Our website address is: https://bodyrest.fi.
ergotekniikka Oy Tuolitalo 0658698-9
email@example.com 09-870 10 70
Contact person for registry matters
Name of the register and date of compilation
Customer register 1 February 2021
Purpose of processing personal data
The purpose of the register is to maintain the company’s customer register, manage, archive and process customer orders, and manage the customer relationship.
The information may be used to develop the company’s operations, for statistical purposes and to produce more personalized targeted content on our online services.
Personal data is processed within the limits permitted and required by the Finnish Personal Data Act.
The information in the register can be used in the company’s own registers, for example, to target advertising without disclosing personal data to third parties. The company may use partners to maintain the customer and service relationship, in which case parts of the registry information may be transferred to the partner’s servers due to technical requirements. The data is processed only for the maintenance of the company’s customer relationship through technical interfaces.
The company has the right to publish the information contained in the customer register as an electronic or written list, unless the customer specifically prohibits it. In this case, the list refers to, for example, mailing labels for direct mail or the like. The customer has the right to refuse publication of the information by notifying the company’s customer service, by e-mail (e-mail address) or to the contact person of the register.
Information content of the register
The personal register contains the following information:
- The person’s first and last name
- The entity represented by the person
- Email address
- Postal address
- Phone number
- Information on previous orders
- Billing issues
Regular sources of information
The information stored in the register is generally obtained from the customer, primarily by e-mail or telephone. The customer’s contact information is also stored through registration onto the Registrar’s web pages. Information is obtained from registrations made by the customer and from notifications made by the customer during the customer relationship.
Updates of name and contact information can also be obtained from the authorities and companies providing update services, if necessary. Information may also be obtained from subcontractors involved in the use or provision of the service.
The information in the customer register is only used by ergotekniikka Oy Tuolitalo, except when using an external service provider either to provide a value-added service or to support a credit decision. The information will not be disclosed outside the company or to its partners, except in matters related to logistics and invoicing, and when required by law.
Personal data will not be transferred outside the European Union or the EEA unless it is necessary to ensure the technical implementation of the Service by the Registrar or its partner. The personal data of the data subject will be destroyed at the request of the user, unless legislation, open invoices or collection measures prevent the deletion of the data.
Registry Security Principles A: Manually Collected Material
Contact information collected in customer meetings and other manually processed documents containing customer information are stored in locked storage facilities after initial processing. For the most part, the data is immediately transferred electronically, after which the manual data is destroyed.
Only employees who have signed a non-disclosure agreement have the right to process manually stored customer information.
Registry security principles B: Digital functions
Only employees who have signed a non-disclosure agreement have the right to use and maintain stored customer information in the customer register.
Each user has their own personal username and password.
The system is protected by a firewall that protects external connections to the system.
The information collected through cookies can also be used to target communication and marketing, as well as to optimize marketing measures. The visitor cannot be identified by cookies alone. However, the information obtained through cookies may be linked to information that may have been received from the user in other contexts, for example when the user fills in a form on our website.
Cookies are used to collect the following types of information:
the IP address of the visitor
- time of visit
- Browsed pages and page views
- visitor’s browser
The site collects usage statistics for Google Analytics, which is used to track, develop, and plan marketing for the site. The data collected cannot be used to identify individual users or individuals. You can disable Google Analytics tracking with the Chrome browser add-on.
Right of inspection
The data subject has the right to check what information about him is in the register. The inspection request must be made in writing by contacting the company’s customer service or the register’s contact person in Finnish or English. The request for verification must be signed or the identity of the person making the request must be otherwise verifiable.
The data subject has the right to prohibit the processing and disclosure of his data for direct advertising, distance selling and direct marketing, as well as market and opinion research by contacting the company’s customer service point.
Right to demand correction of information
Personal data in the register which are incorrect, unnecessary, incomplete or out of date for the purpose of processing shall be rectified, deleted or supplemented upon request.
The correction request must be made with a written request signed by hand to the company’s customer service or the administrator of the personal register. The request shall specify what information is required to be corrected and on what basis. Repairs will be carried out without delay.
Correction of the error shall be notified to the person from whom the incorrect information was received or to whom the information was disclosed. The person responsible for the register shall issue a written certificate stating the reasons for the refusal of the request for rectification. The data subject may refer the refusal to the Finnish Data Protection Officer.
Other rights related to the processing of personal data
The data subject has the right to prohibit the disclosure and processing of his data for direct advertising and other marketing, to demand anonymisation of the data where applicable, and the right to be completely forgotten.