(EU regulation 2016/679)
Konsantie 31, 21260 Raisio FINLAND
Business ID: 2175980-9
- Person responsible for the register
Henri Hyvärinen, CEO
+358 40 523 7576
- Name of the register
Personal data register concerning the process of personal data of representatives, agents and contact persons of Collector’s client companies, suppliers and other co-operation partners and organizations.
- Information content of the register
The personal data register of above mentioned representatives, agents and contact persons contains general contact and identification information about the client company or the organization and its representative, agent or contact person:- name of the company or the organization
– business ID
– names of the representatives, agents and/or other contact persons and their contact information such as telephone numbers and emails
– information related to the person’s task, such as their job title and area of responsibility
– address and billing and delivery address of the company or the organization
– client number or other identification number
– other possible contact information related to the company or the organization or its contact persons, agents or representatives.
- Purpose of the processing of personal data and the legal basis for the processing
The purpose of the processing of personal data is the management of Controller’s client company relations and liaison. The personal data is used for the Collector’s communications and client company relations; processing, archiving and monitoring offers and orders. The information is not used for direct marketing.The Controller only collects information necessary for the co-operation for which the consent of the data subject has been obtained. Consent arises when the data subject himself or herself provides information to the Controller for the purpose of co-operation or when an agreement is concluded between the Controller and the client company on the management of the co-operation, in which the data subject acts as a representative, agent or contact person of the client company. Consent may also be given to take pre-contractual measures. The Controller may also collect personal data from public sources, such as the internet, public company websites, social networking or other similar registers in accordance with data protection legislations.
- Recipients or groups of recipients of personal data
Personal data will not be disclosed to third parties, with the exception of the Controller’s accounting office. Personal data is disclosed to the authorities to the extent permitted and bound by existing legislation.
- Transfer of personal data to a third country
Personal data will not be disclosed outside the EU or the EEA.If, exceptionally, the personal data is disclosed outside the EU or the EEA, in such a case, the requirements of data protection legislation shall be complied with in the transfer of data and, for example, standard contractual clauses of the European Commission shall be used when agreeing on the transfer of data with those processing the personal data; or the Controller ensures that the transfer of data is based on specific criteria, such as the data subject’s consent.
- Personal data retention period
- The rights of data subjects in the processing of personal data
Right to inspect the data and right to the rectificationThe data subject has the right to inspect what data concerning them has been recorded in the personal data register and to receive a copy of the data. The data subject must send the inspection request by email to the Person responsible for the register. The Controller rectifies, erases or complements personal data that is incorrect or unnecessary of its own accord or at the demand of the data subject.Right to restriction of processing
The data subject has the right to obtain from the Collector restriction of processing of data if the data subject, for example, contests the accuracy of the personal data;
the processing is unlawful, but the data subject opposes the erasure of the personal data and requests the restriction of its use instead; or the Controller no longer needs the personal data for the purposes of the processing, but it is required by the data subject for the establishment, exercise or defence of legal claims.Right to erasure
The data subject has the right to have the Controller erase data concerning him or her for example if the personal data is no longer necessary in relation to the purposes for which it was collected or otherwise processed; the data subject withdraws the consent on which the processing was based and there is no other legal basis for the processing; the personal data has been processed unlawfully; or the personal data has to be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject.
Right to data portability
The data subject has the right to receive the personal data that he or she has provided to a controller in a structured, commonly used and machine-readable format and, if desired, transmit that data to another controller. The right to data portability may not have an adverse effect on the rights and freedoms of others.
Right to withdraw consent
The data subject has the right to withdraw his or her consent to the processing of personal data by notifying the Controller by e-mail.
Right not to be subject to a decision based solely on automated processing
The data subject has the right to demand human involvement in decisions that concern him or her. Data subjects have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her or similarly significantly affects him or her.
Right to object
The data subject has the right to object to the processing of his or her personal data if the data is processed for the purposes of the compelling legitimate interests pursued by the controller or a third party.
Right to lodge a complaint with the supervisory authority
The data subject shall have the right to lodge a complaint on the processing of personal data with the supervisory authority, which is in Finland Data Protection Ombudsman.
Changes to the data protection practice