Last updated: 05 / 2018
Contact details of the controller:
Name: BrandBastion Oy
Company ID in Finnish Trade Register: 2570173-5
Mail address: Yrjönkatu 11 D 20, 00120 Helsinki, Finland
E-mail address: info(at)brandbastion.com
Name: BrandBastion Inc
Mail address: 228 Park Avenue S., NY 10003-1502, United States
E-mail address: info(at)brandbastion.com
Data You Provide to Us
We may collect the following information from our users that in certain circumstances, alone or in connection with other data, may constitute personal data, including but not limited to the following:
Data Collected Automatically
The Website may automatically collect the following information from you that in certain circumstances, alone or in connection with other data, may constitute personal data:
We use the personal data collected directly from you for the following purposes:
We use the data collected automatically for the following purposes:
Legitimate Grounds for Processing
We do not sell, lease, rent or otherwise disclose the personal data relating to our users to third parties unless otherwise stated below.
The personal data collected may be disclosed in the following manner:
Personal Data You Provide to Us
BrandBastion does not rent or sell your Customer Personal Data, but we may disclose such data to a limited set of trusted third parties in the situations explained in this policy, for which you, by using our Service, hereby explicitly consent. We may disclose personal data you provide to us with the following categories of third parties:
Data collected automatically
The data collected automatically may be disclosed to the following categories of third parties:
Moreover, we may disclose information to third parties in an aggregate and anonymous format that does not constitute personal data and does not allow the identification of individual users.
If you use any of BrandBastion’s applications and grant BrandBastion rights to access the tokens needed to initiate and run our service, these are used only to the extent agreed to in the agreement between BrandBastion and each individual client. These access tokens are protected by BrandBastion according to best industry standards.
You have the following rights with respect to the personal data we hold about you:
Right to access
You have the right to access your personal data processed by us. You may contact us and we will inform what personal data we have collected and processed regarding you.
Right to withdraw consent
In case the processing is based on a consent, you may withdraw the consent at any time. Withdrawing a consent may lead to fewer possibilities to use our services and products. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
Right to rectify
You have the right to have incorrect or incomplete personal data we have stored about you corrected or completed.
Right to erasure
You may also ask us to erase the your personal data from our systems. We will comply with such request unless we have a legitimate ground to not delete the data.
Right to object
You may object to the processing of personal data if such data are processed for other purposes than purposes necessary for the performance of our services to you or for compliance with a legal obligation. In case we do not have legitimate grounds to continue processing such personal data, we shall no longer process the personal data after your objection.
Right to restriction of processing
You may request us to restrict processing of personal data for example when your data erasure, rectification or objection requests are pending and/or when we do not have legitimate grounds to process your data. This may however lead to fewer possibilities to use our services.
Right to data portability
You have the right to receive your personal data from us in a structured and commonly used format and to independently transmit those data to a third party.
How to use the rights
The above mentioned rights may be used by sending a letter or an e-mail to us on the addresses set out above, including the following information: the full name, company name, address, e-mail address and a phone number. We may request the provision of additional information necessary to confirm your identity. We may reject requests that are unreasonably repetitive, excessive or manifestly unfounded.
Notwithstanding any consent granted beforehand for the purposes of direct marketing, you have the right to prohibit us from using your personal data for direct marketing purposes, market research and profiling made for direct marketing purposes by contacting us on the addresses indicated above or by using the unsubscribe possibility offered in connection with any direct marketing messages.
Lodging a Complaint
In case you consider our processing of personal data to be inconsistent with the applicable data protection laws, a complaint may be lodged with the local supervisory authority for data protection.
Pursuant to Section 1798.83 of the California Civil Code, residents of California have the right to request from a business, with whom the California resident has an established business relationship, certain information with respect to the types of personal information the business shares with third parties for direct marketing purposes by such third party and the identities of the third parties with whom the business has shared such information during the immediately preceding calendar year.
To request a copy of the information disclosure provided by us pursuant to Section 1798.83 of the California Civil Code, please contact us via email at info(at)brandbastion.com or by mail at BrandBastion, Yrjönkatu 11 D 20, 00120 Helsinki, Finland or BrandBastion, Inc, 228 Park Avenue S., NY 10003-1502, United States.
The personal data processed is stored for a reasonable amount of time depending on the extent of the data, the use case, regulations, BrandBastion’s internal policies and the exact data at hand. If the user has opted in by for example giving BrandBastion his or her personal data requesting to be contacted or requesting to receive a newsletter, the personal data is stored until the user opts out.
The security of personal data is important to us. We take reasonable measures to protect personal data about you from unauthorized access or against loss, misuse or alteration by third parties. Despite these efforts to store personal data collected on and through the Website and otherwise by us in a secure operating environment that is not available to the public, we cannot guarantee the security of personal data during its transmission or its storage on our systems. Further, while we attempt to ensure the integrity and security of personal data, we cannot guarantee that our security measures will prevent third-parties such as so-called hackers from illegally obtaining access to personal data. We do not warrant or represent that personal data about you will be protected against, loss, misuse, or alteration by third parties.
We will take steps to ensure that the personal data receives an adequate level of protection in the jurisdictions in which it is processed. We provide adequate protection for the transfers of personal data to countries outside of the European Economic Area through a series of agreements with our service providers based on the Standard Contractual Clauses or other similar arrangements.
More information regarding the transfers of personal data may be obtained by contacting us on any of the addresses indicated above. More information regarding the Standard Contractual Clauses can be obtained here.
The Website is not directed to children younger than thirteen (13) years of age. We do not intend to collect personal data from children under 13. If you are under 13, please do not use the Website and do not send any information about yourself to us.