The personal data of Urumi Oy's customers is collected in connection with registration and ordering in the customer register. This registry statement explains what information is collected and what it is used for.
1. The controller Urumi Oy Vuorikatu 30 70100 Kuopio email@example.com www.urumi.fi
2. Name of the register Urumi Oy's customer register.
3. Purpose of the register The register is used to process customer orders, other customer relationship management and direct marketing. The information in the register is only used for Urumi Oy's own direct marketing, unless the customer has prohibited direct marketing. The information in the register will not be disclosed to third parties. Urumi Oy uses customer data and other data generated during the customer relationship only in its own operations and they are not disclosed to third parties.
5. Regular sources of information The contact and customer information of the register is obtained from the notifications made by the customer to the registrar or from the changes made by the customer during and during the customer relationship. A customer relationship arises when
1) the customer registers as an online store customer, or 2) order stuff. 3) Subscribe to an electronic newsletter
When registering, the customer can decide whether to subscribe to the e-newsletter or to refuse direct marketing.
6. Regular disclosures and transfers outside the EU or the European Economic Area Name and address information from the customer register will not be disclosed to third parties. The data is stored on a Siteground server located in the United States.
7. Registry Security Principles Only separately designated Urumi Oy representatives and employees are entitled to use the machine system containing customer information and to change customer information. The customer register and the information system hardware handling it are located in locked rooms closed to outsiders. Data is backed up on a regular basis. The system in which personal data is stored and processed is protected by a firewall against outside communications. The duty of confidentiality is binding on Urumi Oy's representatives handling customer register information. The information is disclosed or disclosed to third parties only due to the legal obligation to report.
8. Where personal information is obtained Urumi Oy's personal data is stored and provided by the customers themselves. Personal information is not purchased from third parties. If you suspect that someone has registered or placed orders with your personal information without your permission, please contact customer service: customer service (a) urumi.fi.
9. Retention period of personal data Personal data shall be kept for as long as is necessary for the purposes of the processing of personal data or to comply with the legal obligations of the controller. The personal data of passive customers is regularly deleted. Individual inactive order information for active customers will be deleted when it is more than 2 years old.
10. Security of personal data processing Personal data is stored in the registrar's electronic system, which can only be accessed by Urumi Oy's employees. The system is protected by firewalls and other technical means.
11. Customer Rights The customer has the right to: * The right to see the data stored about him * The right to rectify the data stored about him * Right to delete data * The right to lodge a complaint with the supervisory authority If the customer wants to see, correct or delete data, he must contact customer service: customer service (a) urumi.fi. Data can be deleted if the customer does not have any pending orders in their account. No separate reason is required to view, correct or delete the information. Customer information will be verified via email, address, phone number or old orders before entering, changing or deleting information. The customer has the right to lodge a complaint with the supervisory authority if the customer considers that the processing of personal data has violated their rights under the data protection regulations. In Finland, the supervisory authority is the Office of the Data Protection Supervisor.