Privacy Policy and Terms of Service

Last updated: August 18th, 2021

Trustmary Terms of Service

Last Updated: August 18th, 2021

These Terms of Service (“Terms”) govern the subscription, access and use of the Trustmary online platform (“Service”) provided by Trustmary Group Oy (Business ID: 2725847-4) (together with all of its affiliates and subsidiaries, “Trustmary”) via its website located at www.trustmary.com  (“Website”).

By taking the Service into use, the customer organization (“Customer”) will be bound by these Terms. By finalising a subscription within the Service, you hereby warrant to have the required authority to  subscribe to the Service on behalf of the Customer.

Certain sections of these Terms are also directly applicable to each individual user (“User”) accessing the Service on behalf of Customer.

Each party (Customer, Trustmary, and Users) is hereinafter individually referred to as the “Party” and together as the “Parties.”

Please read these Terms with due care. By clicking the box referring to these Terms or by otherwise using or accessing the Service, a binding contract is formed between the Customer and Trustmary, or between the User and Trustmary, respectively.  Customers are responsible for all acts and omissions of their Users. Trustmary may occasionally update these Terms. By continuing to access or use the Service after those changes become effective, each Customer and User agrees to be bound by the revised Terms.

Please note that Trustmary may also provide Customer with certain other services, which are ordered separately. These Terms are only applicable to the access and use of the Service and Website.   Where the Parties have entered into a separate agreement in regard to the subject matter covered in these Terms, such agreement shall have priority and these Terms shall apply secondarily.

Right to use the Service

Subject to due payment of the Service Fees (except in the case of Free Subscriptions) as well as subject to the compliance with the Terms agreed herein, Trustmary grants Customer and Users a limited, non-exclusive, non-transferable, and non-sublicensable right to use the Service during the Subscription Period for the purposes set out herein. Customers and Users understand and agree that the Service is provided under license to Customers and Users, not being sold to Customers and Users, and Customers and Users do not gain any ownership interest of any kind in the Service under these Terms.

The Service may only be used by individuals aged 18 and older. By using the Service, each User represents and warrants that they are 18 years of age or older and otherwise meets all of the eligibility requirements contained herein. If a User does not meet all of these requirements, the User must not access or use the Service.

Customers and Users may need to provide certain registration details or other information on behalf of themselves or other users to create an account and to otherwise access and use the Service. It is a condition of the Customer’s and User’s access and use of the Service that all the information provided to register with the Service is correct, current, and complete, and not false or misleading. Customers and Users agree that all information provided to register with the Service is governed by our Privacy Policy , and Customers and Users consent to all actions we take with respect to such information consistent with our Privacy Policy. Where it is reasonable to do so, or permitted by law, we may rely on implied consent.

About the Service

The Service consists of an online platform for collecting, publishing and analyzing customer feedback and customer satisfaction statistics and surveys. The Service also contains an embedding tool, which enables Customer to embed the results obtained from their use of the Services (such as customer recommendations and scoring) on the Customer’s own website.

The functionalities of the Service are further specified here.

The Service is available for the following types of subscriptions:

  • A free-of-charge subscription (“Free Subscription”) with an access to a limited number of Service features and a single User account; and
  • A paid subscription, for which the applicable service fees are, unless separately otherwise agreed between Customer and Trustmary, the fees indicated in connection to be finalization of the subscription (“Service Fees”).

For subscriptions made with a credit card, the Service Fees shall be automatically charged for the entire chosen Subscription Period upon the completion of the subscription process by Customer.

The pricing and availability of the Service is subject to change. Errors will be corrected where discovered, and we reserve the right to revoke any stated offer and to correct any errors, inaccuracies or omissions including after an order has been submitted and whether or not the order has been confirmed and the applicable credit card or other payment mechanism charged.

Although certain features of the Service may be provided free-of-charge, some features of the Service will not be available in the free version. Trustmary reserves the right, in its sole discretion, to determine eligibility for a Free Subscription and, subject to applicable laws, to withdraw or limit such right at any time without prior notice and with no liability.

