Data Privacy Addendum

Future Group Oy, Future CAD Sweden AB, Future CAD Denmark A/S, Future Group Slovakia s.r.o.

GDPR Policy

Are you considering data security and privacy? It is important for us that you have confidence to let us manage and store data about you, that you are aware that we follow rules and regulations when we work with your data. This is our GDPR policy – we protect your privacy!

Data and how we handle it

Data is information that we have and collect about you and how you use our services, all to provide you with good experiences and appropriate, services and offers.

What type of data we collect

We collect two types of data about you – customer data and traffic data.

Customer data is data that is linked to your service – e.g. name, address, e-mail address, telephone number. It may also be information about what services you have and how you use them, orders, user ID, passwords, and other information you provided in your contacts with us.

Traffic data is data related to activities taking place when using our services, such as our Business Booster Platform (BBP). Traffic data is processed for the purpose of transmitting an electronic message via an electronic communications network (for example, when you place an order or search for end-user information in BBP). There are also data for order confirmations and invoicing for new and renewal orders. Other examples are who communicated with BBP and the time when communication began and ended.

How we collect data

We collect and process data such as:

  • that you provide when you become a VAR (Value Added Reseller) and when you communicate with us – e.g. when you contact us for information or subscribe to newsletters.
  • Created when using any of our services – e.g. when you visit our website, use your BBP functionality or visit our Up2date site.
  • We get from other sources – e.g. public data sources, credit assessment services, as well as from other sources.
  • Collected by our web pages using cookies that collect information on and from your web browser.

The type of information we collect about you depends on what services you use.

What we use data for

To process data, there must be support in current data protection regulation, a so called legal ground. This means that for our processing of your data to be legal, it is necessary (1) to complete an agreement with you or (2) to fulfil a Future Group legal obligation. The processing of your data may also be done (3) after a balance of interest or (4) since you have given your consent to that particular treatment.

To provide services and products, we need to process and manage your data. Below are examples of the purposes for which we treat your data and on which legal basis we do this.

Provision of services

We process data to identify you as an Autodesk Ltd VAR or end-user, to handle and deliver orders in accordance with your agreement with Future Group OY and Autodesk Ltd and to provide communications services, such ensuring operation of the service. We also process data to manage your invoices, payments, credit disclosure purposes, to correct errors, handle other incidents, and to handle complaints.
Legal basis: performance of agreements and legal obligation

Other communications about services

We also process data in connection with other communications with you, such as when we send information about and respond to questions about our services.

When you call our inside sales or technical team, the call can be documented. When you chat with our inside sales or technical team, the written texts can be documented and analysed. We do this to educate our employees, improve our way of working to always help you in the best possible way.

Legal basis: legitimate interest (customer data) and consent (traffic data).

Development of services

We process data to further develop and manage our operations, services and networks as well as our processes. For this purpose, we may also compile statistics for analysis needs.

Legal basis: legitimate interest (customer data) and consent (traffic data)

Direct marketing

We treat different types of data to market our products and services directly to you. You can get it via letter, phone, text message and e-mail.

For this purpose, we may also compile statistics for analysis needs.

Legal basis: legitimate interest (customer data) and consent (traffic data).

Information security and prevention abuse of services

We treat data to ensure the security aspects of all our services and communications networks, to detect and prevent various types of illegal use or use that otherwise violate the terms of service. We also treat these data to prevent network and service abuse, and to detect and prevent fraud, virus attacks, etc.

Legal basis: performance of contract (customer data) and legal obligation (traffic data).

Compliance with laws

We process data to fulfil our statutory obligations.

Legal basis: legal obligation

How long we save data

We never save data longer than we need. Some data is discarded directly, others are stored for a long time depending on the data to be used and our statutory obligations.

