{"id":5442,"date":"2026-04-30T14:57:38","date_gmt":"2026-04-30T13:57:38","guid":{"rendered":"https:\/\/www.withsecure.com\/?page_id=5442"},"modified":"2026-06-04T10:35:32","modified_gmt":"2026-06-04T09:35:32","slug":"personal-data-record","status":"publish","type":"page","link":"https:\/\/www.withsecure.com\/en\/about-us\/vulnerability-reward-program\/personal-data-record\/","title":{"rendered":"Personal data record"},"content":{"rendered":"<section\n    class=\"wp-block-two-column-block edwp-block js-wp-block-two-column-block wp-block-two-column-block--content-1 wp-block-two-column-block__left--align-y-middle wp-block-two-column-block__right--align-y-middle wp-block-two-column-block--split-50-50 layout--spacing-xxxl-top layout--spacing-xxxl-bottom\"\n    data-block-id=\"block_741eeab68d7c8ed765ec6b54942b970e\"\n    >\n    <div class=\"wp-block-two-column-block__container row-load\">\n                                                        <div class=\"wp-block-two-column-block__left\">\n                                <div class=\"wp-component-content wp-component-content--default wp-block-two-column-block__content \">\n            <h1 class=\"wp-component-heading text--h2 wp-component-content__title\">\n    Personal <span class=\"blue-text\">data record.<\/span><\/h1>                    <div class=\"wp-component-content__inner\">\n                                    <div class=\"wp-component-content__content wysiwyg\">\n                        <div class=\"wp-component-paragraph \">\n    <p>Vulnerability Reward Program Payment Information<\/p>\n<\/div>\n                    <\/div>\n                                                            <\/div>\n                <\/div>                <\/div>\n                                                <div class=\"wp-block-two-column-block__right\">\n                                                <\/div>\n                        <\/div>\n<\/section>\n\n\n<section\n    class=\"wp-block-one-column-block edwp-block js-wp-block-one-column-block wp-block-one-column-block--content-1 layout--spacing-xxxl-top layout--spacing-xxxl-bottom\"\n    >\n    <div class=\"wp-block-one-column-block__container\">\n                                                                                                                            <div class=\"wp-component-content wp-component-content--default wp-block-one-column-block__content fade-in\">\n            <h2 class=\"wp-component-heading text--h2 wp-component-content__title\">\n    We respect and value your <span class=\"blue-text\">rights to privacy.<\/span><\/h2>                    <div class=\"wp-component-content__inner\">\n                                    <div class=\"wp-component-content__content wysiwyg\">\n                        <div class=\"wp-component-paragraph \">\n    <p>However, you may be asked to provide particular information in order for us to proceed with the reward payment.<\/p>\n<p>Information on what data are being collected, how we handle personal data, and your rights as the data subject are described in the table below.<\/p>\n<\/div>\n                    <\/div>\n                                                            <\/div>\n                <\/div>                                                                                <\/div>\n<\/section>\n\n\n<section\n    class=\"wp-block-two-column-block edwp-block js-wp-block-two-column-block wp-block-two-column-block--content-1 wp-block-two-column-block__left--align-y-top wp-block-two-column-block__right--align-y-top wp-block-two-column-block--split-sidebar layout--spacing-xxxl-top layout--spacing-xxxl-bottom\"\n    data-block-id=\"block_6bb64368bc6de27824ced6a9ab90701e\"\n    >\n    <div class=\"wp-block-two-column-block__container row-load\">\n                                                        <div class=\"wp-block-two-column-block__left\">\n                                <nav\n    class=\"wp-component-content-navigation wp-block-two-column-block__content-nav js-content-navigation\"\n    data-bem-base=\"wp-component-content-navigation\"\n    data-nav-column=\"left\"\n    data-nav-type=\"auto\"\n>\n    \n    <div class=\"wp-component-content-navigation__mobile\">\n        <label class=\"wp-component-content-navigation__mobile-label\">\n            <span class=\"wp-component-content-navigation__mobile-label-text\">\n                Content navigation            <\/span>\n            <select class=\"wp-component-content-navigation__select js-content-navigation-select\">\n                <option value=\"\">\n                    Select a section                <\/option>\n                            <\/select>\n        <\/label>\n    <\/div>\n\n    <div class=\"wp-component-content-navigation__desktop\">\n        <div class=\"wp-component-content-navigation__list-wrapper\">\n            <span\n                class=\"wp-component-content-navigation__indicator js-content-navigation-indicator\"\n                aria-hidden=\"true\"\n            ><\/span>\n            <ul class=\"wp-component-content-navigation__list js-content-navigation-list\">\n                            <\/ul>\n        <\/div>\n    <\/div>\n<\/nav>\n                <\/div>\n                                                <div class=\"wp-block-two-column-block__right\">\n                                <div class=\"wp-component-paragraph wp-block-two-column-block__paragraph \">\n    <h2>Controller<\/h2>\n<p>WIthSecure Corporation<br \/>\nBusiness ID FI0705579-2<\/p>\n<p>WithSecure Oyj<br \/>\nV\u00e4limerenkatu 1<br \/>\n00180 Helsinki<br \/>\nFinland<\/p>\n<p>+358 9 2520 0700<\/p>\n<h2>Contact person for privacy issues related to registry<\/h2>\n<p>Kiran Krishnappa (CISO Office)<\/p>\n<p>The primary contact point is by email to security@withsecure.com. Non-electronic communication should be directed to the postal address above, addressed to the contact person(s).<\/p>\n<h2>Name of the description of a file<\/h2>\n<p>Payment information for WithSecure Vulnerability Reward Program \u2014 complimentary and part of WithSecure Business and Service data files<\/p>\n<h2>The purpose of processing personal data<\/h2>\n<ul>\n<li>Paying, tracking and auditing vulnerability rewards related to the WithSecure Vulnerability Reward Program (a.k.a. Bug Bounty Program)<\/li>\n<li>Informing the Finnish Tax Administration of vulnerability reward payments<\/li>\n<\/ul>\n<h2>Registry contents<\/h2>\n<p>Data subjects are recipients of vulnerability reward payments (a &#8220;recipient&#8221;, below) and are asked to provide the following information.<\/p>\n<ol role=\"list\">\n<li>Name of the recipient<\/li>\n<li>Postal address of the recipient<\/li>\n<li>Birth date of the recipient<\/li>\n<li>Depending on the recipient&#8217;s financial institution and its location, either<\/li>\n<li>\n<ol role=\"list\">\n<li>The International Bank Account Number (IBAN) and the Bank Identifier Code (BIC) of the recipient, or<\/li>\n<li>IBAN (optional), BIC (optional), account holder name, account number, and bank branch details of the recipient<\/li>\n<\/ol>\n<\/li>\n<li>For recipients taxed in Finland, their Finnish personal ID number (&#8220;henkil\u00f6tunnus&#8221;)<\/li>\n<\/ol>\n<h2>Legal grounds<\/h2>\n<p>We need to collect and process the above data to be able to perform our part of mutual contract created upon your participation to our Vulnerability Reward Program.<\/p>\n<h2>Regular sources of information<\/h2>\n<p>Data is provided by the recipient of the reward upon request.<\/p>\n<h2>Retention<\/h2>\n<p>We store the above data for 6 months, after which we will delete it, except where we are required to store information on outgoing payments.<\/p>\n<h2>Regular destinations of disclosed data<\/h2>\n<p>1. The financial institution(s) that are used to perform the payment. For Single Euro Payments Area (SEPA) payments, this includes data items 1, 2, and 4.1; for non-SEPA payments, data items 1, 2, and 4.2 from the Registry content list.<\/p>\n<p>2. Finnish Tax Administration.<\/p>\n<ul>\n<li>For recipients taxed in Finland, this includes data items 1, 2, and 5; for recipients not taxed in Finland, this includes data items 1, 2, and 3 from the Registry content list.