The registry holder is obliged by the data protection regulation to inform the registered in a clear manner. This document fulfills that obligation.
1. Registry holder
Contact information in matters concerning the registry
The registry contains customers of e-commerce sites operated by Toriverkosto Oy. These include kameratori.fi, cameraventures.com, kennonpuhdistus.fi, kellotori.fi and reairsoft.com. Customers are those individuals who have taken part in business with the aforementioned e-commerce sites by purchasing products, creating an account or requesting an offer.
3. Use of personal information
Personal information is used on the basis of a business relationship (the customer has done businessa at an e-commerce site) and consent (the customer has created an account, subscribed to a newsletter, requested an offer).
Intent of using personal information and the registry
Personal information is used solely for the following pre-determined purposes:
- Maintaining business relations with the customer.
- Informing the customer of Toriverkosto Oys services.
4. Personal information recorded in the registry
The customer registry contains the following information
- Email address
- Phone number
- Company name
- Company VAT number
- Information related to purchased products and services
5. Rights of the registrant
The registrant has the following rights. Requests to use these rights are to be made to the address in chapter 1.
Right to inspect
The registrant may request to view their contact information contained in the registry.
Right to request data to be corrected
The registrant may request the revision of inaccurate or insufficient data.
Right to object
The registrant may object the use of personal information if they feel the information has been used against the law.
Right to forbid direct marketing
The registrant may forbid their data from being used for direct marketing.
Right to be removed
The registrant may request the removal of their data if the use of their data is unnecessary. We will address the request of removal, which we will either remove the data or present a justifiable cause why the data cannot be removed.
It is worth noting that the registry holder may be bound by law to not remove the requested data. The registry holder is obliged to retain accounting material for a period of 10 years as per the accounting law (chapter 2, section 10). Accounting related material cannot be removed from the registry before the expiration of this period.
Right to retract consent
If the use of the registrants personal information is based solely on consent instead of ex. a business relation or membership, the registrant may retract consent.
Right to appeal to a privacy representative about a decision
The registrant may demand that we restrict the use of disputed information until a solution is reached.
Right to appeal
The registrant may appeal to a privacy representative if they feel we are breaking the law when using personal information.
Privacy representative contact information: www.tietosuoja.fi/fi/index/yhteystiedot.html
6. Normal data sources
Customer information is normally obtained from the customer themself through forms on our e-commerce sites as well as the customers given consent when a business relationship begins in a store.
7. Normal handing over of data
Customer information is primarily not given to marketing purposes outside of Toriverkosto Oy. We have assured that all our service providers adhere to the privacy regulation. We regularly use the following service providers:
8. Duration of use
Personal information is primarily used for as long as customer relations stand.
9. Handlers of personal information
The registry holder and its employees handle personal information. We may outsource parts of information handling to third parties, but in doing so our contracts guarantee that personal information is always handled within the bounds of currently applicable privacy regulation.
10. Transferral of information outside the EU
With the exception of our customers who have subscribed to our newsletter, no personal information is transferred out of the EU or ETA. When data is transferred out of the EU and ETA we guarantee an adequate level of privacy via contracts regarding the confidentiality and handling of data in accordance to the law.
11. Automatic decision making and profiling
We do not use data for automatic decision making and profiling.