Törődünk az adatai védelmével

A HMD Global Oy elkötelezett az adatai védelmének tisztelete iránt, és megfelel a vonatkozó adatvédelmi törvényeknek. Ez az adatvédelmi irányelv („Irányelv”) azt mutatja be, hogy miként gyűjtjük és használjuk a személyes adatait, amikor a HMD az adatkezelő, vagy ahol ennek az Irányelvnek az alkalmazhatóságára hivatkozunk. „Személyes adatok” alatt az Önre vagy más, azonosítható személyre vonatkozó információkat értjük.

A jelen Irányelv kiegészítéseként további adatvédelmi adatokat nyújtunk Önnek, amelyek egy bizonyos termékre vagy szolgáltatásra vonatkoznak, és további értesítéseket biztosítunk, miközben a termékeinket vagy a szolgáltatásainkat használja. Ha különbség van az ilyen értesítések és ezen Irányelv között, akkor az értesítések az irányadók.

Kérjük, szánjon egy pillanatot arra, hogy megismerkedjen az Irányelveinkkel, és ha bármilyen kérdése felmerül, akkor forduljon hozzánk.

Milyen információkat gyűjtünk?

Személyes adatait és egyéb adatait akkor gyűjtjük, amikor megvásárolja, használja vagy regisztrálja egy termékünket vagy szolgáltatásunkat, részt vesz egy kampányban vagy kutatásban, vagy más módon kapcsolatba lép velünk. Ez a következő kategóriákat tartalmazza:

• Termék- és szolgáltatásaktiválások. A HMD-termékek és -szolgáltatások elektronikus aktiválást igényelhetnek, ahol a készüléket és az alkalmazás típusát, valamint az egyedi eszköz, az alkalmazás, a hálózat és az előfizetés azonosítóját a rendszer elküldi a HMD vállalatnak.
  
• A termékek és a szolgáltatások használata.
  • Amikor hozzáfér az online szolgáltatásainkhoz, akkor a webszervereink automatikusan létrehoznak egy nyilvántartást a látogatásáról. Ezek a nyilvántartások jellemzően az IP-címet, a hozzáférési időket, a linkelt webhelyeket, a látogatott oldalakat, a használt hivatkozásokat és funkciókat, a megtekintett vagy kért tartalmat, a böngészőt vagy az alkalmazástípust, a nyelvet és más hasonló információkat tartalmaznak. Alkalmazásaink időnként kapcsolatba léphetnek szervereinkkel, például frissítések ellenőrzése vagy a szolgáltatás használatával kapcsolatos adatok elküldése céljából.
  • Fejlesztési programok. Felkérhetjük Önt, hogy csatlakozzon az önkéntes termék- és szolgáltatásfejlesztési vagy kutatási programokhoz, ahol részletes információkat gyűjtünk. További információért tekintse meg a Felhasználói élmény program kiegészítését.
  • Helymeghatározási és helyadatok. A helyalapú szolgáltatások a műholdas, a mobil, a Wi-Fi vagy más hálózati alapú helymeghatározási módszerek használatával határozzák meg az Ön pontos vagy megközelítő helyét. Ezeknek a technológiáknak a használata során a rendszer a helyadatok és az egyedi eszközök, valamint a mobil, Wi-Fi vagy egyéb hálózati azonosítókat biztosítja a HMD részére. Ezeket az információkat a beleegyezése nélkül nem használjuk személyazonosításra.
• Az Ön által megadott adatok. Amikor létrehoz egy fiókot, vásárol, szolgáltatásokat igényel, részt vesz egy kutatásban vagy kampányokban, vagy más módon kapcsolatba lép velünk, kérhetünk olyan információkat, mint például a neve, az e-mail-címe, a telefonszáma, az utcaneve, a felhasználóneve és a jelszavai, az eszközére vonatkozó adatai, a kora, a neme és a nyelve, a bankszámlaszáma, a hitelkártya-adatai és egyéb hasonló pénzügyi adatai. Továbbá nyilvántartjuk a – például a helyadatokra, a marketingre és a személyes adatok megosztására vonatkozó – hozzájárulásait, preferenciáit és beállításait is.
  
• Harmadik felű forrásból származó információk. Bizonyos adatokat harmadik féltől származó közösségi hálózati szolgáltatásoktól kapunk, például amikor egy közösségi hálózati fiók bejelentkezési adataival jelentkezik be a fiókjába. További információért tekintse meg a Nokia-telefonfiók kiegészítését.
  
• A velünk végzett tranzakciói. Nyilvántartásainkban rögzítjük a vásárlásait, a letöltéseit, a velünk megosztott tartalmait, a kéréseit, az Önnek nyújtott termékeket és szolgáltatásokat, a fizetési és a szállítási részleteket, a kapcsolatait, kommunikációját és egyéb velünk történő interakcióit. Az alkalmazandó jogszabályoknak megfelelően rögzíthetjük, amikor kapcsolatba lép az ügyfélszolgálatunkkal vagy más hasonló kapcsolattartási pontokkal.

Miért dolgozzuk fel a személyes adatokat?

A HMD az alábbi célokból feldolgozhatja a személyes adatait. Egy vagy több célt egyidejűleg is alkalmazhatunk.

• Termékek és szolgáltatások biztosítása. A személyes adatait felhasználjuk termékeink és szolgáltatásaink biztosításához, a kérelmek feldolgozásához, vagy más olyan tevékenységhez, amely szükséges az Ön és a HMD között létrejött szerződés betartásához, a termékeink és a szolgáltatásaink funkcióinak és biztonságának biztosításához, az Ön azonosításához, valamint ahhoz, hogy megelőzzük és kivizsgáljuk a csalásokat, és más helytelen használatot. Például az eszközaktiválási adatok használatával aktiváljuk a készülék jótállását, és vonatkozó ügyfélszolgálati szolgáltatásokat nyújtunk Önnek.

• A termékek és a szolgáltatások személyre szabása. Személyes adatait arra használjuk fel, hogy személyre szabjuk az Ön által használt termékeinket és szolgáltatásainkat, és hogy relevánsabb szolgáltatásokat nyújtsunk, amelyek jobban megfelelnek a profiljának és az érdeklődési körének, például abból a célból, hogy javaslatokat tegyünk, és személyre szabott tartalmakat és hirdetéseket jelenítsünk meg a szolgáltatásainkban.

• Fiókok. Egyes szolgáltatásokhoz fiókra van szükség, hogy segítsünk a tartalom és a beállítások kezelésében. További információért tekintse meg Nokia-telefonfiókunk kiegészítését.

• A termékek és a szolgáltatások fejlesztése. Személyes adatait termékeink, szolgáltatásaink, ügyfélszolgálatunk, az értékesítések és a marketingünk fejlesztésére használjuk. Például csatlakozhat a Felhasználói élmény programhoz, így biztosítja számunkra a személyes adatait termékeink és szolgáltatásaink minősége és teljesítménye javításának céljából. Ha bővebben szeretne olvasni arról, hogy miként használjuk fel személyes adatait a termékeink és szolgáltatásaink fejlesztéséhez, akkor tekintse meg a Felhasználói élmények kiegészítését. Társíthatjuk az összegyűjtött személyes adatait egy adott HMD-termék és/vagy -szolgáltatás használati adataival kapcsolatban olyan személyes adatokkal, amelyeket rögzítettünk Önről, kivéve, ha az összegyűjtött adatokat más célból rögzítettük.

• Kommunikáció Önnel. Személyes adatait felhasználhatjuk arra, hogy kapcsolatba lépjünk Önnel, például tájékoztassuk Önt arról, hogy szolgáltatásaink megváltoztak, vagy kritikus figyelmeztetéseket és hasonló értesítéseket küldjünk Önnek a termékeinkről és/vagy a szolgáltatásainkról, és arra, hogy az ügyfélszolgálati ügyekben felvegyük Önnel a kapcsolatot. Ha bővebben szeretne olvasni arról, hogy miként használjuk fel személyes adatait az ügyfélszolgálati szolgáltatások biztosításához, akkor olvassa el a Nokia mobil-ügyfélszolgálati kiegészítését.

• Marketing. Felvehetjük Önnel a kapcsolatot, hogy tájékoztassuk Önt az általunk kínált új termékekről, szolgáltatásokról vagy promóciókról, valamint piackutatás céljából, ha beleegyezett, vagy más módon engedélyezett. Személyes adatait felhasználhatjuk arra, hogy személyre szabjuk az ajánlatunkat, és hogy relevánsabb szolgáltatásokat nyújtsunk, amelyek jobban megfelelnek a profiljának és az érdeklődési körének marketingcélokból, például arra, hogy személyre szabott tartalmat jelenítsünk meg, és hogy tartozékokkal kapcsolatos javaslatokat biztosítsunk. Ez magában foglalhatja a HMD és harmadik felek tartalmainak megjelenítését.

Melyek a feldolgozás alapjai?

A HMD csak akkor dolgozza fel a személyes adatait, ha ez jogszerű. A feldolgozás a következő jogalapon alapul:

• Szerződés. A személyes adatok feldolgozása szükséges az Ön és a HMD közötti szerződés teljesítéséhez. A személyes adatait felhasználjuk termékeink és szolgáltatásaink biztosításához, valamint a funkciók és a biztonság biztosításához. Ha nem adja meg a szükséges információkat, az azt jelenti, hogy nem tudjuk Önnek biztosítani a terméket vagy a szolgáltatást. A szerződés a feldolgozás alapja, például akkor, amikor:
  • Gyűjtjük a szükséges személyes adatokat a fizetés feldolgozásához és a vásárlás biztosításához.
  • Kapcsolatba lépünk Önnel, például tájékoztatjuk a szoftverfrissítésekről, kritikus figyelmeztetéseket és hasonló értesítéseket küldünk Önnek a termékeinkről és/vagy a szolgáltatásainkról, és ügyfélszolgálattal kapcsolatos ügyekben felvesszük Önnel a kapcsolatot.
• Törvényes érdekek. A HMD akkor dolgozza fel a személyes adatokat, amikor ez a HMD által végrehajtott törvényes érdekekhez szükséges. A törvényes érdekek olyan érdekekre utalnak, amelyek törvényesek, és fontosak a HMD számára. A törvényes érdekeken alapuló feldolgozási tevékenységek során a jogait figyelembe vesszük és egyeztetjük őket a HMD érdekeivel. Ha felveszi velünk a kapcsolatot, akkor további tájékoztatást nyújtunk az egyensúlytesztekről. Önnek jogában áll kifogást emelni a törvényes érdekeken alapuló feldolgozással szemben. A „Mik a jogai?” című szakaszban bővebben olvashat arról, hogy mik a jogai, és hogyan veheti fel velünk a kapcsolatot. A törvényes érdekek nyújtják az alapját az olyan feldolgozásnak, amikor például:
  • A HMD-termékeket és -szolgáltatásokat elektronikusan aktiválja, és a készüléket és az alkalmazás típusát, valamint az egyedi eszköz, az alkalmazás, a hálózat és az előfizetési azonosítóját a rendszer elküldi a HMD vállalatnak.
  • Kapcsolatba lépünk Önnel, hogy tájékoztasson Önt a korábban megvásárolt hasonló termékekről vagy szolgáltatásokról.
  • Személyes adatait felhasználhatjuk arra, hogy személyre szabjuk az ajánlatunkat, és hogy relevánsabb szolgáltatásokat nyújtsunk, amelyek jobban megfelelnek a profiljának és az érdeklődési körének, például arra, hogy javaslatokat tegyünk, valamint személyre szabott tartalmakat és marketinget jelenítsünk meg a szolgáltatásainkban. Ez magában foglalhatja a harmadik felű tartalmak megjelenítését.
  • Elemezzük az Ön érdeklődési körére, vásárlási viselkedésére és visszajelzésére vonatkozó adatokat üzleti tevékenységünk, termékeink és szolgáltatásaink fejlesztése céljából.
  • A személyes adatokat a csalás és más visszaélések megakadályozása és kivizsgálása céljából dolgozzuk fel, valamint a HMD törvényes érdekeinek védelme érdekében, például a polgári vagy büntetőjogi eljárásokban.

• Beleegyezés. A személyes adatok feldolgozása az Ön beleegyezésén alapulhat. Ilyen esetekben a személyes adatok feldolgozása előtt a hozzájárulását kérjük. A beleegyezés mindig önkéntes, és bármikor visszavonhatja a beleegyezését. A beleegyezés visszavonása nem befolyásolja a visszavonás előtti beleegyezés alapján történő feldolgozás jogszerűségét. Nyilvántartjuk a – például a marketingre, a helyadatokra és a személyes adatok megosztására vonatkozó – hozzájárulásait, preferenciáit és beállításait. A beleegyezés a feldolgozás alapja az alábbi helyzetekben:

  • Ön részt vesz a Felhasználói élmény programban, és adatokat gyűjtünk arról, hogy miként használja az egyes HMD-termékeket és/vagy -szolgáltatásokat. Az adatokat arra használjuk fel, hogy javítsuk termékeinket és szolgáltatásainkat. A beleegyezését az eszköz beállításaiban vonhatja vissza. Kérjük, további információért tekintse meg a Felhasználói élmény program kiegészítését.
  • Feliratkozik a levelezőlistára, hogy értesüljön az új termékekről, szolgáltatásokról és promóciókról. A hírlevél alján található visszavonási link használatával visszavonhatja a marketingcélra történő használat engedélyét.
  • Ehhez a szolgáltatáshoz fiókra van szükség, hogy segítsünk a tartalom és a beállítások kezelésében. A fiók beállításaiban kezelheti a feldolgozási hozzájárulásait.
  • A HMD-termékek és -szolgáltatások használata az Ön beleegyezése alapján magában foglalhatja a helyadatok felhasználását. Az eszköz vagy az alkalmazás beállításaiban vonhatja vissza a helyadatok feldolgozására vonatkozó beleegyezését.

• Jogi kötelezettség Előfordulhat hogy a HMD-nek fel kell dolgoznia a személyes adatait ahhoz, hogy megfeleljen azoknak a jogi követelményeknek, amelyek hatálya alá tartozik a HMD. A HMD-nek például jogi kötelezettsége lehet arra, hogy a hatóságok kérésre közzétegye az Ön személyes adatait.

Megosztjuk a személyes adatokat?

A személyes adatait nem adjuk el, nem adjuk bérbe, és nem biztosítjuk őket harmadik feleknek. A személyes adatait csak az alábbi helyzetekben adjuk ki harmadik félnek:

• HMD-vállalatok és felhatalmazott harmadik felek. Megoszthatjuk személyes adatait más HMD-vállalatokkal vagy hitelesített harmadik felekkel, akik a HMD megbízásából személyes adatokat dolgoznak fel a jelen Irányelvben ismertetett célokból. Ez magában foglalhatja például a hálózati szolgáltatón keresztüli, vagy más módon történő számlázást, a megvásárolt termékek kiszállítását, a szolgáltatásnyújtást, beleértve az ügyfélszolgálatot, a fogyasztói adatok kezelését és elemzését, a hitelbírálatokat, valamint a kutatásokat. Egy HMD-termék vásárlásakor lehetséges, hogy információcserére van szükség a hálózati szolgáltatóval. Ezek a harmadik felek nem használhatják az Ön személyes adatait semmilyen más célra. Megköveteljük tőlük, hogy a jelen Irányelvvel összhangban járjanak el, és megfelelő biztonsági intézkedéseket alkalmazzanak a személyes adatok védelme érdekében.

