The website uses cookies to ensure that the service is secure, efficient and user-friendly.
A cookie is a small text file that is sent to a user's own computer and stored there. Cookies do not harm users' computers or files.
It is possible to disable cookies. Deletion is done in the browser settings. See more details:
Internet Explorer: http://windows.microsoft.com/en-us/internet-explorer/delete-manage-cookies#ie
Firefox: https://support.mozilla.org/en/kb/remove-responsive-to-clear-website-data
If this feature is turned off, it is a good idea to keep in mind that cookies may be necessary for some services to function properly (e.g. shopping cart).
PRIVACY STATEMENT
prepared on March 19, 2019
Data protection statement in accordance with the EU General Data Protection Regulation (679/2016).
REGISTRAR
Glimmering Deep Design
PERSON RESPONSIBLE FOR REGISTRATION
Pia Moilanen and Jussi Moilanen
Email glimmeringdeep@gmail.com
NAME OF THE PERSONAL REGISTER
Customer register
GROUNDS FOR AND PURPOSE OF KEEPING A PERSONAL REGISTER
The legal basis for processing the personal register is:
- Consent of the data subject to the processing of personal data
- The contractual relationship between the data subject and the controller
- Legitimate interest of the controller
Personal information is used:
- Customer relationship management
- Order delivery and processing, as well as archiving
- For statistical purposes
- For marketing purposes
The requirements set by the EU Data Protection Regulation, which will be complied with as of 19 March 2019, have been taken into account in the processing of personal data.
PERSONAL INFORMATION TO BE PROCESSED
The customer's first name, surname, street address, postal code, post office, country, e-mail address, telephone number, language used in the transaction, currency used in the transaction are stored in the customer register. In addition, the company name, business ID and VAT ID are stored for the business customer.
In addition, the order information of the online store stores the information provided by the customer in connection with the order, such as the product content of the order, the method of payment and the method of delivery.
DISCLOSURE OF PERSONAL DATA
- For suppliers in connection with deliveries (Posti, DB Schenker Oy)
- For payment intermediaries
- For credit reporting agencies for credit verification, identity verification, creditworthiness monitoring and credit transfer
- Personal data may be disclosed if this is necessary to comply with applicable legal or regulatory requirements, Processing to monitor legal interests or to detect, prevent or detect fraud and other security or technical problems.
Personal data will not be transferred outside the EU and the EEA.
PERIOD OF RETENTION OF PERSONAL DATA
We will retain your personal information for as long as is necessary to fulfill the purposes of the register.
In addition, some information may be retained longer to the extent necessary to fulfill statutory obligations, such as accounting and consumer trade responsibilities.
PROTECTION OF THE REGISTER
The register will not be disclosed to third parties.
The personal data of the service provider (Finqu Oy) is stored in secure systems that do not have direct access from the Internet. All maintenance operations use at least 2-level logins and highly encrypted connections. All passwords stored in the databases are strongly encrypted. Checkout, login and other pages containing passwords or personal information are protected by strong bank-level TLS security.
RIGHTS OF THE DATA SUBJECT
Right of access to personal data
The data subject has the right to receive confirmation as to whether personal data concerning him or her are being processed and, if so, the right to obtain a copy of his or her personal data
Right to rectification
The data subject has the right to request that inaccurate and incorrect personal data concerning him or her be corrected. The data subject also has the right to have incomplete personal data supplemented by providing the necessary additional information.
Right to delete data
The data subject shall have the right to request the deletion of personal data concerning him or her if:
personal data are no longer needed for the purposes for which they were collected,
the data subject withdraws the consent on which the processing of personal data is based and there is no other legal basis for the processing; or
personal data has been processed unlawfully.
Right to withdraw consent
The data subject shall have the right to withdraw his or her consent to the processing at any time, without prejudice to the lawfulness of the processing carried out prior to that consent.
Right to appeal to the supervisory authority
The national supervisory authority for personal data matters is the Data Protection Commissioner acting in connection with the Ministry of Justice. You have the right to refer the matter to the supervisory authority if you consider that the processing of personal data concerning you violates the relevant legislation.
CONTACTS
In all matters related to the processing of personal data and in situations related to the exercise of one's own rights, the data subject should contact the contact person responsible for register matters.