This is a register and Privacy Statement in accordance with the Personal Data Act of Poikain Parhaat Oy Ltd (Sections 10 and 24) and the EU General Data Protection Regulation (GDPR). Created May 24, 2018. Last modified 17.1.2022.
1. The Registrar
Poikain Parhaat Oy Ltd
Business ID: 2791153-3
Rasulankatu 3, 33730 Tampere, Finland
2. Contact person responsible for the register
Rasulankatu 3, 33730 Tampere, Finland
3. Name of the register
Poikain Parhaat Oy Ltd customer register
4. Legal basis and purpose of the processing of personal data
The legal basis for the processing of personal data under the EU General Data Protection Regulation is the agreement to which the data subject is a party and the legitimate interest of the controller in relation to the customer relationship.
The purpose of personal data processing is personalized customer service, communication with customers, customer relationship management and maintenance, marketing, and the provision and development of company services. The data is not used for automated decision making or profiling.
5. Information content of the register
The information to be recorded in the register is: company / organization, contact person's name, contact information (telephone number, email address, address, business ID), customer group, website addresses, information on subscribed services and changes, billing information, other customer relationship information and information related to customer subscription.
We store customer personal information only for the time necessary to fulfill the purposes described in this privacy statement. Customer information will be deleted at the customer's request.
6. Regular sources of information
Information stored in the register will be obtained from the customer via email, telephone, social media services, messages sent through web forms, contracts, customer meetings, and other situations where a customer discloses their information to a company.
7. Regular disclosures and transfers of information outside the EU or the EEA
Poikain Parhaat discloses information to third parties solely for the purpose of providing the Service. Such third parties include, for example:
Only information that is essential and necessary for the execution of the service will be provided to third parties. The information provided will not be used by third parties for their own purposes. We do not disclose, sell or rent customer information to third parties. Data will not be transferred by the controller outside the EU or the EEA unless it is necessary for the performance of the service.
8. Registry Protection Principles
The records shall be handled with care and the data processed by the information systems shall be appropriately protected. When registry information is stored on Internet servers, the physical and digital security of their hardware is properly taken care of. The data controller shall ensure that the stored information, as well as server access and other information critical to the security of personal data, is treated confidentially and only by the employees whose job description it is part of.
9. Right of access and right to have the data corrected
Every person in the register has the right to verify their data stored in the register and to request the correction of any inaccurate or incomplete information. If a person wishes to verify or request rectification of the information stored about him / her, the request must be sent in writing to the controller. If necessary, the controller may ask the applicant to prove his identity. The controller will respond to the client within the time limit set by the EU Data Protection Regulation (as a rule within one month).
10. Other rights related to the processing of personal data
Any person on the register has the right to request that personal data relating to him be removed from the register ("the right to be forgotten"). Data subjects also have other rights under the EU General Data Protection Regulation, such as limiting the processing of personal data in certain situations. Requests should be sent in writing to the controller by email. If necessary, the controller may ask the applicant to prove his identity. The controller will respond to the client within the time limit set by the EU Data Protection Regulation (as a rule within one month).