you must specify in your request the grounds on which you object to the processing of your personal data (e.g. you no longer work for one of OGG’s corporate customers or partners).

We may ask you to verify your identity or further specify your request before implementing your request. We may also refuse to implement your request on grounds set out in data protection legislation, in which case we will inform you of such grounds.

11. Your right to file a complaint with the supervisory authorities

You have the right to file a complaint with the appropriate supervisory authorities if you believe that we have not processed the personal data in accordance with the applicable data protection legislation. You can file a complaint with the supervisory authorities in the EU member state where their permanent place of residence or employment is located or where the alleged personal data breach has occurred. In Finland, the appropriate supervisory authority is the Data Protection Ombudsman (www.tietosuoja.fi).

updated 25.8.2022