Privacy and data protection policy

This is a privacy and data protection policy of Salesframe Oy, compliant with the Personal Data Act (10 and 24 §) and the European Union’s General Data Protection Regulation (GDPR). Drafted on 27.3.2018. Last changes on 5.9.2023.

1. Registrar

Salesframe Oy, Korkeavuorenkatu 30, 1st floor, 00130 Helsinki

2. Contact responsible for the registry

Lauri Ruhala, lauri.ruhala@salesframe.com, +358 50 410 0052

3. Name of the registry

Sales and user register of Salesframe (including product names Salesframe and Memosites.io)

4. Legal basis and reason for handling personal data

Legal basis for handling personal data, compliant with GDPR, are:
- a contract, to which the registered is partied
- customer relationship
- personal consent
- legitimate interest to promote and market services to potential customers

5. Data content of the registry

Data collected in the registry are: name, position, company/organization, contact information (phone number, email address, address), web addresses, IP-address, information related to Salesframe app usage, billing information, other necessary information related to the subscribed services and customer relation.

Salesframe may also use personal data (name, email address) provided by third parties for contacting potential customers and marketing services for them.

The Salesframe application does not collect or access personal files from a user’s device unless the user has explicitly agreed to provide such data.

6. Regular sources of information

For providing services the registrant needs to collect data from the users who are logged in to Salesframe app. It’s a requirement for the user-based service and providing such features as material saving & sharing, creating presentations, and statistics of the usage.

Information saved in the registry are also acquired from the customer by messages sent via web forms, email, phone calls, social media, contracts, customer meetings and other situations, in which the customer hands over information.

For promoting services to potential customers Salesframe collects personal data (including e.g. name and email) from data bases provided by third parties or public sources such as websites, Google, LinkedIn, and different business related organisations’ and events’ participant lists that have relevance to Salesframe’s operations.

7. Subcontractors and data transfer

Data will only be handed over to third parties when it’s necessary to provide the agreed services for the customer, or if there’s other legal basis. In order to provide the described services the registrar can transfer data outside the EU or ETA, and in such case, assures it meets the requirements of the GDPR. You can find the list of the subcontractors and their functions here, who are used to provide the service by the registrar:

  • Amazon AWS: Salesframe has built the Salesframe software solution by using Amazon AWS server capacity. More information about their data policy: https://aws.amazon.com/compliance/gdpr-center/

  • Brevo (formerly Sendinblue): We use Brevo in our email and automated communication with Salesframe users. More information about their data policy: https://www.brevo.com/gdpr/

  • Slack Technologies, Inc.: Salesframe team’s internal communication and collaboration tool is Slack, which is used in client, development, and project-related communication. More information about their data policy: https://slack.com/gdpr

  • Pipedrive OÜ: Salesframe uses Pipedrive CRM to manage customer relationships, sales, and invoicing. Only if data is relevant for the purposes of customer relations, it’s collected and used in Pipedrive. More information about their data policy: https://www.pipedrive.com/en/privacy

  • Microsoft: Salesframe employees use Microsoft Office applications in their daily work. For example, customer and contact people-related information is used in Microsoft Outlook when handling email communication. More information about their data policy: https://privacy.microsoft.com/en-us/PrivacyStatement

  • Woodpecker.co S.A: Salesframe uses Woocpecker.co’s service in certain sales activities to send personalized communication to potential customers. More information about their data policy: https://woodpecker.co/safety-security/

  • Pendo.io, Inc: Salesframe uses Pendo to collect analytics on what users do in our product and to provide guidance and a better user experience. More information about their privacy and security principles: https://www.pendo.io/data-privacy-security/

8. Principles of registry protection

The registry is handled with care and data processed by information systems are suitably protected. When registry data is being housed on Internet servers, suitable care is taken over the physical and digital security of the hardware. The registrar is responsible for saved data, server access, and other information critical to personal data being handled with confidentiality and by only those employees, to whose job description it belongs. Data is only collected and processed when it’s necessary for the purposes as described in this privacy policy.

9. Right to review and demand corrections

Every person in the registry has a right to review all data on them in the registry and demand the correction of possible erroneous information or supplementation of incomplete information. If a person wants to review or demand corrections to data on them in the registry, they must send a written request to the registrar. The registrar can request the person to provide personal identification, if necessary. The registrar will answer the customer within the timeframe established by GDPR (mainly within one month).

10. Other rights pertaining to personal data

Any person in the registry has the right to request their personal data to be deleted from the registry (“right to be forgotten”). Registered individuals also have the other rights established by GDPR, as restricting the handling of personal data in certain situations. Requests must be sent to the registrar in writing. The registrar can request the person to provide personal identification, if necessary. The registrar will answer the customer within the timeframe established by GDPR (mainly within one month).

11. Cookies

Cookies are used on our website. Cookies are small text files that are stored on your computer's hard disk. These cookies are used on our website for tracking how people are behaving, which helps us to improve our services and also to provide more relevant marketing. If you do not want cookies to be used or notified when they are placed, you may set your web browser to do so, if your browser permits it. You can find more information behind these links for Chrome, Firefox and Internet Explorer.