Privacy statement


This is Matti Punakallio Ky's Privacy Policy. We process our customers' personal data in accordance with the EU Data Protection Regulation (GDPR) and Finnish national data protection legislation.
Prepared on May 22, 2018. Last modified: 22.05.2018.

REGISTRAR
Matti Punakallio Ky
Kalhontie 459, 19630 Hartola
info@krouvin.com
www.krouvin.com

REGISTER CONTACT PERSON AND DATA PROTECTION OFFICER
Matti Punakallio
Matti Punakallio Ky
Kalhontie 459, 19630 Hartola
info@krouvin.com
www.krouvin.com

NAME OF THE REGISTER AND BASIS OF MAINTENANCE
Customer register in accordance with §19 of the Personal Data Act

LEGAL BASIS AND PURPOSE OF THE PROCESSING OF PERSONAL DATA
The legal basis for the processing of personal data is consent, a legitimate interest or an agreement to which the data subject is a party.

The controller shall process personal data for the following purposes:

  • communication with customers

  • customer relationship management

  • providing and providing data controller services to customers

  • contractual invoicing of services and control of payments


The data is not used for automated decision making or profiling.

REGISTER RELATED SITE


INFORMATION CONTENT OF THE REGISTER
The register may contain the following personal data collected and stored:

  • The name of the person

  • address

  • telephone number

  • email address

  • organization

  • the position of the person in the organization

  • Website address

  • customer number

  • billing information

  • additional information related to the service order or customer relationship


In this register description and data protection policy, Matti Punakallio Ky (hereinafter the company) refers to the user by whom the company means persons, customers, companies, communities, entrepreneurs and the media who visit the site. the Accounting Act on the retention of supporting documents.

PURPOSE OF DATA COLLECTION
The personal data in the register is used to communicate with users on the e-mail list and to manage and maintain the customer relationship between the company and the customers. The user's personal data may be processed for the following purposes:

  • maintaining, managing and developing the customer relationship

  • implementation of services

  • verification of customer and visitor transactions

  • customer service, operations and website development

  • conducting opinion and market research

  • aftermarket using Facebook, Google, and email marketing tools

  • marketing of products and services and data statistics and analysis

  • implementation of partnership marketing


The user is informed about news and current events on the sites in accordance with the Personal Data Act. By using the Services, you agree that the Company may also send direct marketing, direct mail, opinion, marketing research material and / or other similar addressed mails via e-mail, if necessary.

PAYMENT TRANSACTION INFORMATION
Matti Punakallio Ky's billing information is stored in the accounting program and is only entitled to be used by Matti Punakallio Ky's employees and the accounting firm. The data shall be kept only for as long as is necessary or for a period based on e.g. the Accounting Act on the retention of supporting documents. Customer and billing information is protected by a username and password and is located on servers monitored and protected by the accounting firm.

REGULAR SOURCES OF INFORMATION
With the consent of the customer, the information about the customers is obtained from him / herself in person, by e-mail, telephone, via a website or via social media. Information may also be obtained through the use of cookies or other similar technologies.

REGULAR DATA TRANSFERS AND TRANSFERS OUTSIDE THE EU OR THE EEA
Data from users on the e-mail list (e-mail address) will be transferred to software outside the EU or the European Economic Area:

  • Wixin Shout Out newsletter tool


In principle, the information will not be disclosed to third parties. As a general rule, the information will not be disclosed outside the EU or the European Economic Area, except for the newsletter tool. The information collected in the registers will not be disclosed outside the company for marketing, sales, opinion or market research purposes. However, personal data may be disclosed to the authorities in accordance with Finnish law upon request. The register is stored in the information system and is protected and located in such a way that unauthorized parties do not have access to the register information.

