This privacy policy (“Privacy Policy“) informs you about how Retail Logistics Excellence – RELEX Oy (“RELEX Oy”) and its affiliated companies globally (jointly “RELEX“) process information it collects about the contact persons of its customers and prospective customers. Please note that some of the information is collected through RELEX website – please see the privacy policy available on the website (www.relexsolutions.com/privacy-policy) for more details.
In this Privacy Policy, “You” refers to the contact person of a RELEX customer and prospective customer whose personal data is processed. “Personal Data” refers to Your personal data that is processed under this Privacy Policy.
RELEX is committed to respecting Your privacy and to complying with applicable data protection and privacy laws and regulations. In this Privacy Policy, we explain what types of personal data we may come to process and for what purposes. We also explain the choices you have in relation to our processing of Your Personal Data and how you can learn more about our processing and exercise Your rights.
Data Controller
RELEX Oy maintains RELEX customer register for its own business purposes. Other RELEX affiliates may process Personal data on RELEX Oy’s behalf, for the purposes specified in this Privacy Policy.
RELEX Oy acts as the data controller for Personal Data covered by this Privacy Policy:
Retail Logistics Excellence – RELEX Oy
Business ID FI 1963444-1
Address: Postintaival 7, FI-00230 Helsinki, Finland
Email: Info@relex.fi
Website: www.relex.fi
Contact Persons
The contact person in matters relating to this Privacy Policy at RELEX is:
Privacy Director Hannes Saarinen, privacy@relexsolutions.com.
Categories of personal data processed
What data is processed?
RELEX collects Personal Data directly from You. In addition, RELEX collects data from publicly available sources to the extent relevant and permitted by applicable local law. RELEX may combine the data You have provided with other data which is available to RELEX either based on the business relationship with Your company (RELEX customer or prospective customer) or from public sources. Your Personal Data that is processed under this Privacy Policy includes the following:
| Information that You submit to RELEX or is collected by RELEX from other sources | – Name – Business email address – Phone number – Job title – Company name – Business address – Country – Country of IP address – Social media profiles (such as Linkedin and Twitter bio). |
| Conversation history | RELEX may link the chat and email conversations You have had with RELEX representative to Your profile in RELEX customer register. |
| Cookies and other Technical Information | When You access RELEX website, our web servers automatically create records of Your visit. We have explained in the Privacy Policy for RELEX website how we process Your Personal Data when You are using our website. Please see the privacy policy available on the website (www.relexsolutions.com/privacy-policy) for more details. |
The purposes and legal basis for the processing
Why Your Personal Data is processed?
Your Personal Data is collected, used, stored and otherwise processed for the purposes of:
- managing, maintaining, developing and analyzing the relationship between RELEX and its customers;
- planning and development of the business activities and services of RELEX and for measuring the amount of customers and prospective customers and conducting customer surveys;
- for communication and direct marketing purposes, including electronic marketing.
You will have the possibility to opt out from electronic marketing – please use the opt out functionality in the emails that You have received from us or contact the contact person nominated in this Privacy Policy.
RELEX will use Personal Data collected to target communication to different groups of customers or prospective customers of RELEX based on different characteristics, such as geographic location or industry. Personal Data will not otherwise be used for profiling or automated decision-making.
What is the legal ground for processing the data?
RELEX has legitimate interest to process Your Personal data for the purpose of (i) administering the customer relationship and communicating with such customer whose contact person You are, (ii) marketing RELEX products and services to existing and potential customers and their contact persons and (iii) the other activities that are described above. For existing customers, RELEX has the contractual obligation to communicate with the customer’s contact person. RELEX also has the legitimate need to market its products and services which is balanced by the possibility to opt out from electronic marketing.
Why are You required to provide the data?
Providing the Personal Data is not a requirement necessary to fulfil contractual and statutory obligations. You are not required to provide Personal Data to RELEX. In case You are a contact person of an existing RELEX customer and choose not to provide all the Personal Data requested by RELEX, RELEX will not be able to fulfil its contractual obligations under such contract RELEX has concluded with such customer or will only be able to fulfil those obligations partly. Please note that this may have adverse consequences both to the customer in question and RELEX.
