Privacy policy
Personal Data Act (523/99) ยง 10
EU General Data Protection Regulation 2016/679
Drafted 28.3.2024
1. The data controller
Tmi Vuokko Puska
2. Name of the register
Customer register of Tmi Vuokko Puska
3. Person responsible for the register
Vuokko Puska
Vallinkoskentie 6,
55100 Imatra
Tel. +358 50 413 7960
4. Purpose of the register
Customer relationship management
The processing of personal data is based on the management of the customer relationship, the consent of the data subject or the legitimate interests of the controller.
5. Data content of the register
The data processed in the register is necessary for the purposes for which the register is used:
- name
- e-mail address
- telephone number
- other information provided by the customer interests and behaviour on the controller's websites and services
- information relating to the device used by the individual: including terminal equipment, IP address, operating system and browser
- Sources of data
Personal data are collected from the data subject himself/herself. Cookies are also used to collect information about the use of websites.
6. Sources of information
Personal data is collected from the data subject. Cookies are also used to collect information about the use of websites.
7. Disclosure and transfer of data
Data will not be disclosed without the consent of the data subject except to the extent permitted and required by law or as required by public authorities.
Subcontractors may be used for the performance of the tasks for which the register is intended and data may be transferred outside the EU/EEA if this is necessary for the performance of the service. In such cases, the controller shall ensure an adequate level of data protection by means of contracts as required by law.
8. Data retention period
The controller will keep the data only for as long as necessary for the purposes for which the register is intended.
9. Protection of the register
The databases in which the data are stored are technically and physically protected so that they cannot be accessed by third parties. Access to the data is restricted to those who need it for the performance of their duties.
10. Right of access, rectification and erasure
The data subject has the right to check what information about him or her has been recorded in the register, the right to request the correction of inaccurate personal data and the right to have his or her data erased from the register. The request for inspection, correction or deletion must be sent in writing, signed and addressed to the person responsible for the register.
11. Right of transfer and prohibition
The data subject has the right to receive the personal data concerning him or her which he or she has provided to the controller in a structured, commonly used and machine-readable form, where the processing is based on consent or on a contract and the processing is carried out automatically. The data subject's right to restriction of processing under Article 18 of the EU General Data Protection Regulation. The right to data portability and the right to object will enter into force on 25 May 2018.
12. Amendments to the Privacy Statement
The controller reserves the right to update and amend the privacy statement. If required by law, we will inform the data subjects accordingly.