Unless separately agreed between the Parties or explicitly mentioned in the service descriptions, the Customer or Users are not entitled to receive, inter alia, customer support services, consultation services, data transfer, integration or implementation services. In case such services are included in Trustmary’s service offering, Trustmary shall have the right to collect the applicable fees and charges relating to these services and shall provide such services in accordance with the service descriptions.

Authorized Users

Only individuals authorized by the Customer are allowed to access and use the Service. Customer is only entitled to allow access to Users exclusively from Customer’s own organization and shall not provide access to the Service to any third parties. Any unauthorized use is prohibited.

Customer and each User shall be responsible for any unauthorized use of the Service conducted with their usernames and/or passwords. All User accounts are strictly personal. Trustmary has the right to disable any username, password, or other identifier, whether chosen by you or provided by us, and/or suspend access to the Service and/or Website, at any time if, in our opinion, the Customer or any User has violated any provision of these Terms.

The Customer shall use all reasonable efforts to prevent unauthorised access to, or use of, the Service. In the event of or if the Customer or User has a reason to suspect any unauthorised access or use of the Service, or if any password has been revealed to a third party, Trustmary must be promptly notified.

The Customer shall remove and manage the access rights to the Service when necessary, such as in case of termination of employment of a User.

Restrictions of Use

The Service is only intended to be used for the internal operations of Customer and may not be used for other purposes. Trustmary may take appropriate legal action, including without limitation, referral to law enforcement, for any illegal or unauthorized use of the Service or any action that may be damaging to the rights or interests of Trustmary or any third party.

Unless otherwise permitted in these Terms, Customer or any User may not:

(a) circumvent or attempt to circumvent any usage control or anti-copy features of the Service;
(b) probe, scan or test the vulnerability of the Service;
(c) use the Service and the content available through the Service in any manner that could damage, disable, overburden or impair the Service;
(d) use any data mining, robots, scraping, or similar data gathering or extraction methods;
(e) use, sell, rent, transfer, license or otherwise provide anybody with the Service and/or the content available through the Service, except as provided herein;
(f) interfere with Trustmary’s other customers’ use of the Service;
(g) reverse engineer or decompile the Service or access the source code thereof;
(h) use the Service for transmitting any unauthorized advertising, promotional materials, junk mail, spam or any other form of solicitation or mass messaging;
(i) use the Service in violation of applicable law;
(j) modify, reproduce, adapt, translate, creative derivative works of or otherwise exploit any portion of the Service, or use the Service in ways that violate intellectual property rights, business secrets or privacy of third parties;
(k) use the Service to transmit any material that contains adware, malware, spyware, software viruses, worms or any other computer code designed to interrupt, destroy, or limit the functionality of computer software or equipment.

Other Obligations

The Customer and each User are responsible for ensuring that their hardware, connections, software and data systems to meet the operating environment of the Service and for ensuring that the Service fulfils the Customer’s intended purpose of use. The use of the Service requires a functioning connectivity to internet.

The Customer is responsible for all data and content the Customer or a User enters into the Service and the validity and accuracy thereof. In particular, the Customer shall ensure that any contact lists (including emails) used by the Customer in the Service are verified, up-to-date and include correct contact information of recipients who have given their authorization to be contacted in the manner and form determined by the Customer.

The Customer shall ensure that Users use the Service in compliance with these Terms. Misuse of the Service by the Customer or any User may lead to immediate termination of the subscription or suspension or denial of access to the Service.

Third Party Services

Certain functionalities of the Service may be provided by or integrated with services provided by third party service providers.

Trustmary shall not be liable for any direct or indirect damages arising from the use of third party services. In addition, Trustmary shall not be liable for interruptions to the availability of the services provided by third parties.

These Terms and the Privacy Policy exclusively cover the Service and the use thereof and any and all linked third party services and platforms are provided by the relevant third parties and covered by their terms of service, privacy policies, or other terms or licenses. Trustmary does not assume any liability in regard to use of such third party services and platforms, whether or not they are linked to the Service.

Intellectual Property Rights

The Service is provided to Customer as a SaaS service.

All title and any intellectual property rights to the Services as well as any content, materials and documentation, information and data created by Customer or Users as a result of their use of the Services, as well as any copies, modifications, translations, amendments and derivatives thereof (collectively, “Results”) belong to Trustmary or its licensors. Customer and Users hereby assign and agree to assign to Trustmary all rights, titles and interests, including intellectual property rights, they may have in such Results as well as the right to freely transfer, license, amend and modify the Results and intellectual property rights relating thereto.

