Person in charge of the register
Data Protection Officer
Purpose of the register
The personal data collected will be used to:
Customer authentication and access rights management. Customer access and management of the user’s data. to manage the user’s access to the site and to manage the customer relationship.
The basis for the collection and processing of data.
Customer data is collected and processed with the customer’s consent, or for the purpose of implementing a contract with the customer.
Data content of the register
Company Name, E-mail Address, User ID and Password.
Data retention period
Personal data will be kept for as long as necessary for the performance of a contract with the customer or for the development of customer service.
Regular data sources
Data collected in the register:
From the person himself/herself. From the person himself/herself, from registers held by the public authority to the extent permitted by law (e.g. ytj.fi).
Regular disclosures and transfers of data outside the EU or the European Economic Area.
No data will be disclosed outside the company.
Protection of the register
Data is transferred over an SSL-secured connection.
Electronic data is protected by a firewall, usernames and passwords.
Access to the data is restricted to those persons employed by the controller who need the data for their tasks.
No automated individual decisions (Article 22 of the EU General Data Protection Regulation) are taken.
Rights of the data subject
The data subject has the right to check what data relating to him or her have been recorded in the personal data file. A written request for inspection must be signed and sent to the person responsible for the register.
The right of inspection is free of charge and is exercised no more than once a year.
The data subject has the right to request the rectification or erasure of inaccurate or outdated data or the transfer of data from one system to another. They also have the right to restrict or object to the processing of their data in accordance with Articles 18 and 21 of the EU General Data Protection Regulation.
Data subjects have the right to withdraw their prior consent to the processing of their data or to lodge a complaint with a supervisory authority about the processing of their personal data.
Data subjects also have the right to object to the use of their data for direct marketing purposes.