• Marketing. Megoszthatjuk személyes adatait marketingpartnereinkkel, például marketingkampányok kezelése céljából. Közös marketing- és egyéb jellegű kommunikációt folytathatunk partnereinkkel. A dupla vagy szükségtelen kommunikáció elkerülése és az üzenet személyre szabása érdekében szükség lehet arra, hogy a HMD által összegyűjtött adatokat összevessük a partner által összegyűjtött adatokkal, ha ezt a törvény megengedi. Marketingpartnereink nem használhatják a személyes adatokat semmilyen más célra. Megköveteljük tőlük, hogy a jelen Irányelvvel összhangban járjanak el, és megfelelő biztonsági intézkedéseket alkalmazzanak a személyes adatok védelme érdekében.

• A személyes adatok nemzetközi átvitele. Termékeinket és szolgáltatásainkat a világ számos országában és régiójában található erőforrások és szerverek segítségével biztosítjuk, beleértve az Európai Uniót, az Amerikai Egyesült Államokat, Szingapúrt és Kínát. Így az Ön személyes adatait továbbíthatjuk a termékeink és a szolgáltatásaink használati országán kívülre is, a nemzeti határokon keresztül, beleértve az Európai Gazdasági Térségen (EGT) kívüli országokat is, amelyek nem rendelkeznek olyan jogszabályokkal, amelyek speciális védelmet nyújtanak a személyes adatok tekintetében, vagy amelyek eltérő adatvédelmi rendeletekkel rendelkeznek. Ilyen esetekben biztosítjuk az ilyen átvitel jogalapját, és a személyes adatok az alkalmazandó jogszabályok által előírt megfelelő védelmét, például az illetékes hatóságok által elfogadott szabványos megállapodások (szükség szerinti) használatával és egyéb megfelelő technikai és szervezeti információbiztonsági intézkedések alkalmazásával.

• Kötelező adatszolgáltatás. A kötelező jogszabályok alapján lehetséges, hogy arra köteleznek minket, hogy a személyes adatait átadjuk bizonyos hatóságoknak vagy más harmadik feleknek, például azon országok bűnüldöző szerveinek, ahol mi vagy a mi nevünkben eljáró harmadik személyek tevékenykednek. Az alkalmazandó jognak megfelelően nyilvánosságra hozhatjuk és más módon feldolgozhatjuk a személyes adatait a HMD törvényes érdekeinek védelme érdekében, például polgári vagy büntetőjogi eljárásokban.

• Összeolvadások és felvásárlások. Ha úgy döntünk, hogy bizonyos országokban értékesítjük, megvásároljuk, egyesítjük vagy más módon átszervezzük üzleti tevékenységünket, akkor ez magában foglalhatja azt, hogy felfedjük a személyes adatokat a leendő vagy tényleges vásárlók és a tanácsadóik számára, illetve hogy személyes adatokat kapunk az eladóktól és a tanácsadóiktól.

Hogyan kezeljük a gyermekek adatvédelmét?

A HMD-termékek és -szolgáltatások általában általános közönségnek készülnek. A HMD nem gyűjt tudatosan adatokat a gyermekekről a szüleik vagy gondviselőik beleegyezése nélkül.

Milyen lépéseket teszünk a személyes adatok védelme érdekében?

Az adatvédelem és a biztonság kulcsfontosságú szempont a termékeink és szolgáltatásaink létrehozása és biztosítása szempontjából. A magánélet és a biztonsággal kapcsolatos kérdések kezelésére külön felelősségi kört vezettünk be. Belső irányelveinket és útmutatásainkat megfelelő tevékenységekkel hajtjuk végre, beleértve a proaktív és reaktív kockázatkezelést, a biztonsági és adatvédelmi technikát, a képzést és az értékeléseket. Megfelelő lépéseket teszünk az online biztonság, a fizikai biztonság, az adatvesztés és más hasonló kockázatok kezelésére, figyelembe véve a feldolgozás során fennálló kockázatot és a védett adatok természetét. Továbbá korlátozzuk a személyes adatokat tartalmazó adatbázisainkhoz való hozzáférést azon jogosult személyek számára, akiknek az ilyen információkra jogos igényük van.

Hogyan használjuk a cookie-kat?

A HMD cookie-kat és más hasonló technológiákat használ a weboldalak működtetésére és fejlesztésére. Cookie-kat használunk a hirdetések személyre szabáshoz és megjelenítéséhez. Egyes HMD-webhelyek harmadik felű hirdetési technológiákat – például a DoubleClick szolgáltatást – használnak a hirdetések megjelenítésére.

Domainjeink tartalmazhatnak olyan harmadik féltől származó elemeket is, amelyek cookie-kat állítanak be egy harmadik fél nevében, például a harmadik felű közösségi hálózatára vonatkozóan. A cookie-k használatával kapcsolatos további információkért lásd a Cookie-kra vonatkozó irányelvet.

Mennyi ideig őrizzük meg az adatokat?

Megfelelő lépéseket teszünk a tulajdonunkban lévő személyes adatok pontos megőrzésére és a helytelen vagy felesleges személyes adatok törlésére.

A megőrzési idő az adatok típusától és a kérdéses szolgáltatástól vagy terméktől függően változik. A személyes adatok megőrzési idejét az alábbi kritériumok szerint határozzuk meg:

Ezenkívül a HMD-t törvény kötelezi arra, hogy megőrizze az adatokat a kötelező jogszabályoknak való megfelelés érdekében.

Milyen jogai vannak?

Az alább felsoroltak szerint joga van tudni, hogy milyen személyes adatokat tárolunk Önről. Önnek jogában áll kitölteni vagy frissíteni a hiányos, helytelen vagy elavult személyes adatokat. Bizonyos esetekben jogosult a személyes adatainak a törlésre, a korlátozásra, az adatok hordozhatóságára, vagy arra, hogy tiltakozzon a személyes adatainak feldolgozásával szemben. Jogait úgy érvényesítheti, ha az eszköz vagy a szolgáltatások profilkezelési eszközein keresztül kezeli a fiókját és a választásait, vagy ha felveszi velünk a kapcsolatot. Bizonyos esetekben, különösen akkor, ha törölni szeretné a személyes adatai, vagy le szeretné állítani a feldolgozást, akkor ez azt is jelentheti, hogy nem tudjuk tovább folytatni a szolgáltatások biztosítását.

• Hozzáférési jog. Joga van tudni, hogy milyen személyes adatokat tárolunk Önről, vagy ahhoz, hogy megerősítést kapjon arról, hogy nem dolgozzuk fel az Ön személyes adatait. Adatait a fiókja beállításain keresztül érheti el. Az adatokhoz való hozzáférést kérheti az alábbi elérhetőségeken is.

• Helyesbítéshez való jog. Önnek jogában áll kiegészíteni a hiányos, helytelen vagy elavult személyes adatokat. A fiókja beállításaiban korrigálhatja és frissítheti adatait, és javasoljuk, hogy ezt tegye meg időről időre, hogy a személyes adatai naprakészek legyenek. Az adatok kiigazítását vagy kitöltését kérheti az alábbi elérhetőségeken is.

• Az elfeledtetéshez való jog. Önnek jogában áll töröltetni a személyes adatait bizonyos helyzetekben, például amikor az adatok feldolgozása már nem szükséges azokból a célokból, amelyek miatt összegyűjtöttük őket, vagy ha a feldolgozás az Ön beleegyezésén alapul, és vissza szeretné vonni a beleegyezését, és nincs más alapja a feldolgozásnak. Kérjük, vegye figyelembe, hogy az adatok szükségesek lehetnek az Ön és a HMD közötti szerződés teljesítéséhez, vagy a HMD-re kényszerítő jogalap vonatkozhat bizonyos adatok megőrzésével kapcsolatban. Ha törölni szeretné az ilyen adatokat, akkor ez azt is jelentheti, hogy nem tudjuk tovább folytatni a szolgáltatások biztosítását. Adatait a fiókja beállításaiban, vagy az alábbi kapcsolatfelvételi adatok egyikén is törölheti.

• Tiltakozáshoz való jog. Ha a személyes adatainak feldolgozása törvényes érdekeken alapul, akkor jogában áll kifogást emelni az ilyen feldolgozás ellen. Kérheti, hogy abbahagyjuk a személyes adatai közvetlen marketing vagy profilkészítés céljából történő feldolgozását. A hírlevelünk alján található leiratkozási linkre kattintva leiratkozhat a hírlevélről. Továbbra is elküldhetünk kritikus figyelmeztetéseket és egyéb fontos értesítéseket. A tiltakozáshoz való jog értelmében az adatait a fiókja beállításaiban, vagy az alábbi kapcsolatfelvételi adatok használatával is törölheti.

• A feldolgozás korlátozásához való jog. Bizonyos esetekben Önnek jogában áll, hogy korlátozza az adatai feldolgozását. Ha a feldolgozást korlátozta, az adatokat a továbbiakban csak tárolni foguk, és nem fogjuk tovább feldolgozni. Ha például vitatja az adatok pontosságát, akkor jogában áll, hogy a megtámadott adatok feldolgozási korlátozásra kerüljenek, amíg biztosítjuk az adatok pontosságát. A tiltakozáshoz való jog értelmében az adatait az alábbi kapcsolatfelvételi adatok használatával törölheti.

• Adatátviteli jog. Ha a feldolgozás automatizált módon történik, és szerződésen vagy beleegyezésen alapul, akkor Önnek jogában áll az, hogy gépileg olvasható formában megszerezze a HMD-nek átadott adatokat, hogy átvigye egy másik vezérlőre. Ezt a fiókja beállításaiban, vagy az alábbi kapcsolatfelvételi adatok egyikén is elvégezheti.

Ha nem tudja érvényesíteni a jogait közvetlenül a használ HMD-termékeken és szolgáltatásokon belül, akkor vegye fel velünk a kapcsolatot az alábbi elérhetőségeken:

• Nokia telefonok fiókportálja: www.nokia.com/phones/sso/login
• Vevőszolgálat: www.nokia.com/phones/hu_hu/support#contact-us
• Támogatási alkalmazás a Nokia-telefonon
• Posta: HMD Global Oy, c/o Privacy, Bertel Jungin aukio 9, 02600 Espoo, Finland (Finnország)

Ha bővebben szeretne tájékozódni a fent említett harmadik felekkel, harmadik országokkal és óvintézkedésekkel kapcsolatban, akkor vegye fel velünk a kapcsolatot. Ha úgy véli, hogy a HMD – az Adatvédelmi Irányelvben és a vonatkozó kiegészítésekben meghatározott elvektől függetlenül – sérti az Ön jogait az alkalmazandó adatvédelmi jogszabályok szerint, akkor jogosult arra, hogy panaszt nyújtson be az adatvédelmi hatósághoz.

Ki kezeli az Ön személyes adatait?

A HMD Global Oy a személyes adatok adatkezelője, amikor a Nokia telefonnal, a Nokia-telefonfiókkal és egyéb kapcsolódó szolgáltatásokkal kapcsolatban feldolgozzuk a személyes adatait. Adatvédelmi tisztviselőnk Jari Koljonen.

A HMD adatvédelmi gyakorlatával kapcsolatos kérdésekkel a következő címen veheti fel velünk a kapcsolatot:

HMD Global Oy, c/o Privacy, Bertel Jungin aukio 9, 02600 Espoo, Finland (Finnország)

Termékeink vagy szolgáltatásaink tartalmazhatnak olyan, más cégek weboldalaira és szolgáltatásaira mutató linkeket, amelyek saját adatvédelmi irányelvekkel rendelkeznek. Az ilyen webhelyekre és szolgáltatásokra mutató összes link kizárólag az Ön kényelmét szolgálja. Mielőtt személyes adatait elküldi egy harmadik félnek, a HMD azt javasolja, hogy szánjon egy kis időt arra, hogy megismerkedjen a harmadik fél adatvédelmi irányelveivel.

Az adatvédelmi irányelv módosításai

A HMD időről időre frissítheti ezeket az Irányelveket, hogy tükrözze a személyesadat-feldolgozási gyakorlatunk változásait a termékeink és szolgáltatásaik, illetve az alkalmazandó jog tekintetében. A jelen Adatvédelmi irányelv módosításai a HMD adatvédelmi portálján (www.nokia.com/phones/privacyportal) találhatók a „Mi változott?” című szakaszban. Azt is jelezni fogjuk az Irányelv tetején, hogy mikor frissítettük utoljára.

Segíthet a HMD Global számára a Nokia telefonok fejlesztésében. Ha részt vesz a Felhasználói élmény programban, műszaki adatokat gyűjtünk a telefonjával és a szolgáltatásokkal kapcsolatban – arról, hogyan működnek, és Ön hogyan használja őket.

A Felhasználói élmény program célja, hogy javítsa a Nokia telefonok minőségét és teljesítményét. Ez többek között a következőket öleli fel:

• A telefon és az alkalmazások fejlesztését
• Az akkumulátor üzemidejének növelését
• További hasznos funkciók és szolgáltatások nyújtását
• Az Ön által használt termékeink és szolgáltatásaink testreszabását, és azt, hogy relevánsabb szolgáltatásokat nyújtsunk, amelyek jobban megfelelnek a profiljának és az érdeklődési körének, például javaslatokat tegyünk, és testreszabott tartalmakat és hirdetéseket jelenítsünk meg a szolgáltatásainkban.

Az összegyűjtött adatok az alábbiakat tartalmazzák:

• Telefon azonosítószáma (IMEI)
• Nemzetközi mobil-előfizetői azonosító (IMSI)
• IP-cím
• SIM-kártya adatai (pl. mobil országkód (MCC), mobilhálózati kód (MNC))
• Telefon információ (pl. a telefon típusa, rendszerének és alkalmazásainak verziója)
• Akkumulátor adatai
• A telepített alkalmazások és szoftverek neve
• Az alkalmazások használatának gyakorisága
• Szoftverösszeomlásokkal és hibákkal kapcsolatos adatok
• Amennyiben beleegyezik az aktiválás helyét is gyűjtjük a telefon használatbavétele utáni 24 órában

Az összegyűjtött adatokat nem használjuk fel az Ön személyazonosságának megállapítására. Azonban lehetséges, hogy társítjuk a használati adatokat a telefonnal az összegyűjtött eszközazonosítók, például az IMEI alatt. Csak abból a célból társítjuk a használati adatokat a telefonhoz, hogy javítsuk a telefon funkcióit és a teljesítményét, valamint a szolgáltatásokat, illetve testreszabjuk az ajánlatainkat. Ha például észrevesszük, hogy a mobiltelefon az akkumulátort fokozottan meríti, akkor az akkumulátor üzemidejének növelését célzó beállításokat javasolunk.

