Governing Law:
Finnish Data Protection Act (1050/2018)
EU General Data Protection Regulations, GDPR (2016/679) valid from 25.5.2018
Date of Issue 20.2.2018
Updated 28.6.2023
Updated 27.8.2025
1 Registry Name
Customer and Marketing Register of SC Software Oy
2 Controller
SC Software Oy (SC Software, we)
Business ID 2594657-2
Kauppakatu 35, 40100 Jyväskylä, FINLAND
3 Contact Person
Olli Väätäinen
Tel. +358 50 557 8111
olli.väätäinen@scsoftware.fi
4 Purpose of Personal Data Processing and the Legal Basis
SC Software Oy offers its products and services exclusively to organizations with business ID. Therefore, we serve only companies and organizations, not individual consumers. Collected personal data is needed to manage our customer relationships or potential relationships, customer service and marketing.
Customer data is needed for invoicing, drafting and signing contracts, and for the execution of maintenance, service, and delivery agreements. Personal data is also processed for sales, marketing communications, and direct marketing purposes.
5 Personal Data Retention Period
SC Software retains personal data contained in the customer and marketing register only for as long as necessary to manage the customer relationship. Once the customer relationship ends, or upon the data subject’s specific request, the data will be deleted from the register.
6 Register Content
This register processes the names and contact information of customers’ contact persons, and information regarding customer relationships. The register also contains information about visitors on our web-sites collected by cookies (www.scsoftware.fi and www.gdprdesk.eu).
Google Analytics, Meta Pixel and LinkedIn Insight Tag store information outside EU(European Union) / EEA (European Economic Area) to the Unites States. In these cases personal data is processed according to the EU Standard Contractual Clauses (SCC), https://eur-lex.europa.eu/legal content/FI/TXT/HTML/?uri=CELEX:32010D0087&from=en. The processing of personal data has been duly agreed between different parties and SC Software Oy.
7 Cookie Policy
Cookies are small text files that your browser stores on your device when you visit our websites www.scsoftware.fi and www.gdprdesk.eu (“web pages”).
Cookies can be used, for example, to collect information about how you use the website and to “remember” your preferences or actions on the site. We use the data collected through cookies to monitor website usage, improve site performance and user experience, and display targeted advertising. SC Software and third parties specifically collect the following types of information via cookies:
- IP-addresses
- date and time of your visit
- pages where you visited
- type of your web-browser
- your geographical location.
We use the following cookies in our web-pages:
- Google Analytics – we use Google Analytics to measure how users interact with our website. Google Analytics deploys various cookies in order to generate information such as the time, place, and frequency of your visits to our site. Google uses this information to evaluate how you use our site, provide reports on web activity, and perform other functions related to our website. Read more about Google cookies here.
- Piwik PRO Analytics Suite – we use Piwik PRO-tools as our web-pages traffic analysis- and consent management tool. Read more about Piwik PRO cookies here.
- HubSpot – we use HubSpot to analyze the use of our website, administer the website, automate marketing and track users’ movements around the website. Read more about HubSpotin cookies here.
- Dealfront – we utilize the Dealfront analytics tool to recognize organizations that visit our website. The service does not process or identify individual users. Cookies associated with this tool gather information regarding user behavior on our site, including navigation patterns and time spent on specific pages. Read more about Dealfront cookies here.
- Meta Pixel – we use the “Meta Pixel” of Meta Platforms, Inc. (formerly known as Facebook) on our website. We use it to measure, optimize and build audiences for our advertising campaigns served on Meta. It allows us to see how users move between devices when accessing our website and Meta and targeting Meta advertising to users most likely interested in such advertising by analyzing which content the user has viewed on our website. Read more about Metan Pixel cookies here.
- LinkedIn Insight Tag – we use the LinkedIn Insight Tag to help us with in-depth campaign reporting and insights about our website visitors to optimize sales and marketing activities. Read more about LinkedInin cookies here.