<\/li>\n<li>Some of WithSecure&#8217;s affiliated companies are located outside the European Economic Area (EEA). Where personal data is transferred from the EEA to outside of the EEA, WithSecure undertakes to safeguard the security and integrity of processing by appropriate safeguards as required by the law by imposing appropriate contractual safeguards towards such data importers, e.g., by using data transfer clauses approved by the European Union.<\/li>\n<\/ul>\n<h2>Description of the principles in accordance to which the data file has been secured<\/h2>\n<p>Physical Security<\/p>\n<p>The data files are physically secured in an internal and\/or external fully classed data centers\/facilities, which require full identification by relevant security personal for authorized personnel staff on register, before being able to access the physical data files.<\/p>\n<p>Information Security<\/p>\n<p>Only authorized personnel on register with correct user id and password are allowed and able to access the relevant information systems. Log auditing is in place and always activated.<\/p>\n<p>We strongly suggest that the reward recipients send the information to us in an encrypted email.<\/p>\n<h2>Your rights<\/h2>\n<p>You have the right to the data that we have on you. In particular, you have the following rights to the personal data that we hold on you:<\/p>\n<ul>\n<li>Access and rectification<br \/>\nYou have the right to ask us what personal data we have on you and to get a copy of the data that we can identify pertaining to you in this context. Should you find any errors (e.g. obsolete information) in such data, we urge you to contact our customer care to resolve the issue. Some of our service portals allow you to update your customer information. For such, you should update any changes to your personal data, for example, change of address or email address. If you cannot update the changes yourself, you may inform us of the necessary changes.<\/li>\n<li>Right to be forgotten<br \/>\nYou also have the right to request us to cease storing your personal data and erase it. In this case you need to establish a legally valid rationale for your request.<\/li>\n<li>Portability<br \/>\nYou also have the right to ask for personal data that you yourself have provided \u2013 pursuant to a contract or your consent. You may request the data in a structured, commonly used and machine-readable format and further that the data is transmitted to another controller, where technically feasible.<\/li>\n<li>Restriction<br \/>\nIf you establish that the data we have on you is incorrect or we have no legal right to use it, you may request us to cease any further processing of your personal data, and merely keep it in store, until the issue is resolved.<\/li>\n<\/ul>\n<p>You have the right to the data that we have on you. In particular, you have the following rights to the personal data that we hold on you:<\/p>\n<p>1. Access and rectification<br \/>\nYou have the right to ask us what personal data we have on you and to get a copy of the data that we can identify pertaining to you in this context. Should you find any errors (e.g. obsolete information) in such data, we urge you to contact our customer care to resolve the issue. Some of our service portals allow you to update your customer information. For such, you should update any changes to your personal data, for example, change of address or email address. If you cannot update the changes yourself, you may inform us of the necessary changes.<\/p>\n<p>2. Right to be forgotten<br \/>\nYou also have the right to request us to cease storing your personal data and erase it. In this case you need to establish a legally valid rationale for your request.<\/p>\n<p>3. Portability<br \/>\nYou also have the right to ask for personal data that you yourself have provided \u2013 pursuant to a contract or your consent. You may request the data in a structured, commonly used and machine-readable format and further that the data is transmitted to another controller, where technically feasible.<\/p>\n<p>4. Restriction<br \/>\nIf you establish that the data we have on you is incorrect or we have no legal right to use it, you may request us to cease any further processing of your personal data, and merely keep it in store, until the issue is resolved.