Az összegyűjtött adatokat anonimizált formában megoszthatjuk külső alkalmazásfejlesztőkkel, hogy segítsünk nekik az alkalmazásaik és a szolgáltatásaik fejlesztésében.

A Felhasználói élmény programról való leiratkozásra és a helyadatokra vonatkozó beleegyezés kezelésére a készülék beállításaiban van lehetősége.

A dokumentum korábbi verzióit itt találja:

• 2018. május 25.

A Nokia Care telefonszerviz a HMD Global online ügyfélszolgálata, amit felkereshetsz, ha kérésed vagy kérdésed van a készülékeinkkel vagy szolgáltatásainkkal kapcsolatban. Felveheted velünk a kapcsolatot a telefonod lévő ügyfélszolgálati alkalmazással, illetve a Nokia telefonok webhelyén található Nokia Care telefonszerviz csevegés vagy e-mail űrlap segítségével. Néhány országban hívásszolgáltatást is nyújtunk.

A Nokia Care telefonszerviznek megadott személyes adatokat ügyfélszolgálati célból, a vevők kérdéseinek megválaszolására, valamint a szolgáltatásunk és termékeink fejlesztése céljából dolgozzuk fel.

A kérésedtől és a kapcsolatfelvétel módjától függően a következő információkat gyűjthetjük:

• Név
• E-mail cím
• Ország
• IP-cím
• Átirat
• Mobiltelefon műszaki adatai
• Mobilkészülék- és szoftverazonosítók, pl. IMEI, PSN és szoftververzió
• Azokban az országokban, ahol elérhető a hívásszolgáltatásunk, a telefonszámodat is tároljuk.

Engedélyt kérhetünk, hogy gyűjthessük a telefonod azonosító számát (IMEI) vagy sorozatszámát (PSN), hogy ellenőrizzük a telefonod garanciaidejét.

A dokumentum előző verzióit itt találhatod:

• 2019. szeptember 16.
• 2018. május 25.

A Nokia-telefonfiók hozzáférést nyújt neked a profiloddal és készülékeddel kapcsolatos online szolgáltatásokhoz és személyes adatokhoz. Feldolgozzuk a személyes adataidat, hogy biztosítsuk az adataidhoz való hozzáférésedet és az ellenőrzésüket. Ez továbbá lehetővé teszi nekünk, hogy személyre szabjuk az ajánlatainkat, és téged jobban érintő, hasznos üzeneteket küldjünk.

Az e-mail-címeddel, Google- vagy Facebook-fiókoddal is létrehozhatsz egy Nokia-telefonfiókot. A regisztráció módjától függően az alábbi információkat gyűjtjük:

• Név

• E-mail és jelszó

• Telefonszám

• Ország

• Regisztráció dátuma

• A fiókodnak kijelölt egyedi azonosító

A fiókadatokat összesítjük más személyes adatokkal, amiket a Nokia telefonod és a szolgáltatásaink használata közben megadtál nekünk. A gyűjtött adatok közé tartoznak például:

• Rendelési előzmények a Nokia telefonok online boltjában

• Garanciális és javítási információk

• Kommunikáció az ügyfélszolgálatunkkal

• Részvétel a Nokia Beta programjaiban

HMD is complying with the California Consumer Privacy Act of 2018 (CCPA), which is a California data protection regulation that enhances the rights and customer protection of California residents. This supplement supplements HMD Global Privacy Policy for products and services and applies only to individuals residing in California from whom we collect personal information as defined in the CCPA (“Personal Information”).

How do we collect, use and share your personal information?

Information regarding the categories of Personal Information we process, the purposes for the processing of each category, and how we share your Personal Information are described in detail in HMD Global Privacy Policy for products and services.

In the preceding twelve (12) months, we have not sold Personal Information to any third parties, including data aggregators.

What are your California consumer rights?

If you are a California resident, as defined in the California Code of Regulations, you have the following rights under the CCPA:

• Right to know and access

You have the right to submit a verifiable request for information regarding the:

Categories of Personal Information collected or disclosed by us,
purposes for which categories of Personal Information are collected by us,
categories of sources from which we collect Personal Information, and
specific pieces of Personal Information we have collected about you during the past twelve (12) months.

We will provide you with the information in a portable and, to the greatest extent possible, readily useable format once we have received and validated your request.

You can find more information about the collection, use and sharing of your Personal Information from HMD Global Privacy Policy for products and services.

• Right to erasure

You have the right to request deletion of your Personal Information, subject to certain exceptions. We will delete your Personal Information and direct our service providers to do so once we have received and validated your request, unless an exception applies.

• Right to fair treatment

You have the right not to receive discriminatory treatment for the exercise of your CCPA consumer rights, subject to certain limitations.

• How can you exercise your rights?

If you cannot exercise the above described rights directly through the HMD products and services you use, you can contact us and submit your request via:

Phone: +1 833 766 5420
Nokia phones account portal: www.nokia.com/phones/sso/login
Customer support: www.nokia.com/phones/en_int/support#contact-us
Support application in your Nokia phone
Mail: HMD Global Oy, c/o Privacy, Bertel Jungin aukio 9, 02600 Espoo, Finland

You have the right to make a free request two times in any 12-month period. We will make the disclosure within 45 days of receiving your request, unless we request an extension. In the event that we reasonably need a 45-day extension, we will notify you of the extension within the initial 45-day period.

Changes to the CCPA Supplement

We reserve the right to amend this supplement at our discretion and at any time (at least every 12 months). When we make changes to this supplement, we will notify you by email or through a notice on our website.

Mi az a HMD Softlock?
A HMD Softlock egy olyan előre telepített megoldás, amely lehetővé teszi a Nokia márkájú mobiltelefonok vagy táblagépek ("eszközök") távoli zárolását.

Mire használatos a HMD Softlock?
A HMD Softlock a következő esetekben használatos (egy vagy több fennállása esetén):
1) Eszközfinanszírozás
A Nokia eszközök megvásárlásának finanszírozására külső felek olyan pénzügyi programot kínálnak, amelyek keretében a készülékét egyszerű részletfizetéssel megvásárolhatja. A HMD Softlock az első használat során, majd minden gyári visszaállítást követően ellenőrzi, hogy az eszköz regisztrálva van-e valamilyen finanszírozási programra. Ha az eszközt finanszírozási program keretében vásárolták meg, akkor a HMD Softlock a finanszírozási program feltételeinek megfelelően működik. Például az eszköz zárolható, ha a fizetések elmaradnak, illetve amíg az esedékes összeget ki nem fizetik.

2) Hálózati zárolás
Előfordulhat, hogy az eszközt úgy konfigurálták, hogy csak egy adott hálózati szolgáltató SIM-kártyájával működjön. Ha ilyenkor egy másik szolgáltató SIM-kártyáját helyezi az eszközbe, a HMD Softlock korlátozza a szolgáltatások és funkciók használatát, vagy teljes egészében zárolja az eszközt. Amikor az eszközzel használandó SIM-kártyát helyezi az eszközbe, visszaáll a normál működés.

3) Előfizetési program
A HMD Global vállalattól vagy harmadik felektől kölcsönzött/bérelt eszközökre is előre telepítve lehet a HMD Softlock alkalmazást, hogy az eszközöket a vonatkozó általános szerződési feltételekben megszabott körülmények között távolról zárolni lehessen.

Milyen információkat gyűjt a HMD Softlock?
A Softlock többek között a következő információkat gyűjti:
• Telefon azonosítószáma (IMEI)
• Eszközmodell, valamint a szoftver és a hardver adatai
• Termék sorozatszáma (PSN)
• IP-cím
• Szoftverösszeomlásokkal és hibákkal kapcsolatos adatok

Hogyan dolgozzuk fel az információkat?
Ezeket az információkat kizárólag a (i) HMD Softlock megoldás készüléken való működéséhez, illetve (ii) a zárolandó és feloldandó eszköz azonosítására használjuk fel.

Megosztják az információkat harmadik féllel?
A finanszírozási programot és a hálózati zárolást harmadik fél üzemelteti. Az előfizetést a HMD Global Oy vagy külső fél üzemeltetheti. A finanszírozásra, a hálózati zárolásra vagy az előfizetési programra való feliratkozással elfogadja az adott program általános szerződési feltételeit és vonatkozó adatvédelmi szabályzatát. Alaposan olvassa át a kapcsolódó szerződési feltételeket, illetve az adatvédelmi szabályzatot.
Ezeknek a dokumentumoknak a korábbi verzióit itt találja:
•

2021. június 15.

We care about your privacy

We, HMD Global Oy, including our affiliates (herein after referred to as “HMD”), are committed to respect your privacy and to comply with applicable data protection and privacy laws. This Privacy Notice (“Notice”) applies to personal data that is processed in the context of HMD’s business to business (B2B) activities. In this context, HMD processes personal data concerning its corporate clients, potential corporate clients, vendors, subcontractors and other stakeholders.

“Personal data” refers to any information relating to an identified or identifiable natural person.

“Processing” refers to any operation or set of operations which is performed on personal data.

“Controller” refers to the body which alone or jointly with others determines the purposes and means of processing of personal data, i.e. decides about the processing activities.

What information do we collect?

We collect personal data directly from you when you contact us, meet us personally or otherwise interact with us. The collected personal data includes, for example:

• name
• email address
• phone number
• your contact preferences
• your stance towards our offering
• background information

Why do we process personal data?

We process your personal data to enter into and execute agreements, to provide and market our services and products, to communicate with you and to develop our business.

We process personal data when it is necessary for the preparation and execution of agreements. Please note that without your personal data we may not be able to enter into an agreement or provide you with our products and services.

We also process personal data in connection with other commonly agreed testing and supply arrangements relating to our products and services based on our legitimate interest to market our products and services and grow our professional network. In addition, we process personal data to develop our business operations and offering. When a legitimate interest is regarded as the basis for the processing, we have conducted a balancing test to ensure that your rights are taken into account. You can object to such processing and request more information about the balancing test by using the contact details below.

Processing of your personal data can be based on your consent, for example, if you order our newsletter. In these situations, we ask your consent before your personal data is processed. Giving a consent is always voluntary and you have the possibility to withdraw your consent at any time. A withdrawal of consent does not affect the lawfulness of processing based on consent before the withdrawal. You can withdraw your consent by clicking unsubscribe link at the bottom of the newsletter or by contacting us by using the contact details provided below.

Where necessary, we also process personal data to comply with the legal requirements to which HMD is subject to. HMD can have, for example, a legal obligation to disclose your personal data to the authorities when requested.

Do we share personal data?

Your personal data is processed within HMD entities. We do not disclose or otherwise transfer your personal data unless otherwise stated below.

• Service providers. We obtain assistance and use service providers, such as CRM tool providers, in processing personal data for the purposes described in this Notice. Service providers are required to process personal data only in accordance with the applicable laws and HMD’s instructions.

• International transfers of personal data. Running our business involves using resources and servers located in various countries around the world. Therefore, your personal data can be transferred across international borders, including to countries outside the EU or EEA that do not have laws providing specific protection for personal data or that have different legal rules on data protection. In such cases, adequate protection for your personal data is provided as required by applicable law, for example, by using standard data protection clauses and by requiring the use of other appropriate technical and organisational information security measures. You may request information on the details of transfers to third countries and safeguards by using the contact details below.

• Mandatory disclosures and legal proceedings. We can be obligated by mandatory law to disclose your personal data to certain authorities or other third parties to comply with our legal obligations. We may also need to disclose and otherwise process your personal data in accordance with applicable law to defend our legitimate interests, for example, in civil or criminal legal proceedings.

• Mergers and Acquisitions. If we decide to sell, buy, merge or otherwise reorganise our businesses in certain countries, this can involve us disclosing personal data to prospective or actual purchasers and their advisers, or receiving personal data from sellers and their advisers.

How long is the data retained?

We review personal data held in our systems on a periodic basis to ensure that it is not retained longer than it is necessary. Contact details and other information will be deleted within six (6) months after they are no longer needed for the purposes they were collected for (for example, when the role of the person changes in a way that s(he) is no longer representing the organization of which contact person s(he) was).

What steps are taken to safeguard personal data?

We are committed to ensure that your personal data is secure. To prevent unauthorised access or disclosure we implement technical, physical and organizational measures to protect personal data against accidental or unlawful destruction, accidental loss or alteration, and unauthorized disclosure, or access.

We have assigned specific responsibilities to address privacy and security related matters. We enforce our internal policies and guidelines through an appropriate selection of activities, including proactive and reactive risk management, security and privacy engineering, training and assessments. We take appropriate steps to address online security, physical security, risk of data loss and other such risks taking into consideration the risk represented by the processing and the nature of the data being protected. Also, we limit access to our data bases containing personal data to authorised persons having a justified need to access such information. We have implemented appropriate access control measures to ensure that personal data can only be accessed by those who need to process it by virtue of their tasks.

What are your rights?

• Right of access. You have a right to know what personal data we hold about you or to receive a confirmation that we do not process data concerning you.

• Right to rectification. You have a right to have incomplete or incorrect personal data rectified. This means that if there are errors in the data concerning you, or if it is inaccurate or deficient, you have the right to ask HMD to rectify or complete that data.

• Right to erasure (‘Right to be forgotten’). You have the right to have your personal data erased in certain situations, for example, when the processing of your data is no longer necessary for the purposes for which it was collected. Please note that the data can be necessary to perform the contract between you and HMD, or HMD can have compelling legitimate grounds to retain certain data.

• Right to object. When the processing of your personal data is based on legitimate interest, you have a right to object to such processing on grounds relating to your particular situation. You have always a right to object to direct marketing.

• Right to restriction of processing. In certain situations you might have a right to restrict the processing of your personal data. When the processing has been restricted, your data will only be stored and not processed further. For example, if you contest the accuracy of your data, you have the right to have the contested data under a restriction of processing during the time when it is ensured that the data is accurate.

• Right to data portability. When the processing of your personal data is based on a contract or consent and carried out by automated means, you have a right to obtain the data you have provided to HMD in a machine-readable format so that you can transfer it to another controller.

You can exercise your rights by contacting us via the contact details provided below.

If you believe that HMD, regardless of the principles set out in this Notice, infringed upon your rights according to applicable data protection law, you have a right to lodge a complaint with the data protection authority.

Who is the controller of your personal data?

The controller of your personal data is HMD Global Oy, Bertel Jungin aukio 9, 02600 Espoo, Finland. Our Data Protection Officer is Jari Koljonen.

