3. How We Use Your Personal Data
3.1 Purposes and Lawful Bases
When your company becomes, or already is, a customer of Truesec, these are the most important purposes for which we process your personal data:
- To verify your identity and authority to act on behalf of your employer. For this purpose, we process contact and identity information that you or your employer have provided to us.
- To administrate your employer’s customer relationship with us, including customer care and customer support. For this purpose, we process contact and identity information, invoice and payment details, order details, and order history.
- In relation to our business operations. For this purpose, we use identity, contact, and customer-related information in connection with offers/tenders, marketing and advertising of our products, services, and events, the development and improvement of our products, services, and events, long-term cooperative projects, when planning, executing and evaluating projects undertaken together with your employer, in relation to necessary legal documents such as NDAs when you may visit our premises as part of a project between your employer and us, as well as in matters related to claims and litigation.
- Profiling, automated decision-making, and targeted marketing. For this purpose, we process identity and contact information, as well as customer-related information.
- For bookkeeping and tax purposes. For this purpose, we process invoice and payment details, order details, and order history.
The lawful basis for 1, 2, and 3 above is that it is necessary in order to perform and administer our customer agreement with your employer and perform our legal obligations under, e.g., the Bookkeeping Act and Income Tax Act. Such personal data about you that we have processed during our provision of, e.g., monitoring or incident response services, will never be processed for any of the purposes above or otherwise for any other purpose than providing the contracted services to your employer.
The lawful basis for 2 and 3 above is also that we have a legitimate interest to develop and improve, as well as market and advertise our products, services, and events.
The lawful basis for 4 above is your consent. Please note that your consent may at any time be revoked by contacting us at privacy@truesec.com.
The lawful basis for 5 above is to perform our legal obligations.
If you would like to know more about our profiling measures, please see Section 9 below.
When you subscribe to one of our newsletters, these are the most important purposes for which we process your personal data:
- To verify your identity. For this purpose, we process the contact and identity information that you have provided to us.
- In relation to our business operations. For this purpose, we use identity and contact information, as well as information regarding your areas of interest and expertise, in connection with providing the requested newsletter(s) and in connection with the marketing and advertising of our products, services, and events, and the development and improvement of our products, services, and events, as well as performing market analyses, research and market statistics.
- Profiling, automated decision-making, and targeted marketing. For this purpose, we process identity and contact information, as well as customer-related information.
The lawful basis for 1 and 2 above is our legitimate interest.
The lawful basis for 2 and 3 above is your consent. Please note that your consent may at any time be revoked by contacting us at privacy@truesec.com.
If you would like to know more about our profiling measures, please see Section 9 below.
When you fill out an online form on our website(s) or sign up for or show interest in an event, these are the most important purposes for which we process your personal data:
- To verify your identity. For this purpose, we process the contact and identity information that you have provided to us.
- In relation to our business operations. For this purpose, we use identity and contact information in connection with providing the answer or information requested in the form and in connection with the marketing and advertising of our products, services, and events and the development and improvement of our products, services, and events, as well as performing market analyses, research, and market statistics.
- Profiling, automated decision-making, and targeted marketing. For this purpose, we process identity, contact information, and customer-related information.
The lawful basis for 1 and 2 above is our legitimate interest.
The lawful basis for 2 and 3 above is your consent. Please note that your consent may at any time be revoked by contacting us at privacy@truesec.com.
If you would like to know more about our profiling measures, please see Section 9 below.
When you visit our website(s), these are the most important purposes for which we process your personal data:
- Website performance. For this purpose, we process information from cookies to analyze your behavior on our website(s) and which of our pages, services, products, and events are most interesting to our website visitors.
- User experience and overall user-friendliness. For this purpose, we process information from cookies to analyze your behavior on our website(s) and which of our pages, services, products, and events are most interesting to our website visitors.
The lawful basis for 1 and 2 above is your consent. Please note that your consent may at any time be revoked by contacting us at privacy@truesec.com.
If you would like to know more about cookies, please see Section 10 below.
3.2 Processing for Marketing Purposes and Sending Out Newsletters
You have the right at any time to stop us from contacting you for marketing purposes and from sending you more newsletters. If you no longer wish to be contacted for marketing purposes or if you wish to unsubscribe from our newsletters, please email us at privacy@truesec.com.
You will also be provided with the opportunity to unsubscribe from our newsletter in each and every newsletter by clicking the "Unsubscribe" button.
3.3 Email Address Management Policy
When you provide us with your email address, we will handle it accordingly:
- Your email address will not be sold, distributed, or otherwise made available to companies outside the Group that are not our direct business partners that need your email address in order for us to provide our products, services, and events or otherwise provide such information that you have requested from us.
- Mailouts are done using technologies that hide your email address from other subscribers.