Developing Building Information’s operations and services
Improving customer experience
Analytics and statistical purposes
Generating more personalised, targeted content and marketing
Managing campaigns and competitions
Implementing marketing bans, as defined in legislation
Providing better customer service
Data are processed based on the relationship between the customer and Building Information, an agreement, website use, the customer’s express consent or statutory obligations.
Principles of data storage and protection
All personal data are protected from unauthorised access as well as accidental or unlawful destruction, alteration, disclosure, transfer or other unlawful processing.
Building Information stores customer information inside the European Union. Data centres, the technical security of the store systems and the data security of all processes are of high quality. Servers are protected against data breaches and denial-of-service attacks.
When processing personal data and implementing technical solutions, we comply with good data protection practices. Personal data are processed in accordance with the requirements of the EU General Data Protection Regulation (GDPR), effective from 25 May 2018.
All access to personal data is controlled in compliance with good practices.
Personal data processing
Customer information can only be accessed by Building Information’s employees, and they have been trained to use the information securely and ethically. Each employee can only access the information items that they need to see to be able to perform their duties.
We use trusted contractual partners, which enables us to transfer data to third parties. The requirements imposed by the EU GDPR and other laws have been taken into account in the agreements signed with all parties.
The company responsible for data processing is:
Building Information (The Building Information Foundation RTS sr, Building Information Ltd, The Estonian Construction Centre)
Malminkatu 16, FI-00100 HELSINKI
Disclosure of data to third parties
We may disclose certain necessary information to third parties in order to ensure delivery and for marketing purposes.
We also use customer information with third parties for analytics and personalisation purposes. We use purchase behaviour and browsing data together with partners, so that we can provide you with more relevant products and offers. Where possible, data used for analytics and personalisation purposes are anonymised. Only we can connect the data to your name.
If necessary, we also disclose data to public authorities. We always inform the customer of information requests if this is permitted by law.
We transmit data to the following third parties:
Analytics and statistics partners
Email marketing partners if the customer has opted in for a newsletter
Transport company if the delivery method chosen is delivery to a pick-up point, the nearest post office or the customer’s address
Payment processor when card payment is used
Product supplier when an order is made for an electronic licence or a direct delivery product
Debt collection company if an invoice falls due and is transferred to a collection company
Whenever data are transferred and processed, Building Information will ensure a high level of data security and protection in accordance with the EU GDPR.
Data used for analytics and targeted marketing are anonymised where possible. When this is not possible, we treat data as personal to the extent that the identifier includes data that identifies the customer, such as an IP address. Identifiers that have been linked to the customer in some way are also treated as personal data. Identifiers used for analytics and targeted marketing are valid from 30 seconds to 24 months.
We use Google Analytics to analyse the use of our website, popular products, trends and sales. All data sent to Google are anonymised. Read more about how Google Analytics processes data. Users can opt out of the identifiers used by our analytics and marketing partners by turning the ‘Do Not Track’ function on in their browser and setting the browser to reject third-party cookies.
Changes to the privacy statement
We reserve the right to modify this privacy statement due to service development or legislative changes. Registered customers will be informed of any significant changes to the privacy statement when terms and conditions are updated.
This privacy statement replaces the previous description of personal data file.