Humanscale Presenter Privacy Policy

According to the EU General Data Protection Regulation and the UK Data Protection Act
2018, the personal data controller of a register is obligated to inform the register’s data
subjects in a clear manner. This statement fulfils these informing obligations.

  1. Personal data controller
    Oy CDQ Solutions Ltd (”Supplier”) acts as a controller for the personal data register of
    the Humanscale Presenter (“Software”) user data as referred to in the EU General
    Data Protection Regulation (2016/679).
    Oy CDQ Solutions Ltd
    Konepajankuja 1
    00510 Helsinki, Finland
    The Client company Humanscale Corporation (“Client”) acts as a controller for the
    personal data register as referred to in the EU General Data Protection Regulation
  2. Data subjects
    Users of the Software. These may include the Client’s employees, partners or agents
    to whom access rights have been granted.
  3. Purpose of use of personal data
    The data is used by the Supplier for monitoring the use of the presentation tool. The
    data is used by the Client for monitoring and developing the Client’s presentation
    material and its use. The information will not be used for direct marketing.
  4. Categories of personal data processed
    The information in the user register includes the user’s email address, as well as
    information about the devices on which the application is installed, their operating
    systems, the version numbers of the application, the use of presentation material,
    and when the application has been used. Unique identifiable personal data is the
    user’s email address which serves as a username. This information is collected with
    the explicit consent of the user.
  5. The data subject’s rights
    The data subject has the following rights, and requests for their use should be sent
    to the personal data controller.

    Right to access data
    The data subject may check the data we have recorded.

    Right to rectification
    The data subject may request the rectification of inaccurate or incomplete
    personal data.

    Right to object
    The data subject may object to the processing of personal data if the data
    subject feels that personal data has been processed unlawfully.

    Right to forbid direct marketing
    The data subject has the right to forbid the use of personal data for direct

    Right to deletion
    The data subject has the right to request the deletion of data if personal data
    processing is not necessary. We will handle the request for deletion and
    proceed to either delete the data or state a justified reason for not being able
    to delete the data.

    It should be noted that the controller may have legal or other rights to not
    delete the requested data. The controller is obligated to preserve accounting
    materials for the duration (10 years) set out in the Accounting Act (Chapter 2,
    Section 10). For this reason, materials related to accounting cannot be deleted
    before that term has expired.

    Withdrawing consent
    If the processing of personal data is only based on the data subject’s consent
    and not for instance on a customer relationship or membership, the data
    subject may withdraw consent.

    The data subject may complain of the decision to the Data Protection

    The data subject has the right to demand us to restrict the processing of
    controversial data until the matter is solved.

    Right to complain

    The data subject has the right to complain to the Data Protection Supervisor if
    the data subject feels that we are violating the effective data protection
    regulation when processing personal data.
    Contact information of the data protection supervisor:
  6. Regular information sources
    User data is regularly obtained from the use of the Software.
  7. Regular disclosure of data
    We are disclosing information to the Client, who has committed to complying with
    the requirements of the data protection regulation by using data protection
    safeguards in the form of standard contractual clauses. On request, the data subject
    has the right to obtain a copy of these clauses.
  8. Duration of processing
    Personal data will be kept for as long as necessary for the service. When a data
    subject terminates their user account or their account is deleted, the personal data is
    removed from the register.
  9. Personal data processors
    In case the Client has been granted admin rights to monitor the user data in the
    Software, the Client acts as a processor of user data as referred to in the GDPR

    Access to the personal data register is only available to designated admin users on
    the Client side. The Client will disclose the processed personal data to its personnel
    only to the extent where it is strictly necessary. The processor will ensure that
    persons who are entitled to process personal data are bound by an obligation of
    professional secrecy or are subject to an appropriate legal obligation of secrecy.
  10. Transferring data outside the EU
    Personal data is regularly transferred outside the EU or the EEA to the client
    company which resides in the US. Personal data is not transferred to any other
    recipients than the Client company.
    If personal data is transferred outside the EU and the EEA, we will safeguard the
    sufficient level of personal data protection by e.g. agreeing on matters related to the
    confidentiality and processing of personal data in compliance with legislation.
  11. Automatic decision making and profiling
    User data is not used for automatic decision making or profiling