In case you want to use your data protection rights or you have any questions concerning the processing of your personal data, please contact us via

• Customer support: www.nokia.com/en_int/phones/support#contact-us
• Mail: HMD Global Oy, c/o Privacy, Bertel Jungin aukio 9, 02600 Espoo, Finland

Changes to this Notice

We update and modify this Notice from time to time, should it become necessary to do so. Changes to this document can be seen behind the link in the heading: “Look what has been changed”. For data processing that is specific to products or services of HMD, see our Privacy Policy.

We care about your privacy

We, HMD Global Oy, including our affiliates, (herein after referred to as “HMD”) are committed to respect your privacy and to comply with applicable data protection and privacy laws. This Privacy Policy (“Policy”) applies to personal data obtained in the context of a recruitment process within HMD. This Policy explains, inter alia, what kind of personal data we collect about you, how your personal data is processed during the recruitment activities, and what rights you have in relation to such processing of personal data.

This Policy will be supplemented by applicable local mandatory law where necessary. In case mandatory law is in conflict with this Policy, mandatory local law will prevail. We may also provide you with additional information concerning the processing of your personal data in connection with recruitment related systems or services.

“Personal data” refers to any information relating to an identified or identifiable person.

“Processing” refers to any operation or set of operations which is performed on personal data.

“Controller” refers to the body which alone or jointly with others determinates the purposes and means of processing of personal data i.e. decides about the processing.

What information do we collect?

We collect personal data primarily directly from you. In addition, when it is necessary for assessing your suitability for the position you are applying for, personal data can be collected from third party sources to the extent permitted by applicable legislation, or based on your consent. When you apply for a position with HMD, we only collect personal data which is relevant for making the recruitment decision. We collect e.g. the following types of personal data in the course of recruitment activities:

• Basic candidate information such as your name and contact details;
• Information concerning your competences, skills, experience and education;
• Information concerning your preferences, such as preferred country of employment and areas of interest;
• Right to work documentation and other security screening information when needed;

The examples provided are not all-inclusive. We can also collect similar or related information.

Your personal data is received and combined, as applicable, in connection with

• using LinkedIn recruitment services (if you apply via LinkedIn, we are provided with your LinkedIn profile and/or with your CV, based on what you have chosen)
• utilizing recruitment agency services (we receive CVs with professional background and salary details of candidates)
• interviews or other communications with you
• contacting the references you have provided
• receiving right to work documentation
• personality and aptitude assessments
• background checks (realibility and security screenings)

Why do we process personal data?

Your personal data is processed for assessing your suitability for the role for which you are applying for. We can also assess your suitability for the future roles that may become available. In addition, we process your personal data, inter alia, when communicating with you in relation to our recruitment activities, when managing our recruitment and resourcing activities, for developing our recruitment services and systems, and to comply with legal obligations.

Processing of your personal data is necessary for the preparation and execution of an employment or other contract and for compliance with legal obligations. Please notice that failure to provide necessary personal data may disqualify you from employment or other engagement.

We process personal data based on our legitimate interests where applicable. Our legitimate interests include interest to receive and process applications and corresponding data for our recruitment purposes and lawful activities related to running and developing our business, such as developing our recruitment and resources systems and processes. When our legitimate interest is the basis for the processing, we have conducted a balancing test to ensure that your interests are not interfered more than necessary. You have a right to object to the processing based on our legitimate interest. To request more information about the balancing test, please contact us by using the contact details below.

We collect personal data also based on your consent. For example, we may ask you to provide contact details of your references and your consent for contacting them. When we process your personal data on the basis of your consent, you have the right to withdraw your consent any time. You can withdraw your consent by using the contact details below or, in case you have been directly contacted by us, by using the contact details of your recruitment contact. Withdrawal of the consent does not affect the lawfulness of processing based on consent before its withdrawal.

Do we share personal data?

Your personal data is processed only by those members of the staff who are assessing your application and other related information for making the recruitment decision or who are performing support functions to recruiting. These include, for instance, recruiters, hiring managers and other interviewers and individuals performing administrative and IT support functions.

We do not transfer or disclose your personal data to other parties unless otherwise stated below.

• Service providers and partners

We obtain assistance or use service providers for conducting our recruitment activities. We utilize LinkedIn recruitment services in our recruitment activities. When a person is hired, we will form a new employee record to our HR system of which service provider is Sage People Limited. When we utilize service providers, they will be required to process personal data only in accordance with our instructions and to maintain appropriate organisational and technical measures to ensure data security of such personal data. In some countries we also use recruitment agencies as realible partners to help us find suitable candidates and job boards to advertise our open positions. You may request more information on the service provides we use and partners that we have by using the contact details below.

• International transfers of personal data

Our recruitment services are provided using resources and servers located in various countries around the world due to the international nature of our business. Primarily your personal data is only processed within the HMD entity which you are applying for, but when it is necessary for making the recruitment decision on the position you are applying for, your personal data can be transferred across international borders within the HMD entities. This can sometimes include countries outside the European Economic Area (EEA) that do not have laws providing specific protection for personal data or that have different legal rules on data protection. This may come in question, for example, when the hiring manager of the position is located within HMD entity outside of EEA. In addition, when you are applying via LinkedIn, your personal data can be transferred to United States (U.S.). When personal data is transferred outside of EEA, the processing is organized by the data protection clauses approved by the European Commission or by other valid mechanisms guaranteeing equal level of protection as provided by the EU General Data Protection Regulation. You may request information on the details of transfers to third countries and safeguards by using the contact details below.

• Mandatory disclosures and legal proceedings

In some cases we can be obligated by mandatory law to disclose your personal data to certain authorities or other third parties, for example, to law enforcement agencies. Exceptionally we may also need to disclose and otherwise process your personal data in accordance with applicable law to defend our legitimate interests, for example, in civil or criminal legal proceedings.

• Mergers and acquisitions

If we decide to sell, buy, merge or otherwise reorganise our businesses in certain countries, this can involve us disclosing personal data to prospective or actual purchasers and their advisers, or receiving personal data from sellers and their advisers.

How long is the data retained?

Depending whether you are hired or rejected, the personal data you provided will either be used to create an employee record or it will be deleted.

If we choose to employ you, we retain the necessary personal data for the length of your employment and as required by applicable laws.

If we do not employ you, your personal data will be deleted 24 months after the recruitment process from our records. Background check as well as personality and aptitude assessment results will be deleted immediately after the process.

How do we address data quality?

We take reasonable steps to ensure that personal data we process is accurate and not excessive for the purposes for which it is processed. Please note that you have shared responsibility regarding the accuracy of your personal data. You should only submit information which is complete, accurate and up to date.

What steps are taken to safeguard personal data?

We are committed to ensure that your personal data is secure. To prevent unauthorised access or disclosure we implement technical, physical and organizational measures to protect personal data against accidental or unlawful destruction, accidental loss or alteration, and unauthorized disclosure or access.

We have assigned specific responsibilities to address privacy and security related matters. We enforce our internal policies and guidelines through an appropriate selection of activities, including proactive and reactive risk management, security and privacy engineering, training and assessments. We take appropriate steps to address online security, physical security, risk of data loss and other such risks taking into consideration the risk represented by the processing and the nature of the data being protected. Also, we limit access to our data bases containing personal data to authorised persons having a justified need to access such information.

What are your rights?

• Right of access. You have a right to know what personal data we hold about you or to receive a confirmation that we do not process data concerning you.

• Right to rectification. You have right to have incomplete or incorrect personal data rectified or completed.

• Right to be forgotten. You have the right to have your personal data erased in certain situations, for instance, when the processing of your personal data is no longer necessary for the purposes for which it was collected, or if the processing is based on your consent and you want to withdraw your consent and there are no other bases for processing. Please notice that sometimes we may have a legal obligation or other basis to retain your personal data and, thus, it cannot be erased.

• Right to object. When the processing of your personal data is based on legitimate interest, you have the right to object to such processing on grounds relating to your particular situation.

• Right to restriction of processing. In specific situations you might have the right to restrict the processing of your personal data. When the processing has been restricted, your personal data will only be retained and not processed further. For example, if you contest the accuracy of your personal data, you have the right to have the data in question under a restriction of processing during the time when it is assured that it is accurate.

• Right to data portability. When processing of your personal data is based on a contract or your consent and carried out by automated means, you have the right to obtain the data you have provided to us in a machine readable format so that you can transfer it to another controller.

You can exercise your rights by making a request by using the contact details below. Please notice that we need to be able to verify your identify in order to be able to carry out your request.

If you believe that HMD, regardless of the principles set out in the Privacy Policy, infringed upon your rights according to applicable data protection law, you have a right to lodge a complaint with the data protection authority.

Who is the controller of your personal data?

The controller of your personal data during the recruitment phase is the entity you are applying to have a role in, jointly with HMD Global Oy where applicable. The affiliate and HMD Global Oy are jointly responsible for providing you adequate information about the processing of your personal data. HMD Global Oy will carry on your data protection related rights with the assistance of its affiliates. Data Protection Officer of HMD is Jari Koljonen.

In case you want to use your data protection rights or you have any questions concerning the processing of your personal data, please contact:

recruitment@hmdglobal.com or

HMD Global Oy, c/o Privacy, Bertel Jungin aukio 9, 02600 Espoo, Finland

In case you have been directly contacted by us, you can also use the contact details of your recruitment contact.

Changes to this Policy

We may need to update and modify this Policy from time to time in case it becomes necessary to do so. Changes to this document can be seen behind the link in the heading: “Look what has been changed”. Where necessary, we will contact you for informing about the changes to this Policy. For data processing that is specific to a products or services of HMD and is not connected to the recruitment activities, see HMD Global Privacy Policy.

Introduction

HMD Global Oy ("HMD") is committed to respect your privacy and to comply with applicable data protection and privacy laws.This policy details how HMD uses cookies and related technologies, such as Local Shared Objects, also known as "Flash cookies" and web beacons on its websites. We refer to these generically as "cookies".

Our website

This policy details how we use cookies on our websites.

What are cookies and how do they work?

Cookies are small text files that are sent to and stored in your device by the websites you visit. Cookies collect in some instances personal data, with which a person can be identified. Cookies are stored in your browser's file directory. Next time you visit the site, your browser will read the cookie and relay the information back to the website or element that originally set the cookie.

Cookie types

Two types of cookies used are "session-only" and "persistent". "Session-only" cookies are deleted when you end your browser session. "Persistent cookies" remain on your device for the time period set in the cookie after which time they delete themselves. However, these cookies may be renewed every time you visit the website. Web beacons are transparent graphic images which are used in combination with cookies to monitor the use of the website.

It is common to distinguish between first-party cookies and-third party cookies. First-party cookies are allocated to the website that you visit while third-party cookies come from a third-party, such as a web analytics program.

The cookies we place on your device are categorized as follows:

Necessary Cookies

Necessary cookies and similar technologies implement the basic functions of the website such as page navigation, use of forms and shopping cart functionality. Without these technologies the website will not work properly.

Functional Cookies

Functional cookies and similar technologies make it possible to save information that changes the way the website appears to you or functions. This includes, for instance, your preferred language and region.

Analytics and User Experience Cookies

Analytics and user experience related cookies and similar technologies allow us to collect information about how our website is used. This information helps us to improve the content and usability of the website.

Marketing Cookies

Marketing cookies and similar technologies are used to track visitors across websites. The intention is to display ads that are relevant and interesting to you and thus more valuable for us and third-party advertisers.

Why do we use cookies?

We use cookies to offer you a smoother experience with our web services.
Cookies are essential for running our website and are the key to providing you a seamless experience. Cookies enable you to navigate our web services uninterrupted e.g. by remembering language and country choices you've made and by preserving authentication to secure parts of the domain. Cookies also enable the shopping cart to function and remember products of interest when you are redirected to an Operator site for a possible purchase.

Cookies also enable us to improve our websites by looking at how they are used. We do analytical profiling to understand which particular articles are read by website visitors (to know what is popular) and to learn whether our videosare viewed or abandoned half way through. We also look at where content is accessed so we know how to arrange our sites for optimal user experience.

With the help of cookies we can make the content as personalised as possible, for example by showing you targeted banners and relevant recommendations. We examine what type of reference was used to reach our sites, e.g. via an email campaign or a link from a referral site, so we can estimate the effectiveness of our promotions and advertising campaigns.

We use marketing cookies to dynamically serve our ads on our own and selected third party websites. Our domains may also include elements that set cookies on behalf of a third party.

Web push notifications. With your explicit consent, we may send push notifications via desktop and mobile browser on the websites. Web push notifications are notifications that can be sent to you anytime your browser is open, regardless of whether or not you are on the website. We may send you push notifications relating to your activity on our websites, or to inform you about latest product releases and software updates, promotions, online purchase orders and Nokia product news.

How can I manage cookies?

You can review the options available to manage cookies in your browser. The browser can be used to manage cookies relating to statistics and site improvement, preferences and personalisation and marketing. Different browsers use different ways to disable cookies, but they are usually found under a Tools or Options menu. Please follow the instructions below, from the most common web browser manufacturers directly, to configure your browser settings.

Microsoft Internet Explorer (IE)
Google Chrome Safari
Firefox
Opera
Edge

In addition to cookie management, browsers usually let you control files similar to cookies, for example Local Shared Objects, e.g. by enabling the browser's privacy mode. We use third party vendor managed advertising cookies to promote our products in HMD controlled web sites. You may be able to opt-out from certain third party managed advertising cookies through third party cookie management sites.
You can deactivate web push notifications at any time by switching them off via the settings icon of each notification and in your browser settings.

Consent to use cookies

When visiting our website for the first time, a cookie banner is displayed. The banner informs about our usage of cookies and provides you the option to agree to the usage of cookies. If you opt-in to this usage, we consider this as an acceptance of our usage of cookies.

Cookies used, and data collected by third parties

Some of our websites use 3rd party advertising technologies, such as Google Campaign Manager (previously known as DoubleClick) and the Facebook pixel, to serve ads. These 3rd parties use tracking technologies to collect information from our website and use the information for ad serving, targeting, verification, and reporting. You can opt out from the collecting and manage your preferences through e.g. the following websites: http://www.aboutads.info/choices and http://www.youronlinechoices.eu/.

Our websites use third party analytics, like Google Analytics, a web analytics service provided by Google, Inc. ("Google") and other third-party cookies for advertising. Google Analytics uses Cookies to help the website analyze how users use the site. The information generated by the cookie about your use of the website (including your anonymized IP address) will be transmitted to and stored by Google on servers in the United States.

Google analytics can collect personal information (e.g. IP address). On behalf of the website provider, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage to the website provider. You can find more information on the data processing of Google Analytics here: https://policies.google.com/technologies/partner-sites?hl=fi.

You can deactivate this data processing in Google's privacy settings here: https://myaccount.google.com/ and by installing the Google Analytics Opt-out Browser Add-on here: https://tools.google.com/dlpage/gaoptout/.

If you have consented for Marketing cookies, we use Braze, a customer engagement platform to present you with content that is individually tailored to you and your interests and which we believe may be of interest.