  • End user data is saved if you are a Future Group VAR and thereafter no longer than 24 months after termination of the contractual relationship. In the case of unpaid invoices or cancelled contracts, the data is saved until the claim is settled. When the invoice is paid, the data is deleted after 24 months, except for data stored by law, for example, Bookkeeping Act or if an End user actively have requested to move their business to another Future Group VAR, (this process is according to your VAR agreement with Autodesk).
  • We also save usage data to help you if something is wrong with the services we deliver. For us to continuously offer better services based on our customers’ needs, we also save statistics based on these tasks. This data maybe is saved for 6-24 months.
  • To limit harm to and protect you from internet fraud, we save IP addresses so that we can search, block, and delete addresses and messages. This way we can prevent the spread of viruses, spam and trojans. Dynamic IP addresses in the fixed network are saved for 6 months and dynamic IP addresses in the mobile network are saved for 100 days.
  • Calls documented by our inside sales or technical team are stored for 6 months after cases are closed.
  • Chat conversations with our inside sales or technical team are saved for 6 months after cases are closed.

To whom we release your data

We may disclose your data to

Government authorities, Autodesk according to your VAR (Value Added Reseller) agreement and our VAD (Value Added Distributor) agreement with Autodesk Ltd

Transmission to third countries

Some End users may have a part of their operations in countries outside Sweden or EU / EEA (so-called “third countries”). If, in order to provide the service to you, you transfer your data to an End user in such a third country, we take appropriate safeguards and ensure that the transferred data is handled in accordance with applicable law and VAR and VAD agreement with Autodesk Ltd.

How we protect data

We are constantly working to protect our customers’ integrity. Our security work includes protection of individuals, information, IT infrastructure, internal and public networks, as well as office buildings and technical facilities.

Attention is devoted to information security regarding your data to prevent and detect spread to third parties or to be lost. Access to your data is provided only to those who need it for their duties. Processing of data is logged and checked systematically.

Encryption of data is done with generally recognized and secure encryption methods. We continuously work to combat spam and viruses in our networks.

You decide regarding your data

Certain data processing is based on your approval, so called consent. You always decide which treatment you approve and if you wish to withdraw your consent.

Note: To provide services and products, we need to process and manage your data. However, you are not required to provide your data to us. If you choose not to do so, we may not be able to provide all products and services to you.

Your rights

You are entitled to know what we are doing with your data – why it is being treated, the duration of the treatment, who is taking it, and what consequences the treatment will have. Here are your rights. You will find contact information at the bottom of the document.

Right of access

You can request a registry free of charge where you clearly indicate what information you want to see. We will answer your requests without unnecessary delay and within a month. If for any reason we cannot meet your wishes, we will provide a reason. The registry extract will be sent to the address you specify in your request. We reserve the right to validate your request with the company you are registered to.

Right to rectification

We are responsible for ensuring that the data we process is correct, but you as a customer are also entitled to supplement missing and relevant data. If you find incorrect data about you, you are entitled to request this. As soon as your data is corrected, we will confirm that the correction is completed. In the situation your request proves impossible or impose an excessive effort we will inform you about this and discuss other options.

Right to erasure

Customer data is saved if you are a Future Group OY VAR and thereafter no longer than 24 months after the termination of the contract. Invoice information and invoice data are saved as long as necessary by law, for example. Bookkeeping Act.

As a customer, you may, without undue delay, get the following data deleted if any of the following conditions apply:

  • If the data is no longer needed for the purposes for which they were processed.
  • If the treatment is based solely on your consent and you revoke this.
  • If the treatment is for direct marketing and you oppose the processing of the data.
  • If you oppose data processing that takes place after an interest weighing and there are no legitimate reasons that weigh heavier than your interest.
  • If data has not been processed according to the regulations.
  • If deletion is required to comply with a legal obligation.

If data is deleted, we will notify you when it has occurred.

Right to object

You are entitled to object to the processing of your data we perform based on interest weighting. You must then specify what treatment you are facing that you want object to. If we consider such treatment to happen, we must show that there are interests that weigh heavier.
If data is processed for direct marketing, you are always entitled to object to the treatment at any time.

