Privacy Policy
This is a privacy policy and data protection notice in accordance with the EU General Data Protection Regulation (GDPR).
Name of the Registry
Erä-Susi Oy’s Customer Data Registry
Data Controller
Erä-Susi Oy, Business ID: 2848185-4
Person Responsible for Registry Matters
Mervi Rantamäki, CEO
Purpose of the Registry
The purpose of this registry is to serve as Erä-Susi Oy’s customer data registry.
The data may be used for the following purposes:
- Managing customer relationships
Regular sources of information
The primary source of information is the customer. Information can also be obtained from government and corporate databases, as well as from our partners.
Data Content of the Registry
The database primarily contains information provided to Erä-Susi Oy by the customers themselves.
The database may include, among other things, the following customer information:
- Name
- Email address
- And other information provided by the user
Regular Disclosures of Information
With the customer’s consent, data may be disclosed to joint partners of the customer and Erä-Susi Oy for the purpose of delivering the products and services ordered by the customer.
Information related to billing may be disclosed to parties that process payment transactions.
Data will not be disclosed to other third parties, either within or outside the EU.
Data may be disclosed to authorities if they submit a request based on Finnish law.
Principles of Data Protection
Manual data
No data is stored in physical form, with the exception of accounting records, which are accessible only to designated employees of Erä-Susi Oy and the accountant, all of whom are bound by a duty of confidentiality.
Data stored in information management systems
The data is transmitted over an SSL-secured connection.
Electronic data is protected by a firewall. Only specifically designated employees of Erä-Susi Oy have access to the registry data. Employees are identified by a username and password. The data is treated as confidential and may not be disclosed to anyone other than those who need it for their work and who are bound by a duty of confidentiality.
Right to Inspect and Prohibit
Data subjects have the right to inspect the personal data stored about them in the personal data register. A signed written request for inspection must be sent to the person responsible for register matters.
The right of inspection is free of charge when exercised no more than once a year.
Data Retention Period
We retain personal data only for as long as is necessary based on the type of personal data and the purpose of its processing. We retain form submissions for a maximum of 6 months, after which they are automatically deleted from the website’s database.
Cookies
This website uses cookies. Cookies are small text files generated by our web service that are stored in your browser’s memory with your consent. Cookies allow us to analyze the service requests you make to our website via your browser, identify the choices and settings you make while using the site, and provide personalized services based on them.
You can use your web browser’s settings to block or delete cookies. However, this may affect our ability to provide personalized, high-quality online services.