Changes to this policy

HMD may from time to time update this Policy to reflect changes in our personal data processing practices with respect to our products and services, or applicable law. You can view the previous version of this document by clicking here. We will also indicate when this Policy was last updated at the top of this Policy.

How to contact us

If you have additional questions, please contact us by writing to:
HMD Global Oy, c/o Privacy, Bertel Jungin aukio 9, 02600 Espoo, Finland

These license terms are an agreement between HMD Global Oy ("HMD Global") and you. They apply to the pre-release software versions (the "Beta Software") available on Nokia phones beta labs ("Beta Labs"). To participate in the Beta Labs activities, you need to be at least 18 years of age. You understand and agree that participation in the Beta Labs activities is voluntary. HMD Global reserves a right to modify these terms from time to time.

1. LICENSE. Subject your compliance with these license terms, you may install and use the Beta Software on your Nokia device specified in the instructions of Nokia Phones Beta Labs for the purpose of testing and evaluating the Beta Software and providing HMD Global with feedback on quality and usability of the Beta Software.
2. LICENSE RESTRICTIONS. You may not (1) reverse engineer, decompile or disassemble the Beta Software, except to the extent that applicable law expressly permits; (2) use components of the Beta Software to run applications not running on the Beta Software; (3) publish the Beta Software for others to copy; (4) sublicense or sell the Beta Software; or (5) transfer the Beta Software or these terms to any third party.
3. TERM. The term of this agreement will expire upon the commercial release of the Beta Software. You have the right to use the Beta Software under the license terms of this agreement during this period.
4. PRE-RELEASE SOFTWARE. The Beta Software is a pre-release version. It may not work the way a final version of the software will. HMD Global may significantly change it or decide not to release a final version. You understand that you may need to remove pre-loaded, commercial software from your device to install the Beta Software and that you may be unable to revert back to the commercial release of the software you were using prior to installing the Beta Software. Applications you have installed or been using may be unable to function in the same manner than earlier. HMD Global encourages you to back-up all data and information on your device before your participation in the Beta Labs activities. The Beta Software should not be used in business-critical devices. YOU UNDERSTAND THAT BY INSTALLING THE BETA SOFTWARE, YOUR DEVICE MAY NOT BE CAPABLE OF BEING RESTORED TO ITS ORIGINAL CONDITION AND THAT APPLICATIONS MAY BE AFFECTED BY YOUR USE OF THE BETA SOFTWARE. HMD GLOBAL SHALL NOT BE RESPONSIBLE FOR ANY COSTS, EXPENSES OR OTHER LIABILITIES YOU MAY INCUR AS A RESULT OF YOUR TESTING, INSTALLATION OR USE OF THE BETA SOFTWARE, INCLUDING BUT NOT LIMITED TO ANY DAMAGE TO ANY DEVICE, BETA SOFTWARE OR DATA OR ANY LOSS OF DATA.
5. PRIVACY. Data collected in connection with the Developer Preview activities will be treated in accordance with HMD Global Privacy Policy. We are using the data to help us to create, improve, operate or deliver our products, services and content. We may contact you based on your feedback, in order to correct malfunctions in our software or device. We are also using the collected data for internal purposes e.g. data analysis or research.
6. FEEDBACK. If you give feedback about the Beta Software to HMD Global, you acknowledge and agree that (1) HMD Global may have similar development ideas to the feedback; (2) your feedback does not contain confidential or proprietary information of you or any third party; (3) HMD Global is not under any obligation of confidentiality with respect to the feedback; (4) HMD Global and its licensors may freely use, distribute, exploit, further develop and modify feedback for any purpose; and (5) you are not entitled to any compensation from HMD Global.
7. OPEN SOURCE SOFTWARE. Parts of the Beta Software may be provided with notices and open source licenses from third parties that govern the use of those parts. Any licenses granted hereunder do not alter any rights and obligations you may have under such open source licenses.
8. WARRANTY DISCLAIMER. The Beta Software is licensed "AS-IS". HMD Global gives no express warranties, guarantees or conditions. HMD Global excludes the implied warranties of merchantability, fitness for a particular purpose and non-infringement.
9. LIMITATION OF LIABILITY. HMD GLOBAL SHALL NOT BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL OR CONSEQUENTIAL DAMAGES, LOST PROFITS OR FOR BUSINESS INTERRUPTION ARISING OUT OF THE USE OF OR INABILITY TO USE THE BETA SOFTWARE, EVEN IF HMD GLOBAL HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. SOME JURISDICTIONS DO NOT ALLOW EXCLUSION OF CERTAIN WARRANTIES OR LIMITATIONS OF LIABILITY, SO THE ABOVE LIMITATIONS OR EXCLUSIONS MAY NOT APPLY TO YOU. THE LIABILITY OF HMD GLOBAL WOULD IN SUCH CASE BE LIMITED TO THE GREATEST EXTENT PERMITTED BY LAW.
10. GOVERNING LAW. These license terms will be governed by the laws of Finland. Any dispute resolution between you and HMD Global arising of or relating to these license terms shall take place in Finland, Helsinki in the Finnish courts.

These license terms are an agreement between HMD Global Oy ("HMD Global") and you. They apply to the developer preview software builds pre-release software versions (the "Developer Preview Software") available on Nokia phones Android developer preview ("Developer Preview"). To participate in the Developer Preview activities, you need to be at least 18 years of age. You understand and agree that participation in the Developer Preview activities is voluntary. HMD Global reserves a right to modify these terms from time to time.

1. LICENSE. Subject your compliance with these license terms, you may install and use the Developer Preview Software on your Nokia device specified in the instructions of Developer Preview for the purpose of testing and evaluating the Developer Preview Software and providing HMD Global with feedback on quality and usability of the Developer Preview Software.
2. LICENSE RESTRICTIONS. You may not (1) reverse engineer, decompile or disassemble the Developer Preview Software, except to the extent that applicable law expressly permits; (2) use components of the Developer Preview Software to run applications not running on the Developer Preview Software; (3) publish the Developer Preview Software for others to copy; (4) sublicense or sell the Developer Preview Software; or (5) transfer the Developer Preview Software or these terms to any third party.
3. TERM. The term of this agreement will expire upon the commercial release of the Developer Preview Software. You have the right to use the Developer Preview Software under the license terms of this agreement during this period.
4. PRE-RELEASE SOFTWARE. The Developer Preview Software is a pre-release version. It may not work the way a final version of the software will. HMD Global may significantly change it or decide not to release a final version. You understand that you may need to remove pre-loaded, commercial software from your device to install the Developer Preview Software and that you may be unable to revert back to the commercial release of the software you were using prior to installing the Developer Preview Software. Applications you have installed or been using may be unable to function in the same manner than earlier. HMD Global encourages you to back-up all data and information on your device before your participation in the Developer Preview activities. The Developer Preview Software should not be used in business-critical devices. YOU UNDERSTAND THAT BY INSTALLING THE DEVELOPER PREVIEW SOFTWARE, YOUR DEVICE MAY NOT BE CAPABLE OF BEING RESTORED TO ITS ORIGINAL CONDITION AND THAT APPLICATIONS MAY BE AFFECTED BY YOUR USE OF THE DEVELOPER PREVIEW SOFTWARE. HMD GLOBAL SHALL NOT BE RESPONSIBLE FOR ANY COSTS, EXPENSES OR OTHER LIABILITIES YOU MAY INCUR AS A RESULT OF YOUR TESTING, INSTALLATION OR USE OF THE DEVELOPER PREVIEW SOFTWARE, INCLUDING BUT NOT LIMITED TO ANY DAMAGE TO ANY DEVICE, DEVELOPER PREVIEW SOFTWARE OR DATA OR ANY LOSS OF DATA.
5. PRIVACY. Data collected in connection with the Developer Preview activities will be treated in accordance with HMD Global Privacy Policy. We are using the data to help us to create, improve, operate or deliver our products, services and content. We may contact you based on your feedback, in order to correct malfunctions in our software or device. We are also using the collected data for internal purposes e.g. data analysis or research.
6. FEEDBACK. If you give feedback about the Developer Preview Software to HMD Global, you acknowledge and agree that (1) HMD Global may have similar development ideas to the feedback; (2) your feedback does not contain confidential or proprietary information of you or any third party; (3) HMD Global is not under any obligation of confidentiality with respect to the feedback; (4) HMD Global and its licensors may freely use, distribute, exploit, further develop and modify feedback for any purpose; and (5) you are not entitled to any compensation from HMD Global.
7. OPEN SOURCE SOFTWARE. Parts of the Developer Preview Software may be provided with notices and open source licenses from third parties that govern the use of those parts. Any licenses granted hereunder do not alter any rights and obligations you may have under such open source licenses.
8. WARRANTY DISCLAIMER. The Developer Preview Software is licensed "AS-IS". HMD Global gives no express warranties, guarantees or conditions. HMD Global excludes the implied warranties of merchantability, fitness for a particular purpose and non-infringement.
9. LIMITATION OF LIABILITY. HMD GLOBAL SHALL NOT BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL OR CONSEQUENTIAL DAMAGES, LOST PROFITS OR FOR BUSINESS INTERRUPTION ARISING OUT OF THE USE OF OR INABILITY TO USE THE DEVELOPER PREVIEW SOFTWARE, EVEN IF HMD GLOBAL HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. SOME JURISDICTIONS DO NOT ALLOW EXCLUSION OF CERTAIN WARRANTIES OR LIMITATIONS OF LIABILITY, SO THE ABOVE LIMITATIONS OR EXCLUSIONS MAY NOT APPLY TO YOU. THE LIABILITY OF HMD GLOBAL WOULD IN SUCH CASE BE LIMITED TO THE GREATEST EXTENT PERMITTED BY LAW.
10. GOVERNING LAW. These license terms will be governed by the laws of Finland. Any dispute resolution between you and HMD Global arising of or relating to these license terms shall take place in Finland, Helsinki in the Finnish courts.

These license terms are an agreement between HMD Global Oy ("HMD Global") and you. They apply to the pre-release software versions (the "Pilot Software") available on Nokia phones pilots ("Pilots"). To participate in the Pilots activities, you need to be at least 18 years of age. You understand and agree that participation in the Pilots activities is voluntary. HMD Global reserves a right to modify these terms from time to time.

a. LICENSE. Subject your compliance with these license terms, you may install and use the Pilot Software on your Nokia device specified in the instructions of Nokia Phones Pilot for the purpose of testing and evaluating the Pilot Software and providing HMD Global with feedback on quality and usability of the Pilot Software.

b. LICENSE RESTRICTIONS. You may not (1) reverse engineer, decompile or disassemble the Pilot Software, except to the extent that applicable law expressly permits; (2) use components of the Pilot Software to run applications not running on the Pilot Software; (3) publish the Pilot Software for others to copy; (4) sublicense or sell the Pilot Software; or (5) transfer the Pilot Software or these terms to any third party.

c. TERM. The term of this agreement will expire upon the commercial release of the Pilot Software. You have the right to use the Pilots Software under the license terms of this agreement during this period.

d. PRE-RELEASE SOFTWARE. The Pilot Software is a pre-release version. It may not work the way a final version of the software will. HMD Global may significantly change it or decide not to release a final version. You understand that it may require to manual flashing in some cases to bring devices to normal usage. Upon reversion reflash, please note you will lose all user data - users are advised to periodically back up any user data. In addition, after SW reversion, previously installed applications may not function as intended and may require uninstall/reinstall. HMD Global encourages you to back-up all data and information before your participation in the Pilots activities. YOU UNDERSTAND THAT BY INSTALLING THE PILOT SOFTWARE, THAT APPLICATIONS MAY BE AFFECTED BY YOUR USE OF THE PILOT SOFTWARE. HMD GLOBAL SHALL NOT BE RESPONSIBLE FOR ANY COSTS, EXPENSES OR OTHER LIABILITIES YOU MAY INCUR AS A RESULT OF YOUR TESTING, INSTALLATION OR USE OF THE PILOT SOFTWARE, INCLUDING BUT NOT LIMITED TO ANY DAMAGE TO DATA OR ANY LOSS OF DATA.

e. PRIVACY. Data collected in connection with the Pilot activities will be treated in accordance with HMD Global Privacy Policy. We are using the data to help us to create, improve, operate or deliver our products, services and content. We may contact you based on your feedback, in order to correct malfunctions in our software or device. We are also using the collected data for internal purposes e.g. data analysis or research.

f. FEEDBACK. If you give feedback about the Pilot Software to HMD Global, you acknowledge and agree that (1) HMD Global may have similar development ideas to the feedback; (2) your feedback does not contain confidential or proprietary information of you or any third party; (3) HMD Global is not under any obligation of confidentiality with respect to the feedback; (4) HMD Global and its licensors may freely use, distribute, exploit, further develop and modify feedback for any purpose; and (5) you are not entitled to any compensation from HMD Global.

g. OPEN SOURCE SOFTWARE. Parts of the Pilot Software may be provided with notices and open source licenses from third parties that govern the use of those parts. Any licenses granted hereunder do not alter any rights and obligations you may have under such open source licenses.

h. WARRANTY DISCLAIMER. The Pilot Software is licensed "AS-IS". HMD Global gives no express warranties, guarantees or conditions. HMD Global excludes the implied warranties of merchantability, fitness for a particular purpose and non-infringement.

i. LIMITATION OF LIABILITY. HMD GLOBAL SHALL NOT BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL OR CONSEQUENTIAL DAMAGES, LOST PROFITS OR FOR BUSINESS INTERRUPTION ARISING OUT OF THE USE OF OR INABILITY TO USE THE PILOT SOFTWARE, EVEN IF HMD GLOBAL HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. SOME JURISDICTIONS DO NOT ALLOW EXCLUSION OF CERTAIN WARRANTIES OR LIMITATIONS OF LIABILITY, SO THE ABOVE LIMITATIONS OR EXCLUSIONS MAY NOT APPLY TO YOU. THE LIABILITY OF HMD GLOBAL WOULD IN SUCH CASE BE LIMITED TO THE GREATEST EXTENT PERMITTED BY LAW.

j. GOVERNING LAW. These license terms will be governed by the laws of Finland. Any dispute resolution between you and HMD Global arising of or relating to these license terms shall take place in Finland, Helsinki in the Finnish courts.

• Version: 1.0
• Effective date 27 July, 2017
• Audience: Suppliers
• Owner: General Counsel
• Approver: HMD Board
• Related Policies: HMD Code of Conduct, HMD Business Ethics Policy, HMD Environmental, Health & Safety Policy, HMD Conflict Mineral Policy, HMD Human Rights and Labour Policy

1. Scope

In this document, HMD/our/we refer to HMD global Oy (“HMD”) and all its affiliates. The Code of Conduct is global and covers all HMD global Oy’s legal entities. This code outlines what HMD expects from our suppliers in relation to Human Rights & Labour, Business Ethics, Environmental, Health and Safety and Management practices. HMD will assess its suppliers by their conformance to this code and any violation of it will result in remedial actions. Failure of our supplier to comply with this code or the remedial actions set could result in termination of the business contract.