Access to Personal Data
Who will be able to access Your Personal Data?
Your Personal Data will be made available to those employees working at RELEX that are responsible for customer and marketing communication. This includes RELEX marketing staff, presales and sales personnel and may include service managers and other service personnel for existing customers.
In addition, Your Personal Data may be made accessible to RELEX’s service providers or other vendors RELEX uses in maintaining the customer register (such as the CRM service provider used by RELEX and hosting providers) for the purpose of providing such services to RELEX as well as RELEX’s sales agents and other partners involved in RELEX sales and marketing activities.
M&A activities: Where RELEX takes steps to sell, buy, merge or otherwise reorganize its businesses in certain countries, this may involve disclosing Personal Data to prospective or actual purchasers, sellers or partners and their advisers. In such circumstances, RELEX will take all reasonable steps to ensure that appropriate measures to protect Personal Data are taken by such prospective or actual purchasers, sellers or partners and their advisors.
Transfer of Personal Data
Will Your Personal Data be transferred to other countries?
In case you reside in EU/EEA countries:
Your Personal Data will be transferred to countries outside European Union/EEA (including United States). RELEX may use service providers that are located outside European Union/EEA and provide services relating to sales and marketing activities or maintenance of RELEX customer register to RELEX. Also, some of the RELEX affiliates are located outside European Union/EEA, and the employees of such affiliates may process Your Personal Data for the purposes specified in this Privacy Policy.
When transferring Your Personal Data outside European Union/EEA, we will ensure that the transfer is legal and safe by concluding an agreement based on EU Commission’s standard contractual clauses or taking other measures permissible under applicable legislation. You can ask for additional details relating to the transfer and the appropriate safeguards put in place and obtain a copy of the related documents from the contact person nominated above in this Privacy Policy.
Storing the Data
How long will Your Personal Data be stored and processed?
Your Personal Data will be processed:
- in case of an existing customer relationship, as long as it is necessary for the purposes of the customer relationship with the customer whose contact person You are; and
- in case of prospective customers, as long as there is a legitimate need for RELEX to keep the data for marketing and other communication purposes.
RELEX will periodically (and at least on annual basis) review the contacts in the customer register in order to make sure that Personal Data is kept only when it is necessary for the above-mentioned purposes. RELEX will keep the data only as long as we have a meaningful business contact and will remove Your Personal Data once it is no longer necessary to keep it. Also, RELEX will remove Your Personal Data in case You object to processing and ask for removal of the data based on applicable legislation.
The Exercise of Your Rights
What rights do You have and how can You Exercise those rights?
You have the right to access Your Personal Data processed under this Privacy Policy. You have the right to request correction and removal of Your Personal Data. In case you want to exercise these rights, please contact the contact person nominated above in this Privacy Policy.
In addition, You have the right to request restriction of processing of Your Personal Data and to object the processing on grounds provided by the applicable legislation. Please contact the contact person nominated above in this Privacy Policy for additional instructions.
You also have the right to lodge a complaint with a supervisory authority in case You think that Your rights have been violated. You may choose to lodge a complaint with a supervisory authority in the EU Member State of Your habitual residence, place of work or place of the alleged infringement.
Data Security
We are committed to keeping Your Personal Data safe. RELEX will implement appropriate technical and organizational measures in order to ensure sufficient data security. Sufficient security measures are put in place in order to prevent unauthorized access to and manipulation of Your Personal Data. This includes restricting access to Your Personal Data to the persons described in this Privacy Policy (see section “Access to Personal Data” above) and hosting Your Data with a service provider that is able to demonstrate adequate level of data security.
We take appropriate steps to address online security, physical security, risk of data loss and other such risks taking into consideration the risk represented by the processing and the nature of the data being protected. Also, we limit access to our databases containing personal data to authorized persons having a justified need to access such information.