Intellectual property rights shall be understood in the broadest sense, including but limited to any copyright, patent, trademark, design right, database protection right, and any other form of statutory protection of any kind (whether registered or unregistered) and applications for any of the foregoing respectively as well as any know-how, inventions, and trade secrets in or related to the Service or Results and thereto related documentation (including modifications, if any) and all parts and copies thereof.

Except as expressly stated herein, these Terms does not grant the Customer or User any intellectual property rights in the Service or to the Results and all rights not expressly granted hereunder are reserved by Trustmary and its licensors, as the case may be.

Customer shall however have the right to use the Results for its own internal business purposes only, including the right to use, embed and publish the content on the Customer’s own website, its social media channels as well as sales and marketing materials.

Analytics Data

Trustmary shall have the right to collect aggregated and anonymized analytics data from Customers and Users use of the Service as well as from any embedded content. Such analytics data shall be proprietary to Trustmary, and Customer and Users hereby assign to Trustmary all rights, titles and interests, including intellectual property rights, they may have in such analytics data. Trustmary may use such analytics data to e.g. develop its own products and services, generate statistics and compilations and use them for the service offerings as well as for its other commercial purposes.

Personal Data 

Trustmary may collect and process data, including personal data, in relation to Customer’s subscription and Customer’s and Users’ use of the Service, such as contact details, payment information, and identification data on Customer and Users. Trustmary processes personal data in accordance with its Privacy Policy in force from time to time.

During the course of providing the Customer with the Service, Trustmary may also process certain personal data on behalf of Customer as a data processor. Such personal data may include the contact details and names of individuals who have provided feedback for the Customer within the Service.

In regard to such data processing, Trustmary shall, in accordance with the EU General Data Protection Regulation 2016/679 (“GDPR”):

  1. Process personal data strictly for the purposes set out in these Terms and in accordance with the reasonable directions of Customer;
  2. Implement appropriate technical and organizational measures to protect the personal data;
  3. Assist Customer by reasonably appropriate technical and organizational measures insofar as this is possible (taking into account the nature of the processing) to enable Customer to fulfil any obligations to respond to requests for the exercise of data subject rights under GDPR;
  4. Assist Customer in ensuring compliance with their obligations pursuant to Articles 32 to 36 of the GDPR, taking into account the nature of the processing and the information available to Trustmary;
  5. Make available to Customer all information that is reasonably necessary to demonstrate Trustmary’s compliance with its legal obligations as a data processor under Article 28 of the GDPR;
  6. Allow Customer to, once per calendar year, to reasonably audit the data processing activities of Trustmary. Such audit shall be subject to a separate confidentiality undertaking and shall be carried out at Customers expense.
  7. Have a general authorization to subcontract its data processing operations to a sub-processor, but only by way of a written agreement with the sub-processor, which imposes obligations on the sub-processor no less onerous than as are imposed on Trustmary herein.
  8. Notify Customer of any additional sub-processor(s) in advance. If Customer reasonably object to such additional sub-processor(s), Customer may inform Trustmary in writing of the reasons for such objection, after which the Parties shall aim to resolve such situation via negotiation.
  9. Have the right to, subject to ensuring the appropriate safeguards as foreseen by GDPR, transfer personal data to or process personal data in countries beyond the European Economic Area;
  10. Notify Customer without undue delay of any actual or suspected data breach involving the personal data. Such notice shall include, at the time of notification or as soon as possible after notification, details of the nature of the breach, category and approximate number of affected data subjects, anticipated consequences of the breach and any actual or proposed remedies for mitigating the possible adverse effects of the breach; and
  11. Upon termination of Customer’s subscription, delete or anonymize the personal data as agreed with Customer as soon as reasonably practicable.

The Customer shall provide to Trustmary its applicable privacy policy pertaining to such personal data for which the Customer acts as the data controller in accordance with the instructions given in the Service.