2. Our Approach

This document has been made to comply with international laws and regulations as well as HMDs values. In addition, we have looked to International Standards including; the Electronic Industry Citizenship Coalition’s (EICC) Code of Conduct; United Nations Declaration of Human Rights; United Nations’ Guiding Principles on Business and Human Rights; International Labor Organisation’s (ILO) Core Conventions; Environmental management standard ISO 14001; Organisation for Economic Co-operation and Development (OECD) Guidelines for Multinational Enterprise; Occupational health and safety management standard OHSAS18001 and the Social accountability standard SA 8000.

3. Business Ethics

HMD is strongly committed to conducting ourselves in accordance with our commitment to the highest standards of ethical conduct. Our supplier shall operate by the same Ethical standards we set ourselves and comply by the related policies and procedures, and all applicable national and international laws.

3.1 Improper Payments

HMD believe in fairness and honesty; we obtain and retain our business relationships with these principles firmly in mind. Our supplier shall adhere to anti-corruption laws and shall not allow corrupt or inappropriate payments made by, or on behalf of, our supplier to HMD, our employees or customers, government officials or third parties. These payments can occur in many forms and include among other things; bribes, gifts, entertainment, gratuities, favors, donations or facilitation payments. We extend our understanding of improper payments to include any transfer of value that is not consistent with HMD policies, procedures or applicable laws.

3.2 Fair Competition

Our supplier shall adhere to marketplace regulations and anti-trust laws. These laws protect the market from unethical agreements and collaborations among competitors which may affect competition. Our supplier shall uphold these standards of fair business, advertising and competition.

3.3 Privacy and Security

Privacy and security are key considerations in the creation and delivery of HMD’s products and services. Our supplier shall commit to respect privacy and to comply with applicable data protection and privacy laws. Our supplier shall have in place internal policies and guidelines through an appropriate selection of activities, including proactive and reactive risk management, security and privacy engineering, training and assessments.

Our supplier shall take appropriate steps to address online security, physical security, risk of data loss and other such risks; taking into consideration the risk represented by the processing and the nature of the data being protected. Our Supplier shall not transfer personal data without ensuring it is safe, responsible and legal to do so. When confidential data is no longer needed, it shall be destroyed securely.

3.4 Intellectual Property and Confidential Information

It is essential that Intellectual property rights are followed and respected. Whenever our supplier has a need to transfer technology and know-how they shall do so in a manner that protects intellectual property rights and any information regarding HMD or our affiliates should be safeguarded. In addition, our supplier shall have in place an ‘Incident Response Procedure’ (IRP) to manage breaches of confidential information.

3.5 Dealing with Officials

We prohibit the use of “facilitating payments” which refers to small payments, usually made in cash, which are typically provided to a government official to speed up or guarantee a routine action that the official is already obligated to perform.

3.6 Controllership

Our supplier shall ensure that they disclose requested information related to aspects of this code, including; Human Rights & Labour, Business Ethics, Environmental, Health and Safety and Management as well as general practices such as business activities, financial situation/performance and company structure. Such disclosures of information shall comply with applicable laws and regulations wherever they operate and our supplier shall not condone the falsification of records, misrepresentation of conditions, or practices throughout the supply chain.

3.7 Responsible Sourcing of Minerals

Suppliers or partners who manufacture any aspect of our products (including components and parts) containing tin, tantalum, tungsten or gold, shall have a detailed policy or procedure in place to ensure that the products manufactured, do not directly or indirectly finance or benefit armed groups, that are perpetrators of serious human rights abuses in the Democratic Republic of the Congo, or an adjoining country.

These same suppliers shall maintain a Conflict Mineral Policy outlining their legal compliance, measures for implementation and commitment to responsible sourcing. This includes due diligence on the source and chain of custody of all related minerals. These documents shall be kept and made available for HMD to view upon request for a period of 5 years.

3.8 Confidential Reporting and Non-Retaliation

Our Supplier shall maintain programs that ensure their employees and suppliers have access to confidential and anonymous reporting channels, as well as protection in place for acts of whistleblowing. Our supplier shall have in place a clear, visible and communicated process for anyone working at their facility to be able to raise concerns without fear of retaliation.

4. Labour & Human Rights

At HMD we believe that everyone in our supply chain deserves respect, fair treatment and equal rights. Our suppliers create jobs all over the world and we expect them to commit to making those jobs have a positive impact on their lives. This is true for all workers from direct to indirect, permanent and temporary workers as well as students and migrant workers or any other type of worker. We refer to all types of workers as simply “employees” or “workers” in this document.

4.1 Fair and Freely Chosen Employment

Work shall always be a voluntary act. Our supplier shall comply with this statement and be committed to ensuring that no form of slavery or trafficking of persons are used in any aspect of their business. This includes involuntary prison labour, forced, bonded, debt bonded or indentured persons.

Our supplier shall ensure that every employee has a contract that covers the terms and conditions of their employment agreement that is signed by both the employee and the supplier. The terms and conditions should contain all relevant aspects including but not limited to; working hours and guaranteed wage, overtime rates of pay and compensation, payment and frequency of payment and their notice period. In addition, the contract should be written in the native language of the employee, to ensure they fully understand the terms. In the case of migrant workers this contract should be available to them prior to leaving their country of origin.

Our supplier shall ensure that all employees receive basic induction training and have all the training, equipment and experience to conduct their work duties safety. The employee shall be free to leave their work at any time and their movement should never have their movement unreasonably restricted either within their workplace or when entering or exiting the facility. No employee in our supplier’s facilities, either of the company, or through an agency or any other external employment agreement, should be required to submit possession of their personal documents to anyone. This includes passports, identity and immigration documents or work permits. These personal documents are owned by the individual and should never be held, concealed, destroyed or confiscated. The only reason for any documents being held is if it is required by law.

No employee shall be required to make any payment to either the employer or an agent in order to secure their employment, training or as a form of punishment of any kind or any other fees related to their employment. Our supplier shall ensure that if they uncover any such fees being paid then the money shall be returned to the employee promptly.

Our supplier shall ensure that adequate policies and procedures are in place to protect workers and potential workers against any form of discrimination, harassment, harsh or inhumane treatment or any other unlawful discrimination or treatment, including disciplinary policies and procedures. No worker should be subjected to sexual abuse or harassment, physical, mental or verbal abuse or harassment, corporal punishment or any threats regarding treatment of this kind.

Our supplier shall ensure that they employ, retain and promote possible candidates based on their qualifications, skills and competences only; they shall not consider a person’s race, sex, religion, marital status, pregnancy, nationality, ethnicity, disability, sexual orientation, expression and any other characteristic covered by law. Our supplier shall provide workers with adequate facilities for religious practice. Under no circumstances should employees or potential employees be subjected to medical, physical or pregnancy examination or testing that could be used in a discriminatory way.

4.2 Young Workers Protection

No one under the age of completing compulsory education or under the local legal age of employment or under 15 years of age (whichever is the greatest) shall be employed by, or on behalf of our supplier.

Young workers (under the age of 18) need to be protected and our supplier shall not require them to perform tasks that could risk their health & safety. In addition, young workers should not work overtime or night shifts. Student workers shall be provided with training and support and our supplier shall ensure that they maintain student records and conduct thorough due diligence of educational partners protecting the rights of the student in accordance with applicable laws and regulations. Young workers including; students, interns and apprentices should be paid at least the same rate of pay as other employees that perform equal or similar tasks.

4.3 Working Hours and Wages

Our supplier shall ensure that working weeks do not exceed the restrictions placed on them by local law. No worker shall work in excess of 60 hours per week including overtime and they must have at least one day off per six days worked. Workers shall also be entitled to at least two weeks of paid leave per year. In addition, overtime shall be limited to comply with local law or to a maximum of 12 hours per week. Overtime shall always be paid at a premium rate and be taken as a choice by the employee. Overtime should be used in unusual or emergency situations and not a regular request of workers.

Workers shall be compensated in accordance with local laws in relation to minimum wage rates and legally mandated benefits. Workers shall be provided with wage statement in a timely manner, that makes clear indication of the hours worked, so that they can verify their wage is correct, for the hours they worked. The document should be understandable to the worker in their native language if required. Temporary workers of any kind as well as outsourced workers shall be used within the restrictions of local law.

4.4 Communication, Collective Bargaining and Freedom of Association

Workers shall be provided with access to information that is relevant to them, their employment and their work. They shall be made aware of changes as they happen in order to conduct their work to the best of their ability. Our supplier shall have in place the means to measure worker satisfaction and strive to improve this metric where possible. Workers shall be able to discuss openly their opinions, ideas and concerns without the fear of retaliation of any kind.

Our supplier shall respect the rights of all workers to form and join trade unions of their choosing in conformance with local law. Collective bargaining is an important right of employees and they should be allowed to engage in peaceful assembly. In addition, worker shall be free to refrain for any such activity.

The rights of whistle-blowers shall be protected and confidential channels shall be offered for the reporting of unfair conditions of any kind.

4.5 Modern Slavery

Modern Slavery is an umbrella term that includes; slavery, human trafficking, forced or compulsory labour and servitude. Modern slavery as a term refers to a situation where a person is coerced, deceived, taken unwillingly and/or indebted into a position where they feel trapped, held, compelled or forced to work.

Our supplier shall ensure that anyone working for them or on their behalf is free to choose who they work for, when they work and where they work. Our supplier shall not trap, compel or force another person to work. In addition, they shall have in place a system by which they can monitor anyone contracted to work on their behalf by these same standards. Our supplier shall implement and maintain as part of their due diligence a system to uncover any abuses that may occur and to make this data available to HMD.

We expect our suppliers and their employees to respect human rights and to report any suspected violation of the UK Modern Slavery Act to us through our legal team to ethics@hmdglobal.com.

4.6 Non-Disclosure Agreements

Our supplier shall ensure that any workers that are in contact with confidential information regarding HMD, its subsidiaries or the Nokia brand have signed a Non-Disclosure Agreement (NDA). It is important that the employee is made fully aware of the meaning of this document and the extent of agreement being made.

5. Environmental Protection

HMD are committed to environmental protection and we manage our activities and our supplychain closely to ensure we not only meet the relevant legislation and international standards but wherever we can we strive for higher. We expect our suppliers to be committed to preventing and reducing the impacts of our business through open and ethical management practices.

5.1 Environmental Management System (EMS)

Our supplier shall have in place an Environmental Management System (EMS) that effectively plans, operates and controls significant environmental aspects of their operations and the electronics industry. They shall ensure at all times these measures at least comply with legal and legislative requirements.

We are committed to ensure our suppliers are sharing our values regarding environmental protection. Our suppliers are required to have an EMS in place that is capable of planning, operating and controlling environmental aspects. Our suppliers shall ensure that they periodically review their environmental legislation, applicable regulations and customer requirements and shall supply evidence of their compliance as requested. Additionally, our suppliers shall conduct and/or cooperate with internal and external environmental risk audits. Our supplier shall implement improvement targets and programs, necessary employee training and communication, internal audits and management reviews.

We require our manufacturing partners to be certified as compliant with ISO14001 or the EcoManagement and Audit Scheme (EMAS).

5.2 Improving Environmental Performance

Our suppliers shall have in place continuous improvement projects aimed at identifying, measuring, controlling and improving their environmental performance. Environmental performance includes all significant environmental aspects related to their activity including; energy usage, water access, usage and conservation, waste and defect creation, reducing the materials per product which in turn reduces the effects on mining and biodiversity, reducing the use of hazardous materials and chemicals, improving the processes in place that manage risks and ensuring the cleanest possible treatment and control of waste generation.

Resource usage and waste creation of all kinds need to be reduced wherever possible either at source or through modifying processes or substituting materials. We expect our suppliers to look towards the “EU Waste Hierarchy” model and where possible they should aim to Reduce, Reuse, Recycle and Reclaim in that order of priority whenever and wherever possible.

5.3 Energy Efficiency & Green House Gas (GHG) Emissions

Our supplier shall be committed to reducing their carbon footprint and shall measure, and report on their energy consumption and GHG emissions. This requires them to identify the sources of their emission both internally and externally and for them to define clearly the scope of their reporting.

Our supplier shall look to monitor the data they assemble and highlight areas for cost effective improvements to minimise GHG emissions within their control.

5.4 Air Emissions

We require any emissions to the air created by the operations of our suppliers be characterised, monitored, controlled and treated prior to discharge. These emissions include aerosols and other ozone depleting chemicals, volatile organic chemicals, corrosives, particulates, and combustion by-products. In addition, our suppliers shall continuously improve the performance of their air emission control systems through a routine identification and monitoring processes.

5.5 Water Use Reduction

As part of their EMS our suppliers shall identify and measure their water consumption and investigate ways in which they can reduce it.

5.6 Storm Water Management

As part of their EMS we require our suppliers to take a systematic approach to the way they routinely manage, monitor and report their storm water management. Our suppliers shall minimise the risks of discharges or spills and they shall have robust systems in place to protect against pollutants from entering public drainage and ensure they comply with the law.

5.7 Waste & Wastewater Management

As part of their EMS we require our suppliers to implement a comprehensive system that characterises, monitors, controls and treats waste and wastewater created by their operations and products. We also expect our suppliers to work towards reducing their waste creation and in turn increase the volume of recycled waste. This process must adhere to legal requirements and environmental best practice approaches before any discharge or disposal.

As part of their EMS we also require our suppliers to comply fully with wastewater and solid waste management obligations. They must always maintain a systematic approach to wastewater and solid waste management. This includes having all the required permits and approvals in place (for instance, to store hazardous waste).

5.8 Design for Environment

Our suppliers shall include environmental consideration for all areas of product development. This also include adhering to our substance list and minimising or removing negative environmental impacts whenever it is possible to do so, this includes any hazardous constituents. These improvements can increase the efficiency of our products, reduce the use of materials and enable greater recycling capabilities.

5.9 Substance List

Our suppliers shall follow our Substance List and work closely with us and their suppliers to reduce or ban these materials and chemicals as stated in our Substance List.

5.10 Hazardous Substances

Chemicals and other materials that pose the risk of hazards to the environment require special care and attention. At all times their use should be restricted as much as possible and they should be clearly identified and managed. Their use, handling, storage, movement, recycling, reuse or disposal should be done in a controlled way that poses the least risk to the environment.

6. Health & Safety

As part of their management systems our suppliers shall include aspects related to reducing the risk of work-related injury and illness. This is required to produce working environments that are conducive of productive, safe and healthy work. This requires communication and training as well as processes, rules, regulations and documentation.

6.1 Health & Safety Management System

Our supplier shall have in place an occupational health & safety management system that complies with the OHSAS 18001 or similar internationally recognised standards. The system must be cover aspects such as the planning, operation and control of risks and hazards related to health & safety including; training and communication/feedback sessions for employees, periodic auditing and assigned improvement programs and targets.

