1.1. Feelback Ltd. follows the applicable valid personal data processing and data protection legislation in all its operations.
1.2. Feelback Ltd. adheres to both EU’s General Data Protection Regulation (2016/679) and the local regulations and decrees. Due to this, Feelback Ltd. processes all its customer-related data in the EU/EEA. Personal data will not be processed outside the European Economic Area (EEA), unless such data transfer has been separately agreed with the customer in writing.
2. DATA SECURITY
2.1. All data collected by Feelback Ltd. will be only recorded in secure server environments located in EU. The data processing agreement between Feelback Ltd. and the service provider of the server environment it uses ensures that the data will not be processed in a way that violates this privacy statement.
2.2. All project data and registers saved on Feelback Ltd.’s servers will be processed confidentially. All data will be recorded safely and they will only be processed by the personnel taking part in the project in question. Anyone with access to personal data will only process these data in accordance with the agreement made with the customers and related instructions.
2.3. Feelback Ltd. uses technical and organisational security measures in order to ensure the data security of its customers and responders. Such security measures include saving data only in secure server environments. Usage of data has been restricted with protection based on logins and passwords. All electronically recorded data are kept in systems that have been protected against outside contacts with firewalls. Printed materials, such as summaries, will be stored in office facilities protected by electronic access control.
2.4. The servers of data collection software used by Feelback Ltd. are located in the service provider’s IT areas. Feelback Ltd. and the service provider have a valid confidentiality agreement. The server areas have been designed as a place for server systems requiring a high level of operational security and they offer a technically advanced and secure environment for producing server services.
2.5. Research reports, personal data and collected data can be sent using a secure connection.
3. PROCESSING PERSONAL DATA
3.1. Feelback Ltd. does not use personal data for any other purposes than the ones determined in the project. A respondent’s personal data will not be linked to the received responses in reports, unless the respondent has consented to this.
3.2. Feelback Ltd. requires all its employees and partners to commit to absolute secrecy about the matters they may learn in connection to customer cooperation. If necessary, separate non-disclosure agreements with customers and/or partners will be signed.
3.3. Feelback Ltd. stores all personal data on secure servers. Personal data will only be stored as long as agreed and will be disposed of at the end of the project.
3.4. If Feelback Ltd. uses subcontractors for processing personal data in its operations, the same terms will apply to the subcontractor’s project personnel as to Feelback Ltd.’s own personnel.
3.5. Feelback Ltd. ensures that the personnel processing personal data have an appropriate training for processing personal data.