Interfaces and integration tools

For the avoidance of doubt, all interfaces and integration tools relating to the Service are provided on an “as is” basis. Trustmary may provide the Customer with such interfaces and integration tools as developed and implemented by Trustmary from time to time. The Customer acknowledges that some interfaces or integration tools may be provided by third parties and/or may have connections or links to third party service providers’ software or systems. Trustmary shall not, under any circumstances, be liable for the actions of such third parties or the parts of the interfaces or integration tools which are delivered, maintained or owned by third parties.

Availability

Trustmary will strive to have the Service available 24 hours a day, 7 days a week (“Service Hours”) during the term of the subscription.

Notwithstanding the above mentioned, Trustmary shall have the right to temporarily suspend the provision of the Service during the Service Hours in accordance with the following, without any obligation to compensate any damages or service level failures:

Trustmary shall have the right to suspend the availability of the Service for a reasonable duration, if this is necessary in order to perform installation, change or maintenance work in respect of the Service. If Trustmary suspends the Service for this reason, Trustmary strives to inform the Customer and Users of the suspension and the estimated duration of the suspension in advance and strives to minimize any inconvenience resulting from the suspension.

Trustmary shall have the right to deny access to the Service without any prior notice, if Trustmary suspects that the Customer or User burdens or uses the Service in a manner which may jeopardize the availability of the Service to other users. Trustmary shall without undue delay inform the Customer of the reasons for such denial.

Customer and Users further acknowledge that interruptions to the availability of the Service may also occur due to no fault of Trustmary, for example, in the event of data connection disruptions or interruptions to the availability of systems or components delivered by third parties.

Warranty and limitation of liability

Except as specifically provided under these Terms, the Service is provided “as is” and with the functionalities available at each time without warranty of any kind, either express or implied, including but not limited to the warranties of merchantability, title, non-infringement, and fitness for a particular purpose. Trustmary makes no warranty of any kind that the Service, or any results of the use thereof, will meet yours or any other person’s requirements, operate without interruption, achieve any intended result, be compatible or work with any software, system or other service, or be secure, accurate, complete, free of harmful code, or error-free. Trustmary is not responsible for the circumvention of any privacy settings or security measures contained in the Service, its Website or associated applications.

TRUSTMARY SHALL NOT BE LIABLE FOR ANY INDIRECT OR CONSEQUENTIAL DAMAGES, INCLUDING BUT NOT LIMITED TO LOSS OF DATA, LOSS OF BUSINESS OR LOSS OF GOODWILL, COST OF REPLACEMENT GOODS OR SERVICES, OR USE, INABILITY TO USE, LOSS, INTERRUPTION, DELAY OR RECOVERY OF ANY DATA, OR BREACH OF DATA OR SYSTEM SECURITY. TRUSTMARY’S TOTAL AGGREGATE LIABILITY UNDER OR IN CONNECTION WITH THESE TERMS, THE SERVICE AND THE WEBSITE, SHALL BE LIMITED TO THE AGGREGATE SERVICE FEES PAID BY THE CUSTOMER (IF ANY) FOR THE SERVICE FOR THE LAST 3 MONTHS PRECEDING THE OCCURRENCE FOR WHICH DAMAGES ARE CLAIMED.

Trustmary has no other obligations or liabilities than those that have expressly been agreed upon in these terms.

Indemnity obligations of Customer

Customer will indemnify, defend and hold harmless Trustmary and its affiliates and their respective agents, officers and employees for, from and against any and all claims, damages, costs and expenses (including reasonable legal costs) relating to Customers’ or Users’ breach of the following provisions of these Terms:

  • Section Intellectual Property Rights
  • Section Restrictions of Use.

Subscription Period, Renewal and Termination

Unless agreed otherwise between the Parties, the subscription shall be valid for, based on Customers choice in connection to finalizing the subscription, for either one year or one month at a time (“Subscription Period”).

Unless terminated by Customer at least 30 days prior in monthly subscriptions and at least 2 months prior in annual subscriptions to the termination of the initial subscription period, the subscription shall automatically renew for a period of the same length. The Customer shall continue to have access to the Service and Trustmary is entitled to charge the Service Fee until the end of the Subscription Period.

Termination notices can be submitted to Trustmary at [email protected]

Each Party may terminate these Terms with immediate effect by giving written notice thereof to the other Party, if the other Party fails to comply with these Terms and does not remedy the failure within reasonable time.