As part of this system our supplier shall have a standard procedure in place to access and control the risks of accidents and injuries as well as occupational diseases in a proactive and preventative manner. Additionally, an appointed senior manager shall be responsible for periodically ensuring the system is functioning and is suitable.

6.2 Health & Safety Training and Communication

Our supplier shall ensure that those responsible for ensuring the health and safety of workers are sufficiently trained and knowledgeable as well as given adequate time and resources to perform their tasks. All employees shall be trained on the health and safety aspects that are appropriate for their role in their native language. Health and Safety signage and communications shall be clearly present in and around the facility.

6.3 Occupational Health & Safety

Our supplier shall have measures in place to safeguard against preventable accidents and emergencies. Nominated employees that are responsible for Occupational Health and Safety shall be trained and workers shall be encouraged to raise safety concerns. Employees shall be protected against exposure to potential hazards such as; slip, trips or fall hazards, vehicles, fire or from electrical/energy sources through adequate procedures that identify, minimise and prevent hazards. These procedures include, an ongoing safety training program and safety instructions, preventable maintenance and safe work practices, clear signage, machine maintenance and safeguarding, chemical controls, personal protective equipment and clothing, hearing protection and excessive noise reduction. Additional care shall be taken with employees under 18 year of age (young workers). Supplier shall take responsibility for its employees when they carry out work off premises.

6.4 Emergency Preparations

Emergency procedures shall be in place to identify potential emergency situations and events. Our supplier shall have emergency plans, evacuation procedures, employee training and drills, appropriate fire detection, sufficient extinguishers, adequate exit facilities and recovery plans in place in case any emergency should arise. Our supplier shall have a pro-active approach to emergency risk and ensure that wherever possible risks to life, the environment and property are minimised.

6.5 Occupational Injury and Illness

Our Supplier shall, as part of their Health and Safety Management system have procedures to mitigate and manage injuries and illnesses sustained by their employees. This requires prevention, management, tracking and reporting on occupational injury and illness. Employees shall be provided with a means to report discomfort, illness and/or injuries sustained. All suspected and actual injuries and illnesses reported by employees shall be classified and recorded and employees shall be provided with treatment or equipment to aid with their recovery and prevent future problems. In addition, investigations shall be made and corrective actions taken to eliminate their causes to ensure that workers can return safely to work.

6.6 Industrial Hygiene

Our supplier shall have in place engineering and administrative measures to identify, monitor, control and limit worker’s exposure to chemical, biological and physical agents to prevent overexposures. Adequate personal protective equipment shall be supplied to workers at risk.

6.7 Physically Demanding Work

Our supplier shall have processes to identify, evaluate and control hazards of physically demanding work. Employees shall be protected and train on aspects such as manual handling, repetitive tasks (i.e. in assembly), heavy lifting and prolonged periods of standing or sitting. When such hazards are found, our supplier shall monitor, aim to control and minimise their risks.

6.8 Equipment Safeguarding

Our supplier shall have adequate management systems in place to cover aspects where employees are operating with dangerous or hazardous substances or with equipment, production machines or other machinery. In all of these cases our supplier shall ensure that workers are provided with the correct protective equipment and the equipment/machinery should be fitted with properly maintained guards, interlocks and barriers to ensure our employees safety.

6.9 Clean and Safe Buildings and Facilities

Our supplier shall provide workers with safe and clean buildings and facilities. This includes workers having access to clean drinking water, adequate and clean toilet facilities, sanitary food preparation and storage areas as well as safe and clean eating facilities.

In those facilities that require workers to live on site their dormitories shall be provided for by the supplier or their labour agent. Dormitories shall be well maintained to ensure safety with reasonable personal space. They shall have access to lockable storage for worker’s private belongings. They shall be clean with appropriate emergency exits and signage, access to clean drinking water, hot water for bathing/washing and adequate heating and ventilation. Workers shall have reasonable privileges to enter and leave their accommodation and these facilities shall comply with legal safety standards and regulations.

7. Management

Our supplier shall have a Code of Conduct in place, to showcase their values and commitment to; ethical; environmental; human rights; labour and health and safety topics related to their business operations. Procedures and physical controls that are put in place shall be in relative and adequate for the associated risk and in accordance with our supplier’s Code of Conduct. This document will have a continuous improvement methodology and be based on Internationally recognised standards and management systems as well as comply with all relevant laws and regulations. A copy of the Code of Conduct shall be visible in the facility; written in the local language. In addition, we expect our supplier to have a process for setting requirements in their Code of Conduct on to their suppliers and monitoring their compliance. Our supplier’s management shall ensure that the messages contained their Code of Conduct is transferred throughout their business and relevant employees are trained on its contents and related procedures, risks and policies. In addition, we expect our supplier to be able to show supporting documentation and/or evidence that such actions are taking place and training should be recorded as and when it is completed. Training shall be in accordance applicable laws and regulations.

7.1 Management Systems

Our supplier shall identify the senior executive and company representatives responsible for ensuring the management systems and associated programs are in place. Additionally, senior management will review the systems periodically with the focus on ensuring they are adequate.

7.2 Environmental and Social Objectives

Our supplier shall set performance objectives set to realistic timeframes with implementation plans. These objectives shall look to improve on their environmental and social performance and shall be available in written form if required. The objectives shall also have clear processes in place for reviewing the progress and amending expectations as appropriate.

7.3 Audits, Assessments and Corrective Actions

Our supplier shall conduct self-evaluations periodically and allow for external auditors to conduct similar audits of their facilities to ensure that they conform to legal and regulatory requirements. In cases where the contents of this code are more detailed and/or stricter than local laws and regulations audits shall check to ensure that they comply with the content of this Code of Conduct and our contractual requirements on ethical, environmental and societal responsibility.

Our supplier shall ensure that required corrective actions are taken in a timely manner and these activities are monitored and reported following the correct procedure, ensuring regulatory compliance whilst protecting privacy.

7.4 Communication and Worker Participation and Feedback

Our supplier shall make clearly available their policies and procedures as well as clearly defined expectations and practices they expect their workers to follow. Workers shall receive adequate training to mean these requirements and be given the right to participate in and give feedback on practices and conditions covered. This shall be an ongoing progress of continuous feedback and improvement measure.

7.5 Documentation and Records

Our Supplier shall create and maintain relevant documentation to assure their compliance and conformity on all the matters discussed in this Supplier Code of Conduct. This documentation shall be made available to HMD or external auditors working on behalf of ourselves or our customers. Appropriate measure shall be taken to protect privacy rights.

8. Supplier Management & Purchasing

Our supplier shall have adequate measures in place to set requirements and manage the compliance of their suppliers. The term supplier used in this section includes any company/person who, from HMD’s perspective, would be considered a sub-supplier such as vendors, subcontractors, service providers, partners, etc.

Our supplier’s supplier base strategy and supplier base management systems must ensure subsuppliers conform with HMD’s supplier requirements (including labour and environmental aspects) as well as all applicable laws and regulations. Our supplier shall take these conformance aspects into consideration when choosing their suppliers and they shall have a structure by which they identify, evaluate and select suppliers.

Purchase and Service agreements shall be used with all suppliers and shall include valid NonDisclosure Agreements (NDAs). These NDAs shall align and conform to the NDAs in place between HMD and the supplier.

Our supplier shall set environmental, labour (including health and safety, human rights and ethics) and management requirements on our sub-suppliers. This also includes aspects such as waste handling and recycling. In addition, sub-suppliers who are responsible for waste disposal shall be appropriately authorised and licenced to carry out these tasks and our supplier shall ensure this compliance.

1. Acceptance and Effect

This purchase order ("Purchase Order") is between HMD Global Oy or its affiliate defined in the Purchase Order ("HMD") issuing the Purchase Order and the supplier identified herein ("Supplier") and covers:

1. Goods: the purchase of software and tangible goods
2. Services: The purchase/ordering of services
3. Deliverables: Any intellectual property or other work product developed specifically for HMD by Supplier or a subcontractor of Supplier as part of the Services

This Purchase Order is effective upon Supplier’s commencement of performance or the date of Supplier’s signature below, whichever is earlier. Except as set forth in Section 2 below, Supplier’s acceptance of this Purchase Order is expressly limited to these terms and conditions without counterproposal.

2. Relationship to Other Agreements

The terms and conditions of this Purchase Order are the complete and binding agreement between HMD and Supplier except:

1. If multiple agreements with similar or contradictory provisions could apply to this Purchase Order, the parties agree the most favourable terms to HMD will apply, unless the result would be unreasonable, unconscionable or prohibited by law.
2. Except as stated above in this Section 2, and other than Order Changes described in Section 8 and the Termination provisions in Section 12, additional or different terms will not supersede this Purchase Order unless the parties mutually execute a written document.

3. Packing, Shipment and Returns of Goods or Deliverables

Unless specifically provided in this Purchase Order:

1. Packing.

   1. Price based on weight will include net weight only.
   2. Supplier will not charge HMD for packaging or pre-shipping costs, such as boxing, crating, handling damage, drayage, or storage.

2. Shipping.

   1. Supplier will mark all containers with necessary handling and shipping information, Purchase Order number(s), date of shipment, and names of the consignee and consignor;
   2. An itemized invoice and packing list, and other documentation required for domestic or international transit, regulatory clearance or identification of the Goods or Deliverables will accompany each shipment;
   3. HMD will only pay for the quantity received, not to exceed the maximum quantity ordered;
   4. HMD or its agent will hold over-shipments at Supplier’s risk and expense for a reasonable time awaiting Supplier’s shipping instructions;
   5. HMD will not be charged for shipping or delivery costs;

   6. Goods and Deliverables will be delivered post issuance of the Purchase Order date:

      1. FOB to the HMD designated delivery location if the Goods and Deliverables originate in the same jurisdiction as the HMD designated delivery location; or
      2. DDP (Incoterms 2010) to the HMD designated delivery location for cross border delivery of Goods and Deliverables to the HMD designated delivery location; and
   7. Supplier will bear all risk of loss, damage, or destruction to the Goods or Deliverable, in whole or in part, occurring before final acceptance by HMD at the designated delivery location. HMD is responsible for any loss caused by the gross negligence of its employees before acceptance.
   8. Returns. Supplier will bear the expense of return shipping charges for over-shipped quantities or rejected items.

4. Invoices

1. To the extent that electronic invoicing is available, Supplier will follow that process. If there is no electronic invoicing, invoices will be sent to the following email: invoices@hmdglobal.com
2. Invoice must contain the following information: Purchase Order number, item number, description of item, quantities, unit prices, extended totals, packing slip number, shipping, ship to city and state, taxes, and any other information reasonably required by HMD. Supplier will not charge HMD for researching, reporting on or correcting any errors relating to its invoices. In those circumstances, Supplier authorizes the electronic invoicing provider to receive
   Supplier’s invoice data not yet constituting an original invoice and subsequently to apply an electronic signature to the invoice data to issue electronic invoices "in the name and on behalf of" Supplier.
3. HMD may dispute any invoice by providing oral or written notice or partial payment. HMD will make commercially reasonable efforts to notify Supplier in writing of any disputed amount within 60 days of receiving the applicable invoice. Neither failing to provide notice nor payment of an invoice is a waiver of any claim or right.

5. Payment Terms / Cash Discounts / Offset / Expenses

1. After HMD accepts the Goods or Services and receives a correct and undisputed invoice (the "Create Date"), HMD will release payment by net 60 days (unless otherwise agreed post issuance of this purchase order)
2. HMD is not obligated to pay any invoice received from Supplier more than 120 days after HMD accepts the Goods or Services.
3. Payment of an invoice will not constitute acceptance of Goods, and is subject to adjustment for errors, shortages, defects or other failure of Supplier to meet the requirements of this Purchase Order.
4. HMD may set-off amounts owed to HMD against an amount HMD owes Supplier or Supplier’s affiliated companies. HMD will provide notice to Supplier within a reasonable time after the setoff.
5. Unless otherwise agreed, Supplier is responsible for all expenses incurred providing the Goods or Services and performing under this Purchase Order.

6. Taxes

1. Except as otherwise provided below, the amounts to be paid by HMD to Supplier do not include any taxes. HMD is not liable for any taxes that Supplier is legally obligated to pay, including, but not limited to net income or gross receipts taxes, franchise taxes, and property taxes. HMD will pay Supplier applicable GST or any other taxes it owes due to this Purchase Order and which the law requires Supplier to collect from HMD. If HMD provides Supplier a valid exemption certificate, Supplier will not collect the taxes covered by such certificate. Supplier will indemnify and hold HMD harmless from any claims, costs (including reasonable attorneys’ fees) and liabilities related to Supplier’s taxes.
2. If the law requires HMD to withhold taxes from payments to Supplier, HMD may withhold those taxes and pay them to the appropriate taxing authority. HMD will deliver to Supplier an official receipt for such taxes. HMD will use reasonable efforts to minimize any taxes withheld to the extent allowed by law.

7. Inspection and Acceptance

1. The Goods and Services must meet the standards and specifications in this Purchase Order. HMD may cancel this Purchase Order if Supplier fails to comply with the Purchase Order standards and specifications.
2. All Goods and Services will be subject to HMD’s inspection and testing, at any time and place, including the period of manufacture and before final acceptance.
3. If any item provided under this Purchase Order is defective in materials or workmanship or not in conformity with the requirements, then HMD may reject it without correction, require its correction within a specified time, accept it with an adjustment in price, or return it to Supplier for full credit. When HMD provides notice to Supplier, Supplier will promptly replace or correct, at their expense, any item rejected or requiring correction. If, after HMD’s request, Supplier fails to promptly replace or correct a defective item within the delivery schedule, HMD may, at its sole option, (i) replace or correct such item and charge the cost to Supplier, (ii) without further notice terminate this Purchase Order for default, return the rejected item to Supplier at Supplier’s expense and Supplier will promptly refund any amounts paid by HMD for the returned item or (iii) require a reduction in price.

8. Order Changes

HMD may suspend Supplier’s performance, increase or decrease the ordered quantities, or make changes for HMD’s reasonable business needs (each, a "Change Order"), by written notice to Supplier, including via e-mail, and without any notice to Supplier sureties, subcontractors or assignees. Unless mutually agreed, a Change Order does not apply to change the Goods and Services timely and fully delivered before the date of the Change Order. If any change causes an increase or decrease in the cost of, or the time required for, the performance of the Purchase Order, an equitable adjustment shall be made in the price or delivery schedule, or both, and the Purchase order shall be modified accordingly in writing.

9. Tools and Equipment

All tools, equipment or materials acquired by Supplier for use in providing the Goods and Services, which have been furnished to, paid for by or charged against HMD, including but not limited to specifications, drawings, tools, dies, molds, fixtures, patterns, hobs, electrodes, punches, artwork, screens, tapes, templates, special test equipment, gauges, content, data, and software, will remain or become HMD’s property, treated as confidential information, and delivered in good condition, normal wear and tear excepted, by Supplier to HMD’s designated delivery location.

