PRIVACY POLICY

In general

This is the VePu-vaaput  Personal Data Act (Articles 10 and 24) and the EU General Data Protection Regulation (GDPR) Privacy and Registration Statement.

 

1. register holder

Vepu-vaaput

Kanavaharjuntie 14

+358 45 132 8583

[email protected]

2. contact person responsible for the register

Vesa Pulkkinen, [email protected], +358451328583

3. register name

Company customer, marketing, web service user register

4. LEGAL BASIS AND PURPOSE OF PROCESSING PERSONAL DATA

The legal basis for the processing of personal data in accordance with the EU General Data Protection Regulation is the consent of the person and the legitimate interest of the data controller.

The purpose of processing personal data is to communicate with customers, maintain customer relationship marketing. Data is not used for automated decision making or profiling.

5. data of the register

The information stored in the register is: person’s name, contact information (phone number, e-mail address, address), information about the services ordered and their changes, billing information, other information related to customer relationship and ordered services. We keep the personal information of our subscribers as long as the newsletter subscription is valid.

6. data source

The information to be recorded in the register is obtained from the customer messages sent via web forms, via email, telephone, social media services, contracts, customer meetings, and other situations where the customer hands over their information.

7. data extradition

The information is not released regularly to others. Releases will be published to the agreed extent. Using VePu-vaaput Webhotellit email service for direct marketing and messaging. The first name, last name and email address will be transferred to the web hosting service.

8. handling of the register

The registry is handled with care and the information processed by information systems is properly protected. Keeping registry information on Internet servers ensures that the hardware and digital security of their hardware is properly managed. The Controller ensures that the stored data, as well as server access and other critical information for the security of personal data, is treated confidentially and only by the employees whose job description it contains.

9. persons rights

Every person in the register has the right to check the information stored in the register and to request the correction of any incorrect information or supplementation of incomplete information. If a person wants to check the information stored on him or needs to correct them, the request should be sent to the e-mail registry administrator. The controller may ask the applicant, if necessary, to prove his / her identity. The controller is responsible to the customer within the timeframe provided for in the EU Data Protection Regulation (as a rule within one month).

10. OTHER PROCESSES FOR THE HANDLING OF PERSONAL
DATA RIGHTS

A person in the register has the right to request the removal of personal data concerning him / her from the register (“right to be forgotten”). Likewise, the data subjects have other rights under the EU General Data Protection Regulation, such as restricting the processing of personal data in certain situations. Requests must be sent by email to the Registrar. The controller may ask the applicant, if necessary, to prove his / her identity. The controller is responsible to the customer within the timeframe provided for in the EU Data Protection Regulation (as a rule within one month).