Such provisions of these Terms that are intended to survive the termination or expiry of these Terms shall however survive the termination.

Upon termination for any reason, Trustmary shall not be obliged to refund any payments effected in accordance with these Terms.

After termination for any reason, the Customer and Users shall lose their access right to the Service as soon as the notice period has ended.

Force Majeure

Trustmary shall not be liable for any unavailability, errors, delay or damage caused by an impediment beyond the Trustmary’s control and which Trustmary could not have reasonably taken into account in advance, nor the consequences of which Trustmary could not reasonably have avoided or overcome. Such force majeure events shall include, if not proven otherwise, inter alia, war or insurrection, earthquake, flood or other similar natural catastrophe, interruptions in general traffic, data communication or supply of electricity, import or export embargo, strike, lockout, boycott or other similar industrial action.

Trustmary shall without delay inform the Customer in writing of a force majeure event and the ceasing of such event.

Confidentiality

Neither Party shall disclose to third parties any material or information received from the other Party and marked as confidential or which should be understood to be confidential and shall not use such material or information for any other purposes than those stated in these Terms.

The confidentiality obligation shall, however, not be applied to material and information (a) which is generally available or otherwise public; or (b) which the Party has received from a third party without any obligation of confidentiality; or (c) which was in the possession of the receiving Party prior to receipt of the same from the other Party without any obligation of confidentiality related thereto; or (d) which a Party has independently developed without using material or information received from the other Party.

Governing Law and Dispute Resolution

These Terms shall be exclusively governed by and construed in accordance with the laws of Finland without regard to its choice of law provisions.

Any dispute, controversy or claim arising out of or relating to these Terms, or the breach, termination or validity thereof, shall be finally settled by arbitration in accordance with the Arbitration Rules of the Finland Chamber of Commerce. The number of arbitrators shall be one (1). The seat of arbitration shall be Helsinki, Finland. The language of the arbitration shall be English. The arbitral proceedings and award shall be confidential.

Nothing in these Terms shall be deemed to limit the Parties’ rights to seek interim injunctive relief or to enforce an arbitration award in any court of law. With respect to any violation of any intellectual property rights and/or confidential information of Trustmary and/or payment obligations under these Terms, Trustmary shall have the right, at its sole discretion, to seek remedies in public courts within any applicable territory.

Changes to the Service, Service Fees or Terms

Trustmary may make modifications or changes to the Service at any time at its sole discretion and without notification, provided that such changes do not materially affect the Customer, Users or the usability of the Service.

If Trustmary introduces changes materially affecting the Service, Trustmary will notify the Customer thereof at least 30 days in advance in writing and the Customer is entitled to object to the revised terms, in which case Trustmary may elect to have the prior terms control, to negotiate an alternate solution with Customer, or if neither of the foregoing is applicable then Customer may terminate the subscription of the Service in case the Customer does not accept the changes.  Customer’s continued use of the Service following notice, and/or Customer’s failure to object in writing to a proposed change within the thirty (30) day period, constitutes Customer’s acceptance of and agreement to the revised terms.

Trustmary may, at its discretion, make changes to the Service Fees. Trustmary will notify Customer of such changes at least 30 days in advance. Such changes shall not be applied during an ongoing Subscription Period.

Trustmary may occasionally update these Terms. When we do so, we will also revise the ”last update” date and, in case of a material update, notify our Customers by email at least 30 days in advance. By continuing to access or use the Service after those changes become effective, Customer and Users agrees to be bound by the revised Terms.

Severability and Assignability

If any part of these Terms is held to be invalid or unenforceable by any court, tribunal or other authority having jurisdiction, this shall not affect the validity or enforceability of the rest of these Terms. Instead, these Terms shall be construed and interpreted so that its effect shall remain as close as legally possible to the effect it would have had without such invalidity or unenforceability.

These Terms or any rights or obligations hereunder may not be assigned without the prior written consent of the other Party. Trustmary may, however, assign all or any of its rights or obligations hereunder in whole or part to an affiliate or successor or to a purchaser or acquirer of its business assets without the prior consent of Customer.

