Prepared on May 22, 2018. Last modified: 22.05.2018.
Matti Punakallio Ky
Kalhontie 459, 19630 Hartola
REGISTER CONTACT PERSON AND DATA PROTECTION OFFICER
Matti Punakallio Ky
Kalhontie 459, 19630 Hartola
NAME OF THE REGISTER AND BASIS OF MAINTENANCE
Customer register in accordance with §19 of the Personal Data Act
LEGAL BASIS AND PURPOSE OF THE PROCESSING OF PERSONAL DATA
The legal basis for the processing of personal data is consent, a legitimate interest or an agreement to which the data subject is a party.
The controller shall process personal data for the following purposes:
communication with customers
customer relationship management
providing and providing data controller services to customers
contractual invoicing of services and control of payments
The data is not used for automated decision making or profiling.
REGISTER RELATED SITE
INFORMATION CONTENT OF THE REGISTER
The register may contain the following personal data collected and stored:
The name of the person
the position of the person in the organization
additional information related to the service order or customer relationship
In this register description and data protection policy, Matti Punakallio Ky (hereinafter the company) refers to the user by whom the company means persons, customers, companies, communities, entrepreneurs and the media who visit the site. the Accounting Act on the retention of supporting documents.
PURPOSE OF DATA COLLECTION
The personal data in the register is used to communicate with users on the e-mail list and to manage and maintain the customer relationship between the company and the customers. The user's personal data may be processed for the following purposes:
maintaining, managing and developing the customer relationship
implementation of services
verification of customer and visitor transactions
customer service, operations and website development
conducting opinion and market research
aftermarket using Facebook, Google, and email marketing tools
marketing of products and services and data statistics and analysis
implementation of partnership marketing
The user is informed about news and current events on the sites in accordance with the Personal Data Act. By using the Services, you agree that the Company may also send direct marketing, direct mail, opinion, marketing research material and / or other similar addressed mails via e-mail, if necessary.
PAYMENT TRANSACTION INFORMATION
Matti Punakallio Ky's billing information is stored in the accounting program and is only entitled to be used by Matti Punakallio Ky's employees and the accounting firm. The data shall be kept only for as long as is necessary or for a period based on e.g. the Accounting Act on the retention of supporting documents. Customer and billing information is protected by a username and password and is located on servers monitored and protected by the accounting firm.
REGULAR SOURCES OF INFORMATION
REGULAR DATA TRANSFERS AND TRANSFERS OUTSIDE THE EU OR THE EEA
Data from users on the e-mail list (e-mail address) will be transferred to software outside the EU or the European Economic Area:
Wixin Shout Out newsletter tool
In principle, the information will not be disclosed to third parties. As a general rule, the information will not be disclosed outside the EU or the European Economic Area, except for the newsletter tool. The information collected in the registers will not be disclosed outside the company for marketing, sales, opinion or market research purposes. However, personal data may be disclosed to the authorities in accordance with Finnish law upon request. The register is stored in the information system and is protected and located in such a way that unauthorized parties do not have access to the register information.
PRINCIPLES OF PROTECTION OF THE REGISTER
We process personal data in accordance with the EU Data Protection Regulation and Finnish national legislation. The register shall be handled with due care and the data processed by the information systems shall be adequately protected. Only those employees who need the information in question in the course of their work have access to the register in the system. You can only log in to the system with a personal username and password. The information is collected in databases that are protected by firewalls, passwords or other technical means. Staff are bound by absolute confidentiality. Access to the data requires the entry of a password or username and password. Only Matti Punakallio Ky's personnel have access to and are entitled to use the information contained in the register stored in the system. Only Matti Punakallio Ky's personnel and accounting firm have access to and are entitled to use invoicing and accounting information. Billing and accounting information is protected by the software provider used by the accounting firm.
RIGHT OF INSPECTION AND CORRECTION (PERSONAL DATA ACT § 26) AND OTHER RIGHTS RELATED TO THE PROCESSING OF PERSONAL DATA
The user of the site has the following rights:
Get information about personal information about yourself
Restricts the processing of personal information in the company
Correct any information about yourself that you think is incorrect
The right to be forgotten
The right to withdraw previously given consent to the processing of its data
Right to transfer data
In accordance with section 26 of the Personal Data Act, a user in the register has the right to check what information concerning him or her has been stored in the register. The inspection request must state that the request concerns the register information in Matti Punakallio Ky's customer register. In the inspection request, the customer must provide his name, contact information and telephone number. The inspection request must be sent in writing and signed to Matti Punakallio Ky, Kalhontie 459, 19630 Hartola. It is recommended to use the form available on the EDPS website to execute the request for verification. If necessary, the controller may ask the applicant to prove his or her identity.
If there are errors in the data, the user can submit a request to the registry contact person to correct the error. A request for rectification must always be made in writing. The request must justify and specify exactly what information is required to be corrected, what the user considers to be the correct information and how the correction is requested. If necessary, the controller may ask the applicant to prove his or her identity.
The user has the right to prohibit the registry administrator from processing information about him or her for direct advertising, distance selling or other direct marketing, as well as for market and opinion research.
REPORTING OF INFRINGEMENTS
Because no method of data transmission or electronic storage on the Internet is completely secure, no company can guarantee complete security. If a company becomes aware of a security breach, it notifies the users concerned so that they can take the necessary action. The Company undertakes to inform its customers of all matters relating to the security of their accounts and to provide them with all necessary information to enable them to comply with their own statutory reporting obligations.
OBLIGATIONS OF THE USER
Keeping the user's information secure also requires care from the user. You ensure the security of your own accounts by using passwords that are sufficiently complex, changing them regularly, and maintaining them properly. The user must also ensure the safety of his own equipment.
SECURITY OF MINORS
As a rule, the company's paid services are not intended for minors, ie persons under the age of 18. However, a minor is allowed to use paid services if his or her parents accept the use of the service and pay for the service on behalf of the minor. The company does not knowingly collect personal information about a minor.
LINKS TO THIRD PARTY WEBSITES
AMENDMENTS TO THE DATA PROTECTION AND REGISTER STATEMENT
The Data Protection and Registry Statement is reviewed and, if necessary, updated twice a year. Changes will be announced immediately upon the update. By using the Sites, you automatically agree to the new Privacy and Registry Statement. If you do not accept them, you should stop using the pages immediately.
OTHER POSSIBLE RIGHTS
The user has the right to make a complaint if the user is dissatisfied with the handling of the complaint sent to the company. The complaint is made to the supervisory authority: http://www.tietosuoja.fi/fi/index/yhteoduction.html, email@example.com
FOR MORE INFORMATION
For questions related to the register, you can contact Matti Punakallio Ky by e-mail, firstname.lastname@example.org.