Right to restriction

You are entitled to request a temporary limitation on processing your data. Treatment may be limited in the following situations:

  • When you think your data is incorrect and you have therefore requested a correction with us. You may then request that processing of your data be limited while the investigation is in progress.
  • When the data processing is illegal but you oppose your data erasing and instead request that the use of these data be restricted.
  • When you need your data to determine, enforce or defend legal claims, even if we no longer need your data for the purpose of our treatment.
  • Once you have objected to us processing your data, we may continue to process your data during the time of the check.
  • If the processing of your data is temporarily limited, we will inform them that we provide with the data that this temporary restriction has taken place.

However, this does not apply if it proves impossible or imposing an excessive effort.

Right to data portability

You are entitled to obtain and otherwise use such data as you have provided to us in order to use them elsewhere (also called to port). For example, move your data to another VAD.

This applies in cases where you have given your consent to the data processing or if the processing is required to provide you with services in accordance with the agreement you have entered with Future Group and Autodesk Ltd. However, you do not have the right to move your data if we process these due to interest or legal obligation.

Notification of violation (complaint)

If you believe your data is being processed in violation of current regulations, please report it to us as soon as possible. You can also file a complaint with the Data Protection Authority.


If you have suffered damage because your data has been processed in violation of the applicable law, you may be entitled to damages. You may then seek damages from us or bring an action for damages in court. Such a request must be made in writing to us.


We use cookies and similar technologies (such as pixel tags). Here is more information about cookies, as well as your choices.

What “cookies” are

A cookie is a small amount of data that is sent to a browser from a web server and gets saved on the hard drive of the computer that you are using (in the browser folders). Cookies collect standard information from your browser such as

  • browser type
  • browser language
  • the website address you came from when you visited our website.

They may also collect information about

  • your Internet Protocol (IP) address
  • your clickstream behaviour – this might include
    • the pages you view
    • the links you click
    • the date and time of your visit or request

Cookies may uniquely identify your browser or your account, but they do not necessarily identify you personally. Cookies can also be used to help store personal information, for example where you ask us to “remember” you or keep you logged in.

We use cookies to improve and personalize the user experience of the service, collect information about services, the number of visitors and most popular content, and identify frequently visiting visitors.

Your choices about cookies

Modify your browser settings

You can modify your browser settings to control whether your computer or other device accepts or declines cookies. If you choose to decline cookies, as noted above, you may not be able to use certain interactive features of our websites or applications.

Delete cookies from your browser

You can delete cookies from your browser; however, that means that any settings or preferences managed by those cookies will also be deleted and you may need to recreate them. Depending on your mobile device, you may not be able to control tracking technologies through settings.

Contact details

Personal Data Responsible Future Group Oy

Future Group Oy is the entity responsible for data and is responsible for the data processed under Future Group Oy, Future CAD Sweden AB, Future CAD Denmark A/S and Future Group Slovakia s.r.o. trademarks. We determine the purpose of the treatment and the way it will go.

Future Group Oy (corporate identity number 502071-0041)
Sahaajankatu 26A
00880 Helsinki
Phone: +358 9 4785 400

Data Protection Officer (DPO) at Future Group Oy

Our DPO attorney ensures that your data is processed correctly and legally with us.

For general information about our privacy policy contact us via email:

If you do not want any direct marketing

If you do not want us to contact you for direct marketing of our products and services via e-mail, please contact us by unsubscribing in respective e-mail or sending an e-mail to our DPO:

Contact to exercise your rights

  • Change approval of how we handle data (consent)
  • Right of access
  • Right to rectification
  • Right to erasure
  • Right to object
  • Right to restriction

The application must be in writing and include full name, company official e-mail and VAR CSN-number.

Future Group Oy
Sahaajankatu 26A
00880 Helsinki