Contact Details

Please contact us regarding these Terms of Service at:

Name: Trustmary Group Oy

Business ID: FI27258474

Correspondence address: Ahjokatu 12, 40320 Jyväskylä

Email: [email protected]

Website: trustmary.com

Terms of Service version history
Name of the documentValid fromValid untilDate updated
Trustmary Terms of ServiceSep 30th 2019June 30th 2020Sep 30th 2019
Trustmary Terms of Service, 01062020July 1st 2020Aug 17th 2021Jun 1st 2020
Trustmary Terms of Service, 18082021Aug 18th 2021Until further noticeAug 18th 2021

TRUSTMARY PRIVACY POLICY

Last Updated: August 18th, 2021

This Privacy Policy is applicable to the personal data processed by Trustmary Group Oy (“Trustmary” or “we”) relating to the visitors of the Trustmary website and the users of the Trustmary online service (website and online service hereinafter jointly referred to as “Service”). This Privacy Policy describes the types of information Trustmary may collect from you or you may provide to Trustmary when you access or use the Service, and Trustmary’s practices for collecting, using, and disclosing that information. This Privacy Policy also applies to the processing of personal data of the representatives of our current or prospective customers, marketing contacts and contractors. All Service users and business representatives are hereinafter collectively referred to as “Data Subjects” or “you”.

Additionally, the purpose of this Privacy Policy is to provide Data Subjects with information about the processing of their personal data in accordance with the information obligations set out in Articles 13 and 14 of the General Data Protection Regulation 2016/679 (GDPR). 

Please note that this Privacy Policy only applies to processing carried out by Trustmary as a data controller. This Privacy Policy does not address, and we are not responsible for, the privacy and data processing practices of any third parties.

This Privacy Policy may be updated if required in order to reflect the changes in data processing practices or otherwise. The current version can be found on our website. We will not make substantial changes to this Privacy Policy or reduce the rights of Data Subjects under this Privacy Policy without providing a notice thereof.

CONTACT DETAILS

Name: Trustmary Group Oy
Business ID: FI27258474
Correspondence address: Ahjokatu 12, 40320 Jyväskylä
Contact: [email protected]
Website: trustmary.com

PERSONAL DATA PROCESSED AND SOURCES OF DATA

Personal data is primarily received directly from you in connection with your use of the Service. Personal data may also be provided to us by the company or organization on behalf of which you are using the Service. For business representatives and marketing contacts personal data may also be obtained from other sources, such as public registers.

Analytics data is collected automatically as you use the Service. Although we do not normally use such data to identify individuals, sometimes individuals can be recognized from it, either alone or when combined or linked with personal data. In such situations, analytics data shall also be considered to be personal data under applicable laws and we will treat the combined data as personal data.

The personal data collected and processed by Trustmary includes:

– Full name
– Email address
– Phone number
– Organization name and work title
– User account information, content, activity and settings
– Any direct correspondence with Trustmary (e.g. feedback, questions)

– Financial or payment card information

Additionally we may collect and process following analytics data:

– IP address
– Browser type and version
– Device type and model
– Operating system
– Time of visit
– High level location data
– Browsing patterns within the Service

COOKIES AND ANALYTICS TOOLS

We use various technologies to collect and store analytics data and other information from our Service, including cookies.

Cookies are small text files sent and saved on your device that allows us to identify visitors of our websites and facilitate the use of our Service and to create aggregate information of our visitors. This helps us to improve our Service. The cookies will not harm your device or files. We use cookies content personalization and tailoring. Cookies are also used to integrate our social media accounts onto our website.

Data Subjects may choose to set their web browser to refuse cookies, or to alert when cookies are being sent. For example, the following links provide information on how to adjust the cookie settings on some popular browsers:

Safari
Google Chrome
Internet Explorer
Mozilla Firefox

Please note that some parts of our Service may not function properly if the use of cookies is refused.

We also use Google Analytics to compile Analytics data and reports on visitor usage. For an overview of Google Analytics, please visit Google Analytics.

It is possible to opt-out of Google Analytics with the following browser add-on tool: Google Analytics opt-out add-on.

Hotjar is used on the site for tracking the cursor movements and keypresses of website visitors and for the collection of associated analytics.

