Last Updated: December 2023
At LeanLab, we value the privacy of our customers, partners and other stakeholders. As a data controller, we need to collect and process personal data in order to provide all of our stakeholders with the best possible content. In particular, we process contact information of representatives and our corporate customers. We do the same with regard to potential customers. Personal data is any information that relates to an identified or identifiable individual, such as a name, email address and photograph.
We process personal data related to all persons belonging to the aforementioned groups in accordance with this privacy notice and the applicable legislation. We may update the privacy notice as our operations develop and the legislation changes.
Business ID: FI32254689
Digitalist Finland Oy
Siltasaarenkatu 18-20 C
Contact information for register matters:
Tel: +358 40 513 8001
Personal data processed and data-gathering methods
LeanLab may process the following personal data held on its customer and marketing register:
In addition, we gather data related to the corporate customer and its contact persons during the customer relationship. Personal data is also gathered via sign-ins for events we arrange and, occasionally, from seminars and webinars arranged in cooperation with partners.
Processing, handover and transfer of data outside the European Economic Area
In general, data in our marketing and customer register is processed by LeanLab employees for whom the processing of such data is a key element of the duties. Throughout our operations, we ensure that personal data is handled confidentially, in compliance with the law and solely by us.
We do not disclose data to third parties, but may share it with other companies within our group (LeanLab is part of Digitalist Group) where necessary. In addition, data may be disclosed if so required under law, by a court of law, or by the competent authorities. We may also hand over personal data that is in our possession if we are involved in a company or business acquisition.
As a rule, we do not transfer personal data outside the EU or EEA. Some of our service providers may be located outside the EU, because we primarily store and process data in digital format, particularly via cloud-based services. Service providers of this kind may include CRM and Email marketing software. In such cases, LeanLab ensures that data transfers involve sufficient data security as required by law.
Data security, protection and storage
The personal data held by LeanLab is duly protected from unauthorised access and accidental or unlawful erasure, alteration, handover, transfer, or unlawful processing in any other manner. Only employees who need to process such data for work-related reasons are entitled to use systems containing the data. Personal data is protected by a password and firewall in a secure cloud service/and database.
Personal data is stored only as long as required for the purpose in question, or for as long as the related contract or legislation requires. The storage time of data can vary, depending on the purpose for which it is used, the legal grounds for its processing, and the circumstances. In general customer personal details are kept during the duration of the contract and on average 2 years after the relationship has ended. The billing information is kept by law for the duration of 6 years from the end of the fiscal year in which the relationship has ended.
Personal data can be erased if the data subject withdraws his or her consent, or requests that it be erased (unless LeanLab has other legal grounds for processing the data), or if the contractual relationship is terminated, or the data becomes obsolete or incorrect. We attempt to update or erase superfluous, incorrect or obsolete data at least once a year.