Privacy policy: Customer and marketing register

EU General Data Protection Regulation (2016/679)

Articles 10 and 24 of the Personal Data Act (1999/523)

Last updated 26.4.2018

1. Register keeper

Simeri Oy, (Y 0944332-6)
Riihikuja 3, 01720 Vantaa, p.020 770 5800
www.simeri.fi, info@simeri.fi

2. Contact person for registry matters

Sanna Linnakoski, Simeri Oy, Riihikuja 3, 01720 Vantaa
sanna.linnakoski@simeri.fi

3. The name of register

Customer and marketing register

4. Purpose and legal basis for the processing of personal data

Personal data is processed for customer relationship and for other business relationship management, service delivery, business development and planning, marketing and customer communication, which can also be done electronically and in a targeted. Personal data are processed based on the consent or potential assignment of the data subject.

5. Information content of the register

The customer’s contact name and contact details are recorded in the register. In addition, information is collected on the products and services ordered by the customer, as well as on their delivery and billing.

6. Regular sources of information

Information is obtained from the registered person and from the business.

7. Regular Disclosures

No regular disclosure. In legal cases, information may be disclosed to the authorities.

8. Transferring data outside the EU or EEA

Data will not be transferred outside the EU and the EEA.

9. Registry Security Principles

Personal information is kept confidential. Anyone handling registry information has been introduced to Simer’s privacy policy. Paper material containing customer personal information is stored on premises, where access to unauthorized is denied.The data network and the hardware on which the electronic material is located are protected by firewalls, passwords, and other generally accepted technical means. Permissions are limited as per the job descriptions.

10. Retention period of personal data

The data collected in the register will be kept only as long as the extent necessary for customer relationship and marketing purposes. The legal basis of the register data and the need to process it shall be evaluated at least every five (5) years.
Simeri’s management assesses the need for data retention in accordance with its regular code of conduct. In addition, the controller shall take all reasonable steps to ensure that personal data which are inexact, inaccurate or obsolete are deleted or rectified without delay, in view of the purposes of the processing.

11. Rights of the data subject

Requests for the exercise of the rights of the data subject shall be addressed to the contact person mentioned in this brochure.
The data subject shall have the right to obtain a copy of his or her data contained in the register and to obtain rectification, without undue delay, of any incorrect or incomplete information.

12. Additional information

The data subject may contact the contact person mentioned in point 2 for further information on the processing of his or her personal data.