Purposes and legitimate grounds of processing

Purposes of processing

To provide our Service and carry out our contractual obligations (legal ground: performance of a contract and legitimate interest)

We primarily process personal data to be able to offer the Service to you and to run and maintain our business. We may use the data for example to offer essential functionalities of the Service and to provide access to the Service. Personal data may be processed in order to carry out our contractual obligations towards you or towards the organization you represent. The personal data of representatives of business customers is processed on the basis of our legitimate interests whilst fulfilling our contractual obligations towards the customer organization.

For our legal obligations (legal ground: compliance with a legal obligation)

We may process personal data to enable us to administer and fulfil our obligations under law. This includes data processed for complying with our accounting obligations and providing information to relevant authorities.

For security, claims handling and legal processes (legal ground: legitimate interest)

We may process personal data in relation to claims handling, debt collection and legal processes. We may also process data for the detection or prevention of fraud, misuse of our Service and for activities aimed at ensuring the security of our data, systems and networks.

For communication and marketing (legal ground: consent or legitimate interest)

We may process personal data for the purpose of contacting you regarding our Service and for informing you of changes in our Service. We may also process personal data to market our Service, for example in the form of sending newsletters.

For quality improvement and trend analysis (legal ground: legitimate interest)

We may process information regarding the use of the Service to improve the quality of our service, for example by analysing any trends in the use of our Service. Where possible, we will do this using only aggregated, non-personally identifiable data.

Legal grounds for processing

The legal grounds for the processing of your personal data depend on the nature and purpose of processing. The specific legal grounds are elaborated above in connection to each purpose for which we process personal data for.

We may process personal data to take care of our contractual obligations towards you or to facilitate pre-contractual steps at your request. Certain data may be processed in order to comply with our legal obligations, such as accounting legislation.

We may also process personal data on the basis of consent when you have given your consent for the processing of personal data. In such case you have the right to withdraw your consent at any time by contacting us.

Personal data is further processed on the grounds of our legitimate interests to maintain and develop our business, for example for the purposes of collecting website analytics. When processing personal data on the basis of our legitimate interests, we carefully weigh our interests against your right to privacy.

INTERNATIONAL TRANSFERS

Trustmary stores your personal data primarily within the European Economic Area. However, we have service providers in several geographical locations. As such, we or our service providers may transfer personal data to, or access it in, jurisdictions outside the European Economic Area or outside of your domicile.

We will take steps to ensure that your personal data receives an adequate level of protection in the jurisdictions in which it is processed. We provide adequate protection for the transfers of personal data to countries outside of the European Economic Area through a series of agreements with our service providers based on the Standard Contractual Clauses or through other appropriate safeguards.

PERSONAL DATA RECIPIENTS

We may use or disclose aggregated information and/or de-identified information that does not specifically identify any individual without restriction. 

We do not share personal data with third parties outside of Trustmary’s organization (which includes all Trustmary affiliates and subsidiaries) unless one of the following circumstances applies:

It is necessary for the purposes set out in this Privacy Policy

To the extent that third parties need access to personal data to perform the Service, Trustmary has taken appropriate contractual and organisational measures to ensure that personal data are processed exclusively for the purposes specified in this Privacy Policy and in accordance with all applicable laws and regulations.

For legal reasons

We may share personal data with third parties outside Trustmary’s organization if we have a good-faith belief that access to and use of the personal data is reasonably necessary to: (i) meet any applicable law, regulation, and/or court order; (ii) detect, prevent, or otherwise address fraud, security or technical issues; and/or (iii) protect the interests, property or safety of Trustmary, the users of our Service or the public in accordance with the law. When possible, we will inform you about such transfer and processing.

To authorized service providers

We may share personal data to authorized service providers who perform services for us (including data storage, sales, marketing and support services). Our agreements with our service providers include commitments requiring the service providers to limit their use of personal data and to comply with privacy and security standards at least as stringent as the terms of this Privacy Policy.

For other legitimate reasons

If Trustmary is involved in a merger, acquisition or asset sale, we may transfer personal data to the third party involved. However, we will continue to ensure the confidentiality of all personal data. We will give notice to all Data Subjects concerned when the personal data are transferred or become subject to a different privacy policy as soon as reasonably possible.

