Biztech Personal Privacy Statement

Biztech Personal Privacy Statement

Biztech is a European, privately owned company delivering market intelligence services for IT sector.  Our operational model is based on regular customer interviews with IT decision-makers.  Based on those interviews we are providing valuable market insight reports and tools for customers we interview, and information services for technology vendors and solution providers as subscribers of our online service.

We at Biztech (Business Technology Finland Oy (business ID 0920029-5) and its affiliates) (“we” or “us”) believe that operating fully transparently and respecting our customers’ and Business Partners’ (as defined later) privacy is important to our values and business. In the course of our business operations, we receive, collect, maintain, use and share personal data of representatives and business decision-makers of (i) customer companies we interview related to their IT infrastructure and IT services in use (“Interviewed Customers”). This data is exploited by IT technology vendors and solution providers using Biztech Information Services on subscription basis (“Subscribers”). Interviewed Customers and Subscribers are for the purpose of this Privacy Statement referred to collectively the “Business Partners”. The representatives of Business Partners are collectively hereinafter “Data Subject(s)” or “User(s)”).

The purpose of this Privacy Statement is to demonstrate our transparent operational practice and robust commitment to the Data Subjects’ right to privacy and data protection based on their personal choices. This Privacy Statement outlines how we handle information that can be used to directly or indirectly identify a Data Subject (the “Personal Data”) and describes our privacy practices in relation to use of the Biztech Information Service solution offered by us (collectively, the “Services”), as well as Data Subjects’ choices regarding their rights such as use, access and rectification of Personal Data.

We act as a controller with respect to the information we process in connection with our business relationships. For example, we are the controller in relation to Data Subjects’ contact details and other commercial Personal Data.

Unless otherwise expressly stated herein, the terms used in this Privacy Statement shall have the meaning set forth in the General Data Protection Regulation (EU) 2016/679 (the “GDPR”).

1. Information we may collect and use

We may collect the Data Subjects’ following Personal Data:

  1. Name and contact information, such as email address, phone number and job title / position;
  2. Personal Data accumulating from the use of our Services, such as data collected on the use of the Services;
  3. Personal Data collected in the interviews, such as Personal Data provided by Interviewed Customers and their representatives in connection with the analysis interviews conducted for the purposes of our Services; and
  4. Information and experiences on the use of IT services by Interviewed Customer, which the Data Subjects may provide in connection with the interviews.

We may record interviews for internal training and quality control purposes.  Such recordings will be treated as confidential information and will not be disclosed to third parties. Recordings will be automatically deleted after three (3) months. Personal Data processed by us is mainly obtained directly from the Data Subject or through Interviewed Customer having a direct relationship with the Data Subject (such as colleague, pair or team member).  The provision of certain Personal Data is necessary for use of our Services. Personal Data provided in connection with interviews of Interviewed Customers is provided voluntarily. Personal Data may also be collected, updated and supplemented by collecting data from private and public registers.

We do not collect and process sensitive information (Personal Data of special categories).

2. Processing of Personal Data

We process Personal Data of Data Subjects to offer the Services for our Business Partners. In this context, Personal Data may be processed for the following purposes:

  1. management of our relationship with Interviewed Customers and Subscribers;
  2. delivery of information and reports to Interviewed Customers and Subscribers;
  3. reporting and statistics of the Biztech Information Service;
  4. market and customer analysis;
  5. marketing purposes, including direct marketing by electronic means unless objected by the Data Subject;
  6. administration notices;
  7. database management and maintenance;
  8. Biztech Information Service access management;
  9. sending important information to the Data Subject e.g. regarding service content, changes of applicable  fees, price list and conditions.

We process Personal Data on the following basis:

  1. for the purposes of our legitimate interests related to our relationship and service delivery with Interviewed Customers and Subscribers (Article 6(f) of the GDPR); or
  2. to comply with legal obligations we are subject to (Article 6(c) of the GDPR), such as corporate and accounting).

3. Disclosure of Personal Data

For the purposes of providing the Services for Subscribers, Personal Data provided by the Interviewed Customer in connection with the interviews will be made available to our Subscribers deploying Biztech Information Service. Personal data we make available through our Service to the Subscribers is always related to the person`s role being in charge of the relevant solution area (such as servers, printers, workstations, cloud services etc.) and being disclosed voluntarily by the Interviewed Customer in connection with the interview. Our Subscribers may use such data while following up the interviews and contacting the Interviewed Customers afterwards. Subscribers might as well use such Personal Data for their own marketing purposes. Such processing is always carried out on Subscriber’s own responsibility. Please refer to the privacy policies of respective Business Partner for further information on their processing of Personal Data.