<\/p>\n<p>Note that there may be situations where our confidentiality obligations, our right of professional secrecy, and\/or our obligations to provide our services (e.g. to your employer) may prohibit us from disclosing or deleting your personal data or otherwise prevent you from exercising your rights.<\/p>\n<p>If you have any complaints about how we process your personal data, or would like further information, please contact us at any time. If you feel that we are not enabling your statutory rights, you have the right to lodge a complaint with a supervisory authority. In most cases, this authority is the Finnish Data Protection Ombudsman <a href=\"http:\/\/tietosuoja.fi\" target=\"_blank\" rel=\"noopener\">(tietosuoja.fi).<\/a><\/p>\n<h2>Changes<\/h2>\n<p>WithSecure reserves the right to change this description of a file from time-to-time to comply with its legal obligations.<\/p>\n<h2>Right of access<\/h2>\n<p>Data subjects have the legal rights to access their data as defined in the applicable Finnish data protection legislation.<\/p>\n<\/div>\n                <\/div>\n                        <\/div>\n<\/section>\n\n\n<section\n    class=\"wp-block-logos edwp-block js-wp-block-logos layout--spacing-xxxl-top layout--spacing-xxxl-bottom\"\n    >\n    <div class=\"wp-block-logos__container\">\n        <div class=\"wp-block-logos__box\">\n            <h2 class=\"wp-component-heading text--h3 wp-component-content__title fade-in\">\n    Our accreditations <span class=\"blue-text\">and certificates<\/span><\/h2>            <div class=\"swiper wp-block-logos__swiper js-wp-block-logos-swiper\">\n                <div class=\"swiper-wrapper wp-block-logos__swiper-wrapper row-load\">\n                                            <div class=\"swiper-slide wp-block-logos__slide wp-block-logos__logo\">\n                            <img loading=\"lazy\" decoding=\"async\" width=\"146\" height=\"146\" src=\"https:\/\/www.withsecure.com\/wp-content\/smush-webp\/2025\/11\/Group-811998.png.webp\" class=\"attachment-logo size-logo\" alt=\"\" \/>                        <\/div>\n                                            <div class=\"swiper-slide wp-block-logos__slide wp-block-logos__logo\">\n                            <img loading=\"lazy\" decoding=\"async\" width=\"146\" height=\"146\" src=\"https:\/\/www.withsecure.com\/wp-content\/smush-webp\/2025\/11\/Group-811997.png.webp\" class=\"attachment-logo size-logo\" alt=\"\" \/>                        <\/div>\n                                            <div class=\"swiper-slide wp-block-logos__slide wp-block-logos__logo\">\n                            <img loading=\"lazy\" decoding=\"async\" width=\"146\" height=\"146\" src=\"https:\/\/www.withsecure.com\/wp-content\/smush-webp\/2025\/11\/Group-811999.png.webp\" class=\"attachment-logo size-logo\" alt=\"\" \/>                        <\/div>\n                                            <div class=\"swiper-slide wp-block-logos__slide wp-block-logos__logo\">\n                            <img loading=\"lazy\" decoding=\"async\" width=\"143\" height=\"146\" src=\"https:\/\/www.withsecure.com\/wp-content\/smush-webp\/2025\/11\/SAE3000ii-143x146.png.webp\" class=\"attachment-logo size-logo\" alt=\"\" srcset=\"https:\/\/www.withsecure.com\/wp-content\/smush-webp\/2025\/11\/SAE3000ii-143x146.png.webp 143w, https:\/\/www.withsecure.com\/wp-content\/smush-webp\/2025\/11\/SAE3000ii.png.webp 288w\" sizes=\"auto, (max-width: 143px) 100vw, 143px\" \/>                        <\/div>\n                                            <div class=\"swiper-slide wp-block-logos__slide wp-block-logos__logo\">\n                            <img loading=\"lazy\" decoding=\"async\" width=\"146\" height=\"146\" src=\"https:\/\/www.withsecure.com\/wp-content\/smush-webp\/2025\/11\/iso27001-146x146.png.webp\" class=\"attachment-logo size-logo\" alt=\"\" srcset=\"https:\/\/www.withsecure.com\/wp-content\/smush-webp\/2025\/11\/iso27001-146x146.png.webp 146w, https:\/\/www.withsecure.com\/wp-content\/smush-webp\/2025\/11\/iso27001-300x300.png.webp 