10. Ownership and use of the parties’ respective intellectual property

1. Each party will own and retain all rights to its pre-existing intellectual property and any intellectual property developed outside of the Goods and Services under this Purchase Order.
2. If Supplier uses any Supplier or third party intellectual property in any Good or Service, Supplier will continue to own Supplier’s intellectual property. Supplier will grant HMD a worldwide, nonexclusive, perpetual, irrevocable, royalty-free, fully paid up right and license, under all current and future intellectual property, to use Supplier’s and third party intellectual property consistent with HMD’s ownership interests.
3. HMD intellectual property.
   1. Supplier may obtain "HMD Materials" meaning any tangible or intangible materials (including hardware, software, source code, documentation, met methodologies, know how, processes, techniques, ideas, concepts, technologies, and data) provided by or on behalf of HMD to perform the Services. HMD Materials include any modifications to, or derivative works of, the foregoing materials, the trademarks and any data entered into any Supplier database as part of the Services.
   2. HMD retains all interest in HMD Materials and related intellectual property. Supplier has no right to sublicense HMD Materials.
   3. Regarding Supplier’s use of HMD Materials:
      1. Supplier will not modify, reverse engineer, decompile, or disassemble HMD Materials except as allowed by HMD;
      2. Supplier will leave in place, and not alter or obscure, all proprietary notices and licenses contained in HMD Materials;
      3. HMD is not obligated to provide technical support, maintenance or updates for HMD Materials;
      4. Supplier assumes the risk of loss, damage, unauthorized access or use, or theft or disappearance of HMD Materials in Supplier’s (or subcontractor’s) care, custody or control.
   4. License to software and Intellectual Property in the Goods.
      1. Pass through warranties and indemnities. Supplier assigns and passes through to HMD all of the thirdparty manufacturers’ and licensors’ warranties and indemnities for the Goods.
   5. Title to the Goods (other than software) will pass from Supplier to HMD on final acceptance.

11. Representations and Warranties

Supplier represents and warrants that:

1. Supplier has full rights and authority to enter into and perform according to this Agreement. Supplier’s performance will not violate any agreement or obligation between Supplier and any third party;
3. The Services will be performed professionally and be of high grade, nature and quality;
4. Supplier will provide to HMD all Goods and Services free from (i) any defects in design, workmanship and materials, (ii) any liability for royalties, and (iii) any mechanic’s liens or any other statutory lien or security interest or encumbrance;
5. The Goods, Services, Deliverables and any Supplier IP or third-party IP provided to HMD under this Agreement:
   1. Are not governed, in whole or in part, by an Excluded License. "Excluded License" means any software license that requires as a condition of use, modification and/or distribution, that the software or other software combined and/or distributed with it be (a) disclosed or distributed in source code form; (b) licensed to make derivative works; or (c) redistributable at no charge; and
   2. Will not be subject to license terms that require any HMD IP, product, service, or any Supplier IP, or third party IP licensed to HMD, or documentation which incorporates or is derived from the Deliverables, to be licensed or shared with any third party;

6. The Goods, Services, Deliverables and any Supplier IP or third-party IP provided to HMD under this Agreement will not:

   1. To the best of Supplier’s knowledge, infringe any patent, copyright, trademark, trade secret or other proprietary right of any third party; or
   2. Contain any viruses or other malicious code that will degrade or infect any Goods, product, service, or any other software or HMD’s network or systems;
7. Supplier will comply with all applicable laws, rules and regulations whether local, state, federal or foreign;
8. Supplier will comply with and train its employees in all applicable laws against bribery, corruption, inaccurate books & records, inadequate internal controls and money-laundering. Supplier will not offer or give any employee, agent, or representative of HMD gratuities to secure any business from HMD or influence such person to alter the terms, conditions, or performance of any contract with or order from HMD, including but not limited to this Purchase Order.

12. Termination

HMD may terminate this Purchase Order with or without cause. Termination is effective upon written notice. If HMD terminates for convenience, its only obligation is to pay for

1. Deliverables or Goods it accepts before the effective date of termination; or
2. Services performed, where HMD retains the benefit after the effective date of termination.

13. Privacy and Data Protection

1. "Personal Information" means any information provided by HMD or collected by Supplier under this Purchase Order:
   1. That identifies or can identify, contact, or locate the person to whom such information pertains; or
   2. That can be used to derive an individual person’s identification or contact information. Personal Information includes, but is not limited to: name, address, phone number, fax number, e-mail address, social security number or other government-issued identifier, and credit card information. To the extent any other information (e.g., a personal profile, unique identifier, biometric information, and/or IP address) is associated or combined with Personal Information, then such information is also Personal Information.

2. If Supplier collects or accesses any Personal Information as part of performing the Services, Supplier agrees to comply with the most current Data Protection Requirements applicable.
3. Compliance with Supplier Guidelines and Supplier Code of Conduct. Supplier will comply with the most current Supplier Guidelines and the Supplier Code of Conduct as communicated from time to time by HMD.

14. Subcontracting

Supplier will not subcontract with any third party to furnish any Goods or Services without HMD’s prior written consent.

15. Indemnification

Supplier will defend, indemnify and hold harmless HMD against all claims, demands, loss, costs, damages, and actions for (a) actual or alleged infringements of any third party intellectual property or other proprietary rights, which arise from the Goods and Services provided to HMD under this Purchase Order, (b) any claim that, if true, would constitute a breach of any Supplier warranty contained herein, (c) any act or omission of or failure to comply with applicable laws, rules or regulations by Supplier or Supplier’s agents, employees, or subcontractors, (d) any breach of confidentiality obligations, (e) the negligent or willful acts or omissions of Supplier or its subcontractors, which results in any bodily injury or death to any person or loss, disappearance or damage to tangible or intangible property, and (f) any claims of its employees, affiliated companies or subcontractors regardless of the basis, including, but not limited to, the payment of settlements, judgments, and reasonable attorneys’ fees.

16. Insurance

Supplier shall obtain and maintain in force with a reputable insurance company, and on request give evidence of, adequate insurance policies relating to its obligations under the Purchase order. Service Provider's obligations under this clause shall in no way limit or diminish its indemnification obligations, or liability for claims covered, under the terms of the Agreement. If HMD reasonably determines that Supplier’s coverage is not adequate, Supplier will promptly buy additional coverage and notify HMD in writing.

17. Non-Disclosure of Confidential Matters

If the parties have entered into a standard HMD Non-Disclosure Agreement, the terms of such agreement will apply to and be incorporated in this Purchase Order and all terms and conditions of this Purchase Order and HMD Materials will be deemed Confidential Information. If the parties have not entered into a standard

HMD Non-Disclosure Agreement, then Supplier agrees that during the term of this Purchase Order and for 5 years thereafter, Supplier will hold in strictest confidence, and will not use or disclose to any third party, any HMD Confidential Information. The term "HMD Confidential Information" means all nonpublic information that HMD designates, either in writing or orally, as confidential, or which, under the circumstances of disclosure ought to be treated as confidential. HMD Confidential Information includes:

1. The terms and conditions of this Purchase Order;
2. Released or unreleased HMD software or hardware products;
3. Marketing or promotion of any HMD product;
4. Business policies or practices of HMD;
5. Customers or suppliers of HMD;
6. HMD Materials or any information provided by HMD under this Purchase Order or obtained or created by Supplier in the course of providing the Goods or Services; or
7. Information received from others that HMD must treat as confidential.
   
   If Supplier has questions regarding what comprises HMD Confidential Information, Supplier will consult HMD. HMD Confidential Information will not include information known to Supplier before HMD’s disclosure to Supplier, or information that becomes publicly available through no fault of Supplier.

18. Audit

During the term of this Purchase Order and for 4 years after, Supplier agrees to keep all usual and proper records and books of account and all usual and proper entries related to its costs and expenses pertinent to this Purchase Order. During the above referenced period, HMD may audit and/or inspect the applicable records and facilities to verify statements or invoices issued by Supplier and confirm Supplier’s compliance with this Purchase Order. Any such audit will be conducted by HMD corporate internal audit personnel or by a certified public accountant firm selected by HMD Supplier agrees to provide HMD’s designated audit or inspection team reasonable access to the Supplier records and facilities. If the auditors determine that HMD overpaid Supplier, Supplier will reimburse HMD for any such overcharge. HMD will bear the expense of its auditors or inspection team. However, if the audit shows Supplier overcharged HMD by 5% or more during such audit period, Supplier will reimburse HMD for such expenses.

19. Assignments

No right or obligation under this Purchase Order (including the right to receive monies due) will be assigned without the prior written consent of HMD. Any assignment without such consent will be void. HMD may assign its rights under this Purchase Order.

20. Notice of Labor Disputes

Whenever an actual or potential labor dispute delays or threatens to delay the timely performance of this Purchase Order, Supplier will immediately notify HMD in writing of such dispute and furnish all relevant details. Supplier will include a provision identical to the above in each subcontract and, immediately upon receipt of such notice, give written notice to HMD.

21. Patent License

Notwithstanding other conditions stated herein, if Supplier fails in performance according to the terms of this Purchase Order, Supplier, as part of the consideration for this Purchase Order and without further cost to HMD, automatically grants to HMD an irrevocable, non-exclusive, royalty-free right and license to use, sell, manufacture, and cause to be manufactured any and all products, which embody any and all inventions and discoveries made, conceived, or actually reduced to practice by or on behalf of Supplier in connection with a Deliverable under this Purchase Order.

22. Applicable Law

This Purchase order shall be construed and interpreted in accordance with the laws of Finland, excluding its rules for choice of law. All disputes arising out of or in connection with the present Purchase order shall be finally settled under the Rules of Arbitration of the International Chamber of Commerce by one or more arbitrators appointed in accordance with the said Rules. The arbitration shall be held in Helsinki, Finland. The language of the arbitration shall be English. The award shall be final and binding and enforceable in any court of competent jurisdiction. Nothing in the Purchase Order shall be deemed to limit the Parties' rights to seek interim injunctive relief or to enforce an arbitration award in a court of law.

23. Publicity; Use of Trademarks

Supplier will not use any HMD trademark, Nokia trademark/logo or service mark or logo, or cause or permit to be released any publicity, advertisement, news release, public announcement, or denial or confirmation of the same, in whatever form regarding any aspect of this Purchase Order or the relationship between Supplier and HMD without HMD’s prior written approval. If such approval is granted, Supplier may only use HMD trademarks, service marks and logos identified and provided by HMD for the Goods and Services in compliance with prior agreed terms and conditions.

24. Severability

If any court of competent jurisdiction determines that any provision of this Purchase Order is illegal, invalid or unenforceable, or if any terms are illegal, invalid or unenforceable under applicable law, the remaining provisions will remain in full force and effect.

25. Survival

The provisions of this Purchase Order which, by their terms, require performance after the termination or expiration or have application to events that may occur after the termination or expiration of this Purchase Order, will survive the termination or expiration of this Purchase Order. All indemnity obligations will be deemed to survive the termination or expiration of this Purchase Order.

26. Order of priority

In case of the execution of an Agreement between the parties, the terms of the Agreement will supersede the terms of this Purchase order and will be applicable to the parties hereto.

Effective date 25 August 2022

This statement supplements HMD Global Privacy Policy for products and services.

If you wish to purchase HMD’s products on credit or subscribe to them through rent / hire, your credit score may be verified by an independent service provider to determine if the credit can be granted. The credit check process requires that your personal data is combined with the credit score service provider’s data. This supplement describes how your personal data is processed for credit score checks.

Your personal data is processed to determine your credit score as a prerequisite for granting the credit for you to purchase or subscribe to HMD’s devices. If you choose other payment options than credit when purchasing HMD’s products, your credit score is not determined.

How long is the data retained?

Your credit score is retained for the duration of entering into an agreement which permits you to purchase a product on credit or subscribe to a product.

Product purchase and subscription information is retained for 6 years after the purchase / subscription for settlement purposes. For purchases on credit, delivery and shipping data is retained for 6 months after the purchase. For subscription, delivery and shipping data is retained for 5 years after delivery or 1 year after the end of the subscription, whichever is the latest.

Automated decision-making

An acceptable credit score is necessary for entering into a credit contract with HMD. The assessment of your credit score and the consequent decision-making of approving the credit has been automated in order to make fast and accurate decisions without human error. If you wish to request human intervention for the credit decision, express your points of view, or contest the credit decision, please contact HMD at https://www.nokia.com/phones/en_int/support. If you ask HMD to review the decision, please be prepared to provide supporting evidence for your views. We recommend that you obtain a credit report in order to verify if there is financial product mentioned there that you are no longer using and, if relevant in your country, check if your electoral register address is up to date.

HMD ensures that scorecards used to calculate your credit score are validated and tested regularly to ensure that the scores are calculated accurately. The scoring methods are based on objective, consistent and fair criteria in accordance with international standards.

The automated decision-making reviews that you:

• are known in the given address (and, depending on the country, it matches the electoral register),

• have a credit score which is accepted by HMD, and

• are not on known sanction lists.

The credit score takes into consideration the number of your good and delinquent accounts (or no accounts at all) as well as the time you have been registered in the official records. The credit score may also consider the sums of your accounts and the time passed since payments and defaults. The decision-making shall never be based on your characteristics such as religion, race, political beliefs, sexual orientation, disability, or criminal record.

Sources and recipients of the personal data

Your basic information is collected from you when you fill the form to purchase a product on credit or to subscribe to a product. Your credit score is provided by a country-specific credit score provider.

Your information is disclosed to a credit score provider which process your personal data as an independent controller. Country-specific credit score providers are listed below:

Germany

For the purpose of the credit rating/solvency check, Creditreform Boniversum GmbH, Hellersbergstr. 11, 41460 Neuss, Germany, sends us your personal address data and solvency data saved in its database, including score values calculated using actuarial techniques, insofar as we have credibly demonstrated our legitimate interest therein. The calculation of the score value also uses address data amongst other things.

United Kingdom

TransUnion International UK Limited, One Park Lane, Leeds, West Yorkshire, LS3 1EP, United Kingdom acts as the credit reference agency when products are purchased on credit or hired in the United Kingdom. To do this, we will supply your personal information to TransUnion, and they will give us information about you. This will include information from your credit application and about your financial situation and financial history. TransUnion will supply to us both public and shared credit, financial situation and financial history information and fraud prevention information. We will continue to exchange information about you with TransUnion while you have a relationship with us. We will also inform TransUnion about your settled accounts. If you borrow and do not repay in full and on time, TransUnion will record the outstanding debt. This information may be supplied to other organisations by TransUnion. When TransUnion receives a search from us, they will place a search footprint on your credit file that may be seen by other lenders. TransUnion provides a Credit Reference Agency Information Notice known as CRAIN which describes how data is obtained, processed, and shared by TransUnion. CRAIN is available at https://www.transunion.co.uk/crain. Privacy Notice is available at https://www.transunion.co.uk/legal-information/bureau-privacy-notice.

Your payment details are disclosed to the credit score provider.