You are here

Customer Contact Data Protection Description

Data Protection Description

Finnish Personal Data Act (523/1999), Sections 10 and 24
October 13, 2016

Data Controller: Konecranes Plc, Finnish Business ID 0942718-2
Address: P.O.Box 661 (Koneenkatu 8),
05801 Hyvinkää, Finland

Telephone: +358 (0)20 427 11

Contact Persons in Matters Related to Data File: Lasse Toivonen (Data Protection Manager)

Mailing address and telephone number as above.

Data File Name: Customer Contact Data File
Purpose of Use of the Personal Data: 1) Business development and reporting;
2) Quality management;
3) Research and development of products and services;
4) Research and development of KC Group (Konecranes Plc and all its affiliate companies) IT infrastructure;
5) Marketing activities;
6) Sales activities;
7) Customer relationship management ("CRM");
8) Manufacturing of products;
9) Delivery of products and services
(incl. access to KC Group digital channels); and
10) Invoicing, taxation and related financial transactions.

General prerequisites for personal data processing: Finnish Personal Data Act, Section 8, paragraphs 1(5), 1(6) and 1(7).

Data Subjects Employees and other natural persons representing customer companies of Konecranes Group (Konecranes Plc and its affiliated companies).
Data Content First name;
Last name;
Company (employer);
Job role;
Decision role;
Street Address;
Postal Code;
Contact Method;
Telephone number;
Mobile phone number;
Telephone extension;
Fax number;
Email address;
Miscellaneous business information (free text field);

Customer survey communication prohibition;
Preferred customer survey method;
Membership in strategic customer survey contacts group;

Digital identity management system identifier;
Indicator of access to Konecranes Group digital platforms;
Email marketing consent;
SMS marketing consent;
Accepted data protection policy version;
General direct marketing inhibition;
Last data processing activity (time stamp);
Geographical location consent;
Cookie consent;
Data request date (if any);

Credit card number (if any);
Credit card validity (if any);

Web behavior information (depending on data subject's activity);

Regular Sources of Data: Customer contact persons themselves, other persons employed by or otherwise representing the customer companies of the Konecranes Group, employees and other persons working for or representing Konecranes Group.
Regular Disclosures of Data and Transfer of Data to countries outside EU and/or EEA: Personal data are not disclosed regularly except within companies of Konecranes Group and even then at all times in accordance with applicable laws.

Personal data are transferred outside EU and/or EEA only as allowed by and in accordance with applicable laws.

If personal data is transferred to external data processors (subcontractors or vendors) appropriate contractual arrangements, as required by the applicable laws, are executed to secure lawful and appropriate processing of personal data.

Security Principles of Data File: Personal data is protected by technical and organizational measures against accidental and/or unlawful access, alteration, destruction or other processing including unauthorized disclosure and transfer of personal data.

Such measures include but are not necessarily limited to proper firewall arrangements, appropriate encryption of telecommunication and messages as well as use of secure and monitored equipment and server rooms. Data security is of special concern when third parties (e.g. data processing subcontractors) providing and implementing IT systems and services are retained.

Data security requirements are duly observed in IT system access management and monitoring of access to IT systems. Access to personal data is available only in the internal networks of Konecranes Group. Personnel processing personal data as part of their tasks is trained and properly instructed in data protection and data security matters.

Rights of Data Subject: In accordance with the law the data subject has right to:

1) access the personal data on him/her in the data file and at request, receive a copy of the recorded personal data;
2) request inaccurate personal data to be rectified, incomplete personal data to be supplemented and outdated or obsolete personal data to be erased; and
3) prohibit the processing of personal data for the purposes of direct marketing, market research and opinion polls.

In order to use these rights the data subject shall contact the above mentioned contact persons in writing.