In connection with our Service delivery for Subscribers, some contact details of representatives of the Subscribers may as well be disclosed to the Interviewed Customers, on the cus-tomer materials and on our website.

If a Data Subject representing an Interviewed Customer wishes not to have his/her personal data (name and contact details) disclosed through the Service to the Subscribers, the Data Subject may inform us thereof and we act accordingly and remove the data from the Service. This choice will simultaneously terminate the service delivery to Interviewed Customer concerning both market reports and online services.

For the purposes stated in this Privacy Statement, Personal Data may as well be disclosed, when necessary, to authorities, other companies within the same group of companies as us, companies which we cooperate with, and to other third parties, such as our third party service providers. In such case, the Personal Data will only be disclosed for purposes of providing the Service.

Personal Data is not transferred regularly outside the Euro-pean Union and the European Economic Area (“EU/EEA“). In case Personal Data is transferred outside the EU / EEA, such transfers are performed subject to appropriate safeguards such as standard data protection clauses adopted or otherwise approved by the EU Commission or competent data protection authorities in accordance with the GDPR (“Standard Data Protection Clauses”).

4. Retention Period

Personal Data collected in connection with our Services (such as in relation to the interviews and other data collection measures) shall be retained as long as needed to provide our Services, unless such data is replaced through regular updates. As regards Personal Data related to our relationship with our Subscribers and subscriber prospects, we retain Data Subject’s Personal Data as long as we have a relevant relationship with the respective Subscriber. Personal Data may be, in whole or in part, retained for longer or shorter term if required by applicable law or if there is other justified reason to retain or delete the data. In such a case, once the reason to retain the Personal Data ceases to exist, the Data Subject’s Personal Data shall be erased without delay from the Service.

We evaluate the necessity and accuracy of the Personal Data on a regular basis and endeavour to ensure that the incorrect and unnecessary Personal Data shall be corrected or deleted.

5. Data Subjects’ Rights

Data Subject has a right to request from us:

  1. access to and rectification of and, under certain conditions, erasure of Data Subject’s Personal Data from the Service;
  2. for restriction of processing concerning the Data Subject or to object to the processing (for example the processing for marketing purposes);
  3. to receive, when the automatic processing is based on consent or performance of a contract, Personal Data that has been provided to us by the Data Subject, in a structured, commonly used and machine-readable format and to transmit those data to another controller; and
  4. the right to opt out of receiving electronic direct marketing communications from us. All electronic direct marketing communications that you may receive from us, such as e-mail messages and SMS-messages, give you an option of not receiving such communications from us in the future.

Data Subject acknowledges that in case the processing is restricted or objected or personal data is deleted upon Data Subject’s request, the Data Subject may no longer access the Service, gain market reports or otherwise use the features of the Service. Data Subject may exercise the aforementioned rights by sending a written request to us ( In case the Data Subject considers that its rights under the data protection laws have been infringed, the Data Subject may lodge a complaint with the supervisory authority of the Data Subject’s residence in the EU (e.g. in Finland the Finnish Data Protection Ombudsman).

6. Security Safeguards

Securing the integrity and confidentiality of Personal Data is important to us. We have taken adequate technical and organisational measures in order to keep Personal Data safe and to secure it against unauthorized access, loss, misuse or alteration by third parties, such as encryption, access controls, and firewalls. Nevertheless, considering the cyber threats in modern day online environment, we cannot give full guarantee that our security measures will prevent illegally and maliciously operating third parties from obtaining access to Personal Data or absolute security of the Personal Data during its transmission or storage on our systems.

7. Other

We may make changes to this Privacy Statement at any time by giving a notice on the website and/or by other applicable means. The Data Subjects are highly recommended to review the Privacy Statement on our website every now and then, referring to the date of the last modification listed at the top of this page. If the Data Subject objects to any of the changes to this Privacy Statement, the Data Subject can request that we remove the Personal Data concerning him/her from the service, unless applicable laws require storage of such Personal Data. Unless stated otherwise, the then-current Privacy Statement applies to all Personal Data we process at the time.

8. Contact information of data controller

Data controller: Business Technology Finland Oy (business ID 0920029-5) and its affiliates.

All contacts and inquiries related to this Privacy Statement should be addressed to