PRINCIPLES OF PROTECTION OF THE REGISTER
We process personal data in accordance with the EU Data Protection Regulation and Finnish national legislation. The register shall be handled with due care and the data processed by the information systems shall be adequately protected. Only those employees who need the information in question in the course of their work have access to the register in the system. You can only log in to the system with a personal username and password. The information is collected in databases that are protected by firewalls, passwords or other technical means. Staff are bound by absolute confidentiality. Access to the data requires the entry of a password or username and password. Only Matti Punakallio Ky's personnel have access to and are entitled to use the information contained in the register stored in the system. Only Matti Punakallio Ky's personnel and accounting firm have access to and are entitled to use invoicing and accounting information. Billing and accounting information is protected by the software provider used by the accounting firm.

RIGHT OF INSPECTION AND CORRECTION (PERSONAL DATA ACT § 26) AND OTHER RIGHTS RELATED TO THE PROCESSING OF PERSONAL DATA
The user of the site has the following rights:

  • Get information about personal information about yourself

  • Restricts the processing of personal information in the company

  • Correct any information about yourself that you think is incorrect

  • The right to be forgotten

  • The right to withdraw previously given consent to the processing of its data

  • Right to transfer data


In accordance with section 26 of the Personal Data Act, a user in the register has the right to check what information concerning him or her has been stored in the register. The inspection request must state that the request concerns the register information in Matti Punakallio Ky's customer register. In the inspection request, the customer must provide his name, contact information and telephone number. The inspection request must be sent in writing and signed to Matti Punakallio Ky, Kalhontie 459, 19630 Hartola. It is recommended to use the form available on the EDPS website to execute the request for verification. If necessary, the controller may ask the applicant to prove his or her identity.

If there are errors in the data, the user can submit a request to the registry contact person to correct the error. A request for rectification must always be made in writing. The request must justify and specify exactly what information is required to be corrected, what the user considers to be the correct information and how the correction is requested. If necessary, the controller may ask the applicant to prove his or her identity.

The user has the right to prohibit the registry administrator from processing information about him or her for direct advertising, distance selling or other direct marketing, as well as for market and opinion research.

REPORTING OF INFRINGEMENTS
Because no method of data transmission or electronic storage on the Internet is completely secure, no company can guarantee complete security. If a company becomes aware of a security breach, it notifies the users concerned so that they can take the necessary action. The Company undertakes to inform its customers of all matters relating to the security of their accounts and to provide them with all necessary information to enable them to comply with their own statutory reporting obligations.

OBLIGATIONS OF THE USER
Keeping the user's information secure also requires care from the user. You ensure the security of your own accounts by using passwords that are sufficiently complex, changing them regularly, and maintaining them properly. The user must also ensure the safety of his own equipment.

SECURITY OF MINORS
As a rule, the company's paid services are not intended for minors, ie persons under the age of 18. However, a minor is allowed to use paid services if his or her parents accept the use of the service and pay for the service on behalf of the minor. The company does not knowingly collect personal information about a minor.

LINKS TO THIRD PARTY WEBSITES
Matti Punakallio Ky's website may contain links to third party websites. The linked websites are not under the control of the company and it is not responsible for the content of any third party websites or the links contained in the websites. If you access a linked website, you should familiarize yourself with that website's privacy policy, collection of cookies and other applicable terms of use before using the service or site.

AMENDMENTS TO THE DATA PROTECTION AND REGISTER STATEMENT
The Data Protection and Registry Statement is reviewed and, if necessary, updated twice a year. Changes will be announced immediately upon the update. By using the Sites, you automatically agree to the new Privacy and Registry Statement. If you do not accept them, you should stop using the pages immediately.

OTHER POSSIBLE RIGHTS
The user has the right to make a complaint if the user is dissatisfied with the handling of the complaint sent to the company. The complaint is made to the supervisory authority: http://www.tietosuoja.fi/fi/index/yhteoduction.html, tietosuoja@om.fi

FOR MORE INFORMATION
For questions related to the register, you can contact Matti Punakallio Ky by e-mail, info@krouvin.com.