300w, https:\/\/www.withsecure.com\/wp-content\/smush-webp\/2025\/11\/iso27001-150x150.png.webp 150w, https:\/\/www.withsecure.com\/wp-content\/smush-webp\/2025\/11\/iso27001.png.webp 400w\" sizes=\"auto, (max-width: 146px) 100vw, 146px\" \/>                        <\/div>\n                                            <div class=\"swiper-slide wp-block-logos__slide wp-block-logos__logo\">\n                            <img loading=\"lazy\" decoding=\"async\" width=\"241\" height=\"200\" src=\"https:\/\/www.withsecure.com\/wp-content\/uploads\/2026\/04\/cybersecurity-made-in-europe.svg\" class=\"attachment-logo size-logo\" alt=\"\" \/>                        <\/div>\n                                    <\/div>\n            <\/div>\n        <\/div>\n        <div class=\"wp-block-logos__nav fade-in\">\n            <div class=\"wp-block-logos__pagination js-wp-block-logos-pagination\">\n            <\/div>\n            <div class=\"wp-block-logos__nav-arrow js-wp-block-logos-nav-prev\">\n                <svg class='edwp-icon edwp-icon--reg js-icon ' aria-hidden='true'>\n                <use xlink:href='#chevron'><\/use>\n            <\/svg>            <\/div>\n            <div class=\"wp-block-logos__nav-arrow js-wp-block-logos-nav-next\">\n                <svg class='edwp-icon edwp-icon--reg js-icon ' aria-hidden='true'>\n                <use xlink:href='#chevron'><\/use>\n            <\/svg>            <\/div>\n        <\/div>\n    <\/div>\n<\/section>\n","protected":false},"excerpt":{"rendered":"","protected":false},"author":3,"featured_media":0,"parent":5388,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_acf_changed":false,"footnotes":""},"class_list":["post-5442","page","type-page","status-publish","hentry"],"acf":[],"card":"<div class=\"wp-component-card-insight js-card-link wp-component-card-insight--highlighted\">\n    <div class=\"wp-component-card-insight__image-wrapper\">\n        <img width=\"618\" height=\"440\" src=\"https:\/\/www.withsecure.com\/wp-content\/uploads\/2026\/05\/placeholder.jpg\" class=\"wp-component-card-insight__image\" alt=\"\" decoding=\"async\" loading=\"lazy\" srcset=\"https:\/\/www.withsecure.com\/wp-content\/uploads\/2026\/05\/placeholder.jpg 618w, https:\/\/www.withsecure.com\/wp-content\/uploads\/2026\/05\/placeholder-300x214.jpg 300w, https:\/\/www.withsecure.com\/wp-content\/uploads\/2026\/05\/placeholder-447x318.jpg 447w, https:\/\/www.withsecure.com\/wp-content\/uploads\/2026\/05\/placeholder-205x146.jpg 205w\" sizes=\"auto, (max-width: 618px) 100vw, 618px\" \/>                    <p class=\"wp-component-card-insight__content-type\">Page<\/p>\n            <\/div>\n    <div class=\"wp-component-card-insight__content\">\n                            <h3 class=\"wp-component-card-insight__title\">Personal data record<\/h3>\n                                                    <div class=\"wp-component-card-insight__button-wrapper\">\n                <a class=\"wp-component-button btn btn--primary btn--dark wp-component-card-insight__button btn--small\" href=\"https:\/\/www.withsecure.com\/en\/about-us\/vulnerability-reward-program\/personal-data-record\/\">Read more<\/a>            <\/div>\n            <\/div>\n<\/div>","_links":{"self":[{"href":"https:\/\/www.withsecure.com\/en\/wp-json\/wp\/v2\/pages\/5442","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.withsecure.com\/en\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/www.withsecure.com\/en\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/www.withsecure.com\/en\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.withsecure.com\/en\/wp-json\/wp\/v2\/comments?post=5442"}],"version-history":[{"count":12,"href":"https:\/\/www.withsecure.com\/en\/wp-json\/wp\/v2\/pages\/5442\/revisions"}],"predecessor-version":[{"id":11988,"href":"https:\/\/www.withsecure.com\/en\/wp-json\/wp\/v2\/pages\/5442\/revisions\/11988"}],"up":[{"embeddable":true,"href":"https:\/\/www.withsecure.com\/en\/wp-json\/wp\/v2\/pages\/5388"}],"wp:attachment":[{"href":"https:\/\/www.withsecure.com\/en\/wp-json\/wp\/v2\/media?parent=5442"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}