In this privacy policy, we explain what kind of personal data we may collect from you when ordering our services and products or contacting our company Oy T. Stenbacka Ab, and for what purposes we may use such data. By using our services, you agree to the processing of your data in accordance with this privacy policy.
This privacy policy also contains the information required by Sections 10 and 24 of the Personal Data Act (523/1999) and the EU General Data Protection Regulation (GDPR) data file description.
DATA CONTROLLER
Oy T. Stenbacka Ab
Emalikatu 2 b, 04440 JÄRVENPÄÄ.
Tel. +358 207 432 320, Business ID: 2231973-3.
Contact person for register matters: Tarja Granberg, tarja.granberg@stenbacka.fi.
PURPOSE OF PERSONAL DATA PROCESSING
Management and maintenance of customer relationships; this may include, for example, responding to contact requests, developing services, or recording orders.
DATA CONTENT OF THE REGISTER
Contact information: Company name, person’s name, title, address details, phone numbers, and email addresses, as well as additional information provided by the customer.
PROTECTION OF THE REGISTER
The register is protected from external access and secured with personal usernames and passwords. The register is used by those employees of Oy T. Stenbacka Ab whose job duties require its use, and they are bound by a confidentiality agreement. There are no manual registers.
REGULAR DISCLOSURE OF DATA
For direct marketing purposes in accordance with Section 19 of the Personal Data Act.
Oy T. Stenbacka Ab and companies belonging to the same group (Star Works Group Oy Ab) have the right to use the data in the register for a justified purpose in accordance with Section 8 of the Personal Data Act and other applicable legislation.
In addition, we disclose data (customer name, contact person, phone number, email address, and delivery address):
- to transport companies for order delivery
- to principals for special pricing, product inquiries, installation, or delivery information
The aforementioned parties are committed to complying with the requirements of data protection regulations.
REGULAR DATA SOURCES
Customer data is regularly obtained from the customer themselves when the customer relationship is established and during its course.
COOKIES AND OUR COMPANY WEBSITE
We use cookies on our company website and in our online store. A cookie is a small text file that a website sends to the user’s computer. Cookies are generally used to store user-specific settings. The data cannot be linked to personal information, cannot be identified, and is completely anonymous. You can avoid cookies by modifying your browser settings and disabling their use – in which case our site may not function correctly.
TRANSFER OF DATA OUTSIDE THE EU
If we store personal data outside the EU or the European Economic Area, we use service providers that are Privacy Shield certified and committed to complying with the EU General Data Protection Regulation. Such service providers include Microsoft and Google.
We do not regularly disclose personal data for use by third parties.
AUTOMATED DECISION-MAKING AND PROFILING
We do not use data for automated decision-making or profiling.
RIGHTS OF THE DATA SUBJECT
The data subject has the following rights, and requests concerning their exercise should be sent to:
Oy T. Stenbacka Ab
Tarja Granberg
Emalikatu 2 b
04440 Järvenpää
The requester of registered data must prove their identity when submitting a written request.
Right of Access
The data subject can check the personal data we have stored.
Right to Rectification
The data subject can request the correction of inaccurate or incomplete data concerning them.
Right to Object
The data subject can object to the processing of personal data if they feel that personal data has been processed unlawfully.
Right to Prohibit Direct Marketing
The data subject has the right to prohibit the use of their data for direct marketing.
Right to Erasure
The data subject has the right to request the deletion of data if the processing of the data is not necessary. We will process the deletion request, after which we will either delete the data or provide a justified reason why the data cannot be deleted.
It should be noted that the data controller may have a statutory or other right not to delete the requested data. The data controller has an obligation to retain accounting material in accordance with the period defined in the Accounting Act (Chapter 2, Section 10) (10 years). Therefore, accounting-related material cannot be deleted before the expiration of the specified period.
Withdrawal of Consent
If the processing of personal data concerning the data subject is based solely on consent, and not, for example, on a customer relationship, the data subject may withdraw their consent. The data subject can appeal the decision to the Data Protection Ombudsman. The data subject has the right to demand that we restrict the processing of disputed data until the matter is resolved. The data subject has the right to lodge a complaint with the Data Protection Ombudsman if they feel that we are violating applicable data protection legislation when processing personal data.
Data Protection Ombudsman’s contact information: www.tietosuoja.fi/fi/index/yhteystiedot.html
