Puusepänliike Hannes Oy
Pappilantie 11
14820 Tuulos
Finland
Business ID: 2078263-6
info@puusepanliikehannes.fi
www.puusepanliikehannes.fi
Hannes Vähäsöyrinki
hannes@puusepanliikehannes.fi
Phone +358 50 089 5510
Puusepänliike Hannes Oy:n asiakasrekisteri.
The personal data is handled for the purposes related to taking care of, managing and developing customer relations, offering and delivering services as well as billing. Personal data is processed also in the event of solving any possible reclamations and claims.
In addition, personal data is handled in communications targeted to customers for informational, news-related and marketing purposes which also covers handling of personal data for direct marketing and electronic direct marketing purposes.
The registrar processes the information itself and utilizes subcontractors for the personal data handling, whom are working on behalf of the registrar.
The legal basis for processing personal data consists of the following criteria of the EU general Privacy Regulation (hereafter referred to as “GDPR”):
The aforementioned registrar’s legitimate interest is based on a necessary and appropriate relationship between the person registered and the registrar as a result of the fact that the person registered is a customer of the registrar and when the processing takes place for purposes that the person registered could reasonably have expected when the personal data was collected and that it took place in the appropriate terms.
In principle, the register contains the following personal data for all persons registered::
Personal data is collected from the registered person himself.
Personal data will also be collected and updated within the applicable legislation from publicly available sources related to the implementation of the customer relationship between the registrar and the person registered and with which the registrar implements the duties of maintaining the customer relations.
The data collected in the register will be kept for as long as necessary and only to the extent needed for the original or compatible purposes for which the personal data has been collected.
The need to maintain personal data is evaluated every five years, and in any case data relating to a registered person is deleted from the register ten years after the date of the end of the relation between the registered customer and the registrar and the obligations and actions related to the customer relationship have been accomplished. For example, accounting records are kept for six years after the end of the financial year.
The registrar assesses regularly the need to maintain the data in accordance with its policies and rules. In addition, the registrar shall conduct all the reasonable procedures to ensure that inaccurate, inaccurate or obsolete personal data relating to the purposes of processing are removed or corrected without delay.
Personal data will not be disclosed to external parties.
Personal data contained in the register will not be transferred outside the EU or EEA.
Materials containing personal data are kept in locked premises accessible only to designated and authorized persons for access due to their duties.
A database containing personal data is stored on a server physically stored in a locked premise accessible only to designated and authorized persons for access due to their duties. The server is protected by an appropriate firewall and technical security.
Access to databases and systems is allowed only with singly provided personal accounts and passwords. The registrar has restricted access rights and authorization to information systems and other storage so that information can only be accessed and processed by persons who are legally required to process them. In addition, events for access for the databases and systems are registered with the controller’s IT system logs.
The registrar’s employees and other persons are committed to follow confidentiality and keep the information they receive in connection with processing of personal data confidential.
The person registered has the following rights under the EU’s general data protection regulation:
Requests for the implementation of the rights of the person registered are addressed to the registrar’s contact person mentioned in section 1.
Puusepänliike Hannes Oy © — Ihan viimesen päälle. — NVL Studio