Easy Led Oy Customer and Stakeholder Register Privacy Policy
Easy LED Oy
Updated: 12/09/2019
1. Registrar
Easy Led Oy (2077674-6)
Meriniitynkatu 11
24100 Salo, Finland
Tel. +358 2 737 4420
E-mail: info@easyled.fi
(Later “we” or “Easy Led”)
2. Contact person for matters relating to the Register
Pia Kummala
pia.kummala@easyled.fi
Tel. +358 2 737 4420
3. Register Name
Easy Led Client and Stakeholder Register
4. What is the purpose of use of the personal data and legal basis?
The purpose of the use of the personal data is:
- the delivery and development of our products and services;
- g. personalisation and development of web pages based on browsing information in order to enhance customer experience or manage access to the different parts of the web service and downloadable material
- fulfilling legal and other commitments and duties;
- maintaining customer relations;
- organising events;
- analysing and profiling the behaviour of the client or other registered party;
- direct marketing and/or electronic direct marketing; and
- targeting marketing in our company’s web services or other parties web services.
The information of the registry consists of data collected from the registered, i.e. clients of Easy Led, web site visitors, newsletter subscribers and persons, who have in some other way given their information to Easy Led.
We use automated decision-making (including profiling) to identify personal profiles, web behaviour, age and consumption patterns. We use this information e.g. for targeting advertising and developing our services.
Our processing ground is a legitimate advantage based on client relationship and/or other legitimate connection, execution of agreement and/or consent.
5. What data do we process?
In connection with the client registry, we process the following personal data:
- basic information of the registered such as first and last name*, date of birth;
- contact information of the registered such as e-mail address, phone number;
- information on the registered person’s web service use such as website visits and products, the registered is interested in;
- information pertaining to the company and the company’s contact person such as business ID and the names, titles and contact information of the contact persons (registered);
- possible direct marketing refusals and consents;
- participant information of events and possible information related to the event such as dietary restrictions;
- information pertaining to the client relationship and contract such as information about past and current contracts and orders, user profile based on the client relationship, phone call recordings, correspondence and other communications with the client/registered, cookies and information pertaining to their use;
- possible other information essential to the client relationship that has been gathered with the separate consent of the registered such as information the registered has entered into forms on the website, including, for example, name, e-mail address, company identification information or other specifying or relevant additional information.
The personal data marked with an asterisk are a prerequisite for the formation of our contractual and/or client relationship. Without the necessary personal data, we cannot deliver the product and/or service.
6. Where do we get our information?
We primarily receive data from the following sources: from you, the civil registry, authorities, credit information companies, contact information service providers and other similar reliable parties.
In addition, personal information can be gathered and updated for the purposes of use described in this policy from publicly available sources and based on information received from authorities or other third parties, within the limits of applicable legislation. This type of data update is performed either manually or using automated means.
7. Who do we disclose and transfer information to and do we transfer data outside the EU or EEA?
No information is disclosed to outside parties.
We use our service providers to process your personal information. We have outsourced our IT management and services related to direct marketing to an outside service provider, who manages and protects the server on which the personal data is stored.
We transfer personal data outside the EU/EEA. When personal data is processed outside the EU/EEA, we ensure that the service provider is committed to the European Commission’s model clauses pertaining to the processing of personal data and/or is part of the Privacy Shield protection system.
8. How do we protect the data and how long is it stored?
Only those of our employees, who have the right to process personal data due to their job description, have the right to use the system containing personal data. Each user has their own username and password for the system. The data is collected into data bases, which are protected by firewalls, passwords and other technical means. The data bases and their backups are located in locked facilities and the data can only be accessed by certain predesignated persons.
We review the necessity of storing the data regularly while considering the applicable legislation. In addition, we ensure such reasonable measures as to ensure that no personal data that is stored of the registered person is incompatible with the purpose of processing, is outdated or incorrect. We correct or dispose of such information without delay.
9. What are your rights as a registered person?
You have the right to review the data pertaining to you that is saved in the register and demand the correction or removal of incorrect, outdated, unnecessary or illegal data. If you have access to the data yourself, you can edit it. You have the right to withdraw your consent or change it at any time insofar as the processing of your personal data is based on your consent; Withdrawal of consent does not affect the legality of the processing done before the withdrawal of consent.
You have the right to object to or request a restriction of the processing of your data and the right to lodge a complaint about the processing of your personal data with the supervising authority.
You also have the right to object to the processing of your personal data on the basis of your personal circumstances, insofar as your personal data is treated as a legitimate advantage In connection with the claim, you must specify the special circumstances on which you base your objection. We may refuse to execute your claim only on the basis of the applicable law.
10. Who can I contact?
All correspondence and requests pertaining to this policy must be made in writing or in person to the contact person specified in point two (2).