This is Rautaseiska Oy's register and privacy policy in accordance with the EU General Data Protection Regulation (GDPR). Prepared 29.11.2022. Latest Change 29.11.2022.
1. Controller
RAUTASEISKA LTD
Rautaseiskantie 6A, FI-58700 SULKAVA
Phone: +358 440 482 682
Emails: etunimi.sukunimi@rautaseiska.fi
2. Contact person responsible for the register
Simo Toropainen
simo.toropainen@rautaseiska.fi
+358 440 482 682
3. Name of the register
The company's customer register and marketing register.
4. Legal basis and purpose of processing personal data
The legal basis for the processing of personal data under the EU General Data Protection Regulation is:
– the consent of the person.
– the legitimate interest of the controller, the customer relationship.
The purpose of processing personal data is to communicate with customers, maintain customer relationships, marketing, etc.
The data is not used for automated decision-making or profiling.
5. Data content of the register
The information stored in the register includes: the person's name, position, company / organization, contact information (phone number, e-mail address, address), website addresses, IP address of the network connection, information about the ordered services and their changes, billing information, other information related to the customer relationship and the ordered services.
The IP addresses of website visitors and cookies necessary for the functions of the service are processed on the basis of legitimate interest, for example, to take care of data security and to collect statistical data on site visitors in them cases where they can be considered to be personal data. If necessary, consent will be requested separately for third-party cookies.
6. Regular sources of information
The information stored in the register is obtained from the customer, for example, from messages sent via web forms, e-mail, telephone, social media services, contracts, customer meetings and other situations in which the customer disclose their data.
Data on contact persons of companies and other organisations may also be collected from public sources, such as websites, directory services and other companies.
7. Regular disclosure of data and transfer of data outside the EU or the EEA
The data is not regularly disclosed to other parties. Information may be published to the extent agreed with the customer.
8. Principles of register protection
The register is handled with care and the data processed by the information systems is protected appropriately. When register data is stored on Internet servers, their hardware physical and digital Data security is taken care of appropriately. The controller ensures that stored data, server access rights and other information critical to the security of personal data are treated confidentially and only by those employees whose job description it belongs to.
9. Right of inspection and right to demand correction of data
Every person in the register has the right to check the information stored in the register and to demand the correction of any incorrect information or the completion of incomplete information. If a person wants to check with them stored data or require rectification, the request must be sent in writing to the controller. If necessary, the controller may ask the applicant to prove his or her identity. The controller is responsible to the customer Within the time limit set in the EU General Data Protection Regulation, usually within one month.
10. Other rights related to the processing of personal data
A person in the register has the right to request the removal of personal data concerning him or her from the register ("the right to be forgotten"). Data subjects also have other rights under the EU's General Data Protection Regulation, such as: restricting the processing of personal data in certain situations. Requests must be sent in writing to the controller. If necessary, the controller may ask the applicant to prove his or her identity. Controller responds to the customer within the time limit set in the EU General Data Protection Regulation, usually within one month.