Customer Register - Privacy Statement

Date of issue
05/02/2018

Registrar
Maarit Kannala
Teikankaantie 256, IKAALINEN
050 5747573
maarit.kannala@fincumet.fi

Contact person for registry matters:

Maarit Kannala
Teikankaantie 256, IKAALINEN
050 5747573
maarit.kannala@fincumet.fi

The purpose of the register is to maintain the customer information of the company, to manage, archive and process customer orders and to manage the customer relationship.

The information can be used for business development, statistical purposes, and to provide a more personalized, targeted content of our online services. Personal data will be processed within the limits allowed and required by the Personal Data Act.

The information in the register can be used in the company's own registers, for example, to target advertising without disclosing personal information to third parties. Company may use affiliates to maintain customer and service relationships, and due to technical requirements, some registry information may be transferred to the partner's servers. The information is processed solely for the purpose of maintaining the customer relationship of the company through technical interfaces.

The Company shall have the right to publish the information contained in the Customer Register in electronic or written form, unless specifically prohibited by the Customer. In this case, the list refers to, for example, mailing labels for direct advertising or the like. The customer has the right to deny publication by notifying the company customer service, email (email address) or contact person in the registry.

Information content of the register


The personal data file shall contain the following information:

  • The person's first and last name
  • The company / company they represent
  • Email address
  • mailing address
  • Telephone number
  • Information about previous orders
  • Regular sources of information

Information provided about customer purchases made through the company's stores, online service, or customer system announcements while using the service.

Information is provided about customer registrations and customer notifications made during the customer relationship. Updates to your name and contact information are also available from authorities and companies providing update services. Information may also be obtained from subcontractors involved in using or producing the service.

Other customer interactions in the digital environment may be accessed through information systems, or other digital sources that are logged in via electronic invitation (link), cookies, or by using customer IDs.

The customer register information is for company use only, except when using an external service provider, either to provide a value-added service or to support a credit decision. Information will not be disclosed outside the company or for use by any of its affiliates except in connection with a credit application, collection or billing, or as required by law.

Personal data will not be transferred outside the European Union unless this is necessary to ensure the technical implementation of the company or its affiliates.

The personal data of the data subject shall be deleted at the request of a user, unless deletion is prevented by law, open invoices or recovery actions.

Regular disclosure of information

The customer register information is for company use only, except when using an external service provider, either to provide a value-added service or to support a credit decision.

Information will not be disclosed outside the company or for use by any of its affiliates except in connection with a credit application, collection or billing, or as required by law.

The personal data of the data subject shall be destroyed at the request of the user, unless deletion is prevented by law, open invoices or recovery actions.

Transfer of data outside the EU or the EEA

Personal data will not be transferred outside the European Union unless this is necessary to ensure the technical implementation of the company or its affiliates.

Registry Security Principles A: Manually Collected Material

Contact information collected at customer events and other manually processed customer information documents are stored in locked and fire safe storage after initial processing. Only certain employees who have signed a confidentiality commitment have the right to process manually stored customer information.

Registry Security Principles B: Functions handled by a computer

Only certain employees of the company and the companies acting on its behalf have the right to access and maintain the customer owner and customer register.

Each defined user has its own personal username and password. Each user has signed a confidentiality commitment.

The system is protected by a firewall, which protects external access to the system.

Cookies

This site uses cookies. We use cookies to customize the content and ads we provide, to support social media features, and to analyze our traffic. We also share information about how you use our site with our social media, advertising, and analytics partners. Our partners may combine this information with other information you have provided to them or collected when you have used their services. By using our site, you agree to our use of cookies.

The right of inspection

A subject should have a right to verify the information concerning him or her in the register.

The request for verification must be made in written form by contacting the company customer service or the registry contact person in Finnish or English.

The request for verification must be signed.

The subject has the right to prohibit processing and disclosure of his or her data for sales and digital marketing as well as for opinion polling by contacting the company's customer service point.

Other rights related to the processing of personal data

The data subject shall have the right to prohibit the disclosure and processing of their data for direct and other marketing purposes, to request anonymisation of the data, where applicable, and to be completely forgotten.

Right to claim rectification

Personal data in the register which is inaccurate, redundant, incomplete or outdated for the purpose for which they are processed shall be rectified, erased or supplemented.

A repair request must be made in handwritten form, signed and requested to the company customer service or to the personal registry administrator. The request shall identify what information is required to be corrected and on what basis. Repair shall be effected without delay.

The person responsible for the register shall issue a written certificate stating the reasons for the rejection of the request for repair. The data subject may submit the refusal to the EDPS.