3. DATA PROTECTION OFFICER
4. DATA HANDLER
Oy Tawasta OS Technologies Ltd.
PL 82 (Kasarmikatu 15 B)
010 281 8000
5. NAME OF THE REGISTRY
6. THE PURPOSE OF USE FOR THE CUSTOMER REGISTRY AND THE GROUNDS FOR PROCESSING THE DATA
7. CONTENT OF THE REGISTER
The customer registry includes information about the customer organization that is required for delivering services. These include the following:
- Company name, VAT-code (y-code), corporate structure, line of business, location and contact information
- Customer company personnel names, job positions and contact information
8. REGULAR SOURCES OF INFORMATION
The customer data is aqcuired regularly
- from the customer him/herself on the phone
- through internet, e-mail or other similar means
- from Intellia and Markkinointirekisteri.fi decision maker register
- other equivalent private and public registers
- directly from company wwww pages
The personal data has been received in the purpose defined by the personal data act §4 (section 3).
9. TRANSFERRED DATA OUTSIDE OF EU OR ETA
The data is not regularily transferred outside of EU or ETA.
10. STORAGE TIME
The data in the register is removed when the purpose for their usage has ended, unless the otherwise goverend by the current law.
11. THE GENERAL PRINCIPLES OF PROTECTING THE REGISTRY
Only the employees whose job description entitles them to handle customer data have the right to access to the customer registry. Each user has their own user ID and password for the system.
The data is stored in databases that are protected with firewalls, passwords and other technical means. The databases and their backup copies are stored in locked facilities and the data can be accessed by people that are assigned to do that.
The data protection and the principles in the implementing the protection have been audited. Physical precence in the workplace is monitored.
The registry is not stored manually.
12. THE RIGHTS OF THE DATA SUBJECT
The data subject has the right to check his/her personal data.
The data subject has the right to ask for correction on incorrect data about him/herself.
The data subject has the right to as for removal of his/her personal data from the registry.
The data subject has the right to move his/her data to another system.
The data subject has the right to oppose handling the personal data, automatic decision making and profiling.
The data subject has the right to get notified by data breach on his/her own personal data.
The requests of the data have to be directed to the person responsible for the registry in writing.