Drafted on April 20, 2023. Last updated on August 22, 2023.
- Data Controller
Finnature Oy Ltd,
Business ID: 1538984-8
- Contact Person
Name: Kaisa Peltomäki
Contact details: firstname.lastname@example.org
- Register name
Finnature Oy Customer and Marketing Register
- Purpose of the register
The collected personal information is used for building, maintaining, and enhancing customer relationships, communication, as well as marketing products and services. Contents of the Register
- Contents of the register
The information stored in the register includes:
- Contact details, such as the individual’s name, phone number, email address, address
- Information related to companies and organizations
- Details of ordered products and services
- Other information related to customer relationships and ordered services
- Sources of Information
The data stored in the register is obtained from customers through various sources, including online store purchases, messages sent through forms, emails, phone calls, social media services, agreements, customer meetings, and other situations where customers provide their information.
- Regular Disclosures of Data and Transfer of Data Outside the EU or EEA
Data is not routinely disclosed to other parties. Information may be published as agreed with the customer.
- Principles of Register Protection
The processing of the register follows due diligence, and data processed through information systems is adequately protected. When register information is stored on internet servers, both the physical and digital security of the hardware is properly maintained. The data controller ensures that stored information, as well as server access rights and other critical information related to the security of personal data, are handled confidentially and only by employees whose job description involves such access.
- Right to Inspection and Right to Request Data Correction
Individuals listed in the register have the right to review their stored information and request correction of any incorrect information or completion of incomplete information. If a person wishes to review their stored information or request corrections, the request should be sent in writing to the data controller. The data controller may request the requester to provide proof of identity if necessary. The data controller responds to the customer within the timeframe established by the EU GDPR (usually within a month).
- Other Rights Related to the Processing of Personal Data
Individuals listed in the register have the right to request the removal of their personal data from the register (“right to be forgotten”). Likewise, registered individuals have other rights under the EU GDPR, such as restricting the processing of personal data in certain situations. Requests should be sent in writing to the data controller. The data controller may request the requester to provide proof of identity if necessary. The data controller responds to the customer within the timeframe established by the EU GDPR (usually within a month).