PRIVACY
CUSTOMER REGISTER - PRIVACY STATEMENT
Date of issue 19.01.2021
REGISTRAR
​
Oy Savon Mafia Ab
Business ID: 1104044-6
Puistokatu 4
57100 Savonlinnna
info@savonmafia.fi
​
CONTACT PERSON REGARDING REGISTRY MATTERS
Janne Kupiainen
0443549621
janne@savonmafia.fi
​
​
NAME OF THE REGISTER
​
Purpose of processing personal data The purpose of the register is to maintain the company's customer register, manage, archive and process customer orders and manage the customer relationship. The information may be used to develop the company's operations, for statistical purposes and to produce more personalized targeted content on our online services. Personal data is processed within the limits permitted and required by the Personal Data Act. The information in the register can be used in the company's own registers, for example, to target advertising without disclosing personal data to third parties. The Company may use partners to maintain a customer and service relationship, in which case portions of the registry information may be transferred to the partner's servers due to technical requirements. The data is processed only for the maintenance of the company's customer relationship through technical interfaces. The company has the right to publish the information contained in the customer register in electronic or written form, unless the customer specifically prohibits it. In this case, the list means, for example, mailing labels for direct mail or the like. The customer has the right to refuse to publish the information by notifying the company's customer service, by e-mail (e-mail address) or to the contact person of the register.
​
CONTENTS OF THE REGISTER The PERSONAL REGISTER CONTAINS THE FOLLOWING INFORMATION:
​
- The person's first and last name
- The community they represent
- Email address
- Postal address
- Phone number
- Information on previous orders
​
​
​
REGULAR SOURCES OF INFORMATION
​
Information is obtained about purchases made by the customer at the company's stores, online service or resellers, as well as notifications related to the customer system during the use of the service. Information is obtained from registrations made by the customer and from notifications made by the customer during the customer relationship. Updates to your name and contact information are also available from the authorities and companies that provide update services. Information may also be obtained from subcontractors involved in the use or provision of the service. Information about other activities of customers in the digital environment can be obtained from partner sites, information systems or other digital sources, which are accessed via an electronic invitation (link), cookies or by using the IDs provided to customers. The information in the customer register is only available to the company, except when using an external service provider either to provide a value-added service or to support a credit decision. The information will not be disclosed outside the company or for the use of its partners, except in matters related to credit applications, collection or invoicing, and when required by law. Personal data will not be transferred outside the European Union unless it is necessary to ensure the technical implementation of the company or its partner. The data subject's personal data will be destroyed at the request of the user, unless legislation, open invoices or collection measures prevent the data from being deleted.
​
REGULAR DATA RELEASES
The information in the customer register is only available to the company, except when using an external service provider either to provide a value-added service or to support a credit decision. The information will not be disclosed outside the company or for the use of its partners, except in matters related to credit applications, collection or invoicing, and when required by law. The data subject's personal data will be destroyed at the request of the user, unless legislation, open invoices or collection measures prevent the data from being deleted.
​
TRANSFER OF DATA OUTSIDE THE EU OR THE EEA
​
Personal data will not be transferred outside the European Union unless it is necessary to ensure the technical implementation of the company or its partner.
​
PRIVACY PROTECTION PRINCIPLES A: MANUAL MATERIAL
Contact information collected at customer transactions and other documents containing customer information that are processed manually are stored in locked and fireproof storage facilities after initial processing. Only designated employees who have signed a non-disclosure agreement have the right to process manually stored customer information.
​
PRINCIPLES FOR THE PROTECTION OF THE REGISTER B: COMPUTER HANDLING FUNCTIONS
Only certain employees of the Company and companies acting on its behalf have the right to access and maintain the Customer Ownership and Customer Register. Each specified user has their own personal username and password. Each user has signed a non-disclosure agreement. The system is protected by a firewall that protects external connections to the system.
​
COOKIES
​
A cookie is a small text file that is stored on a user's device by an Internet browser. Cookies are set on the user's terminal only with the site the user invites. Only the server that sent the cookie can later read and use the cookie. Cookies or other technologies do not damage the user's terminal or files, and cookies cannot be used to access programs or spread malware. The user cannot be identified by cookies alone.
The uses of cookies are to increase the efficiency of analytics, marketing and communication. Cookies are divided into subgroups: functional cookies, product development and business reporting, advertising reporting and advertising targeting.
There are some third-party tools or plug-ins that are required for the service to function. Examples of such tools are embedded social media or video services on sites, or social media sharing and liking capabilities. In addition, such third-party plug-ins may collect information about users of online services, for example, to recommend content or track traffic.
If you wish, you can prevent your browser from using cookies, delete stored cookies or request notification of new cookies from your browser. Instructions on how to delete cookies can be found at: https://www.aboutcookies.org/ Blocking or deleting cookies may interfere with some of the functions of our website.
You can read more about cookies and Finnish cookie requirements on FICORA's website https://www.kyberturvallisuuskeskus.fi/en
We reserve the right to update cookie policies, for example due to service developments or mandatory legislation.​
​
​
RIGHT OF INSPECTION
The data subject has the right to check what information about him is in the register. The inspection request must be made in writing by contacting the company's customer service or the register's contact person in Finnish or English. The request for verification must be signed. The data subject has the right to prohibit the processing and disclosure of his data for direct advertising, distance selling and direct marketing, as well as market and opinion research, by contacting the company's customer service point.
​
RIGHT TO REQUEST CORRECTION OF INFORMATION
Personal data in the register which is incorrect, unnecessary, incomplete or out of date for the purpose of processing shall be rectified, deleted or supplemented. The repair request must be made with a handwritten written request to the company's customer service or the administrator of the personal register. The request shall specify what information is required to be corrected and on what basis. Repairs will be carried out without delay. Correction of the error shall be notified to the person from whom the incorrect information was obtained or to whom the information was disclosed. The person in charge of the register shall issue a written certificate stating the reasons for the refusal of the request for rectification. The data subject may refer the refusal to the Data Protection Officer.
​
OTHER RIGHTS RELATING TO THE PROCESSING OF PERSONAL DATA
The data subject has the right to prohibit the disclosure and processing of his data for direct advertising and other marketing, to demand anonymisation of the data where applicable, and the right to be completely forgotten.