With explicit consent

We may share personal data with third parties outside Trustmary’s organization for other reasons than the ones mentioned before, when we have the your explicit consent to do so. You have the right to withdraw this consent at all times.

STORAGE PERIOD

Trustmary does not store personal data longer than is legally permitted and necessary for the purposes of providing the Service or the relevant parts thereof. The storage period depends on the nature of the information and the purposes of processing. The maximum period may therefore vary per use.

We will store analytics data relating to the Service for as long as we deem appropriate and reasonable.

DATA SUBJECTS’ RIGHTS

Right to access

You have the right to access your personal data processed by us. You may contact us and we will inform what personal data we have collected and processed regarding you. Where possible, you should primarily use the Service functionalities to access your own account information.

Right to withdraw consent

In case the processing is based on a consent you have granted to us, you may withdraw the consent at any time. Withdrawing a consent may lead to fewer possibilities to use our Service. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

Right to rectify

You have the right to have incorrect or incomplete personal data we have stored about you corrected or completed by contacting us. Where possible, you should primarily use the Service functionalities to correct your own account information.

Right to erasure

You may also ask us to erase your personal data from our systems. We will comply with such request unless we have a legitimate ground to not delete the data.

Right to object

You have the right to object to certain use of your personal data if such data are processed for other purposes than necessary for the performance of the Services or for compliance with a legal obligation. If you object to the further processing of your personal data, this may lead to fewer possibilities to use the our Service.

Right to restriction of processing

You may request us to restrict processing of personal data for example when your data erasure, rectification or objection requests are pending and/or when we do not have legitimate grounds to process your data. This may however lead to fewer possibilities to use our Service.

Right to data portability

You have the right to receive your personal data from us in a structured and commonly used format and to independently transmit those data to a third party.

How to use the rights

The above mentioned rights may be used by sending a letter or an e-mail to us on the addresses set out above. We may request the provision of additional information necessary to confirm your identity.

We reserve the right to reject requests that are unreasonably repetitive, excessive or manifestly unfounded.

DIRECT MARKETING

Notwithstanding any consent granted beforehand for the purposes of direct marketing, you have the right to prohibit us from using your personal data for direct marketing purposes, market research and profiling made for direct marketing purposes by contacting us on the addresses indicated above or by using the unsubscribe possibility offered in connection with any direct marketing messages.

California’s “Shine the Light” law (Civil Code Section § 1798.83) permits users of our Service that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please contact us at the Contact Details above.

INFORMATION SECURITY

We use administrative, organizational, technical, and physical safeguards to protect the personal data we collect and process. Our security controls are designed to maintain an appropriate level of data confidentiality, integrity, availability, resilience and ability restore the data. We regularly test our systems, and other assets for security vulnerabilities.

Should despite of the security measures, a security breach occur that is likely to have negative effects on your privacy, we will inform you and other affected parties, as well as relevant authorities when required by applicable data protection laws, about the breach as soon as possible.

Children Under the Age of 13

The Service is not intended for children under 13 years of age. No one under age 13 may provide any information to or via the Service. We do not knowingly collect personal information from children under 13. If you are under 13, do not use or provide any information via the Service or access or use the Service. If you believe we might have any information from or about a child under 13, please contact us at the Contact Details above.

Canadian Privacy Notice 

Certain Canadian laws, including Canada’s Personal Information Protection and Electronic Documents Act (S.C. 2000, c. 5), provide certain rights to Canadian residents including the right to request information from an organization about the existence, use or disclosure of such resident’s personal information, to request access to that information, and to challenge the accuracy and completeness of the information and have it amended as appropriate. If you are a Canadian resident and would like to make a request regarding your information that under our control, please contact us at the Contact Details above. 

We will attempt to respond to your request within a reasonable time. Such response will be at minimal or no cost to you. 

LODGING A COMPLAINT

In case you consider our processing of personal data to be inconsistent with the applicable data protection laws, a complaint may be lodged with the local supervisory authority for data protection.

In Finland, the local supervisory authority is the Data Protection Ombudsman (https://www.tietosuoja.fi).

Privacy Policy version history

Trustmary Privacy Policy Valid from June 1st 2020, Valid until further notice. Date updated: October 12th 2021.


A list of our sub-processors can be found here.