8 Regular Data Sources
Information provided by the user, data collected from public sources for managing the customer relationship, and data gathered through cookies on the SC Software’s website.
9 Regular Data Transfer
Information will not be disclosed to external parties without the consent of the data subject. Data related to the data subject may be disclosed to authorities if there is a statutory basis for doing so.
10 Data Transfer Outside the EU/EEA
Data is not primarily transferred outside the European Union or the European Economic Area. If any data is transferred outside the EU or EEA – for example, due to technical reasons – such transfers are carried out in accordance with applicable EU legislation (GDPR) and Finnish data protection laws.
11 Automated Decision-making Profiling
No automated decision-making or profiling is carried out based on the personal data in the register.
12 Principles of Register and Data Protection
12.1 Technical Controls
A. Data in Manual Format
The register does not contain data in manual format. If manual data materials are temporarily present, they are stored in a locked cabinet until the data is either digitized for electronic processing or securely destroyed.
B. Data in Digital Format
The data in the register is protected against unauthorized viewing, alteration, and destruction. Protection is based on access control management, technical controls for databases and servers, physical security of premises, access monitoring, and the protection of data communications.
12.2 Administrative and Organisational Controls
Access and processing rights to the data are granted based on work-related duties. Access to the system is based on personal user credentials. The register may only be used by individuals specifically authorized by the SC Software. All users are bound by a duty of confidentiality.
13 Rights of the Data Subject
13.1 Information provided to the Data Subject
SC Software informs the data subject about this personal data register, including the personal data stored and processed within it, at the beginning of the employment relationship. The privacy notice is also available on the company’s intranet pages.
13.2 Data Review
The data subject has the right to access their personal data. SC Software will inform the data subject whether personal data concerning them is being processed and, if so, will provide a copy of the personal data being processed.
13.3 Data Rectification
The data subject has the right to have incomplete personal data completed and incorrect data corrected.
13.4 Data Erasure Request
The data subject has the right to request the erasure of their personal data from the register. The data will be deleted if there is no longer a legal basis for its processing or storage.
13.5 Right to Object or Restrict Processing
The data subject has the right to object to or restrict the processing of their personal data. SC Software will assess on a case-by-case basis whether there is a legal basis for the objection or restriction and will take appropriate action accordingly.
13.6 Right to Withdraw Consent
If we process your personal data based on your consent, you have the right to withdraw your consent at any time. Upon withdrawal, we will cease processing your data for the purposes for which you have withdrawn consent. However, this does not affect the lawfulness of processing carried out based on consent before its withdrawal.
13.7 Data Protection Requests
Requests concerning data protection measures should be sent by email to the following address tietosuoja@scsoftware.fi. Requests may also be submitted in writing by post to the following address:
- SC Software Oy / Data Privacy
- Kauppakatu 35
- 40100 Jyväskylä, FINLAND
SC Software verifies the identity of the data subject before carrying out any data protection-related requests.
13.8 Direct Marketing
You may prohibit SC Software from processing your personal data for direct marketing purposes by sending an email to the following address: support@scsoftware.fi.
14 Information on Recipients of Personal Data
As the data controller, SC Software processes personal data itself but also utilizes external service providers. SC Software strives to use the best and most reliable partners and is responsible for the actions of the selected service providers when processing personal data.
15 Use of Data for Other Purposes
SC Software does not use personal data for purposes other than those stated in this privacy policy. If new purposes for data use arise in the future, the data subject will be informed of the change and the legal basis for processing. If necessary, SC Software will request written consent from the data subject for processing personal data for the new purposes.
16 Right to Lodge a Complaint with the Supervisory Authority
The data subject has the right to lodge a complaint with the supervisory authority regarding the processing of personal data. In Finland, the relevant authority is the Office of the Data Protection Ombudsman. More information is available at: https://tietosuoja.fi/en/home.