Personal Data Act Finland (523/99) 10 §
The date this document was drawn 06.11.2013
1. Register holder
Business ID 2189849-7
2. Your data controller protection officer:
3. Name of the register in question
VintagEija`s webshop customer register
4. Why we process personal data
The information of personal data recorded into VintagEija`s webshop customer register is used to create and manage customer relationships, contacting management, advertising purposes and to other matters regarding our web services.
5. Datacontent of our register
To this register we collect personal elementary data like:
- phone number
- email address
6. Regular sources of information
Register holder VintagEija`s registers the information freely provided to us by the customer themselves when using our webshop.
7. Regular transference of information outside the EU or ETA area.
We do not transfer or share any personal data registered in to this register outside EU or ETA areas.
8. Register protection principles
All files using personal data are kept in locked spaces and only few designated persons for their position in the company have access to these files.
The database containing personal data is safe on a sever, under locked doors and only few designated persons for their position in the company have access to this room. The sever in question has been protected with appropriate firewall and technical protection.
Access to these databases and systems is only by separately granted access codes, logins and passwords. Register holder has limited the access and authorizations to these databased and systems, so only the legitimate personnel needed get access to examine and handle these informations. Also the operational event notifications from using these databases and systems will register to the register holders IT-system journals.
Employees of VintagEija’s or its partners whose duties require them to process such data are bound by a secrecy obligation.
9. Right to object
Registered can put a stop to the processing of their personal data usage on direct marketing, distant selling and other forms of direct marketing and advertising and opinion surveys as well as surveys on vital records and genealogical research. The ban must be made in written form and must be indicated to the data controller protection officer.
10. Registered right to examine the data
Registered has a right to examine the personal data collected about them to the register and get a copy of that information. The examination request must be made in written form and must be indicated to the data controller protection officer.
11. Correcting false information
Register holder will correct, delete or refill any information false, incorrect, unnecessary, faulty or outdated on the register in terms of being necessary to the process either by their own will or request by th registered. Registered must be in contact with the data controller protection officer in case they would like to correct any personal information about them on the register.