Description of the File Personal Act (523/1999) Section 10
1. DATA CONTROLLER
3. NAME OF REGISTER
www.retouchgem.com customer database
4.PURPOSE OF THE PROCESSING OF PERSONAL DATA
The purpose of the processing of personal data is in managing and maintaining the relationships between RetouchGem and its customers. The personal data has been used to identify users of the Service and for the activation, management and invoicing as well as for the providing of information and notifications to the clients. Further, customers’ personal data may be used for the purposes of direct marketing, provided that the customer has consented to this.
The collected personal data may be used for promotional purposes of the applicable legislation, in accordance with the Finnish Personal Data Act (523/1999) and the Electronic Communications Privacy Act (516/2004).
5. DATA CONTENT OF REGISTER
- First and last names
- Postal Address (street, city, postcode, country)
- For companies: company name/address/business id/website link/contact person
- Phone Number
- Use of services (e.g. newsletter sign-up)
- Orders history, billing and returns
6.REGULAR SOURCE OF INFORMATION
Data is provided by the data subjects themselves when
- subscribe to a newsletter
- share their material/images
- participates in the customer surveys or contests
7. REGULAR HANDING OVER OF INFORMATION AND DATA TRANSFERS OUTSIDE EU OR EUROPEAN ECONOMIC AREA
8. PRINCIPLES OF REGISTER PROTECTION
The data in the retouchgem.com and its sub-domains user register have been stored in a registrar system protected with operating system protection software. Access to the system requires a user ID and a password. The system has also been protected with other technical means. Register information stored in the system can only be accessed by certain authorized registrar employees. The register information is stored in locked and guarded facilities.
10. RIGHT OF INSPECTION
The registered users have the right to inspect the register data concerning themselves and get copies of it on request. The inspection request must be done in writing and addressed to the company management (see our contact details in n.2 of this document).
11. RIGHT TO PROHIBIT DATA PROCESSING
The data subject has the right to prohibit the controller to process personal data for purposes of direct advertising, distance selling, other direct marketing, market research, opinion polls, public registers or genealogical research. The prohibition must be done in writing and addressed to the company management (see our contact details in n.2 of this document).
12. DATA CORRECTION
The controller will correct, remove or add information to the registered data anything that incorrect, unnecessary, insufficient or outdated at the registered person’s request. The registered person must contact to the company management (see our contact details in n.2 of this document)to have the data corrected.
If you have any questions relating to this document, please contact us at Contact Form or by email.