DATA PROTECTION STATEMENT March 18th 2020
Registry description in accordance with the Personal Data Act December 5th 2018 / 1050.
Entity managing the register
Name of the register
Shipyard and Construction Work Tejara Oy’s customer register.
Purpose and legal basis of the processing of personal data
The purpose of the processing of personal data is the management and maintenance of the customer relationship between the company and the corporate customer, as well as marketing. The information in the register is used for the company’s own direct marketing, unless the customer has prohibited direct marketing. Purchase and transaction information processed in the register, as well as location information, can also be used for profiling and to target marketing measures and customer communications to the registrant’s interest. The information will also be processed in connection with the sending of the newsletter and participation in events and other marketing activities. The data will be processed in order to guarantee the legitimate interest of the registrar If the person does not fill in the information requested in the contact form, the registra may not accept the person contact form and may not enter into an agreement between the registra and the person.
Retention period of personal data
Personal data will be kept for as long as required by the measures related to the contact form completed by the person. The storage time depends on the information collected, e.g. According to the Accounting Act, invoicing information must be kept for six years. We will only retain the information on the contact form with the consent of the person.
Description of the register group of persons and information content
The register contains personal information about the company’s corporate customers. The form information entered by the registrant himself may contain e.g. email address, phone number, or address.
Sources of information in accordance with the rules
Information provided by the contact person as well as the customer information system and invoicing database.
Information disclosures accordance to rule regularity
As a general rule, personal data is not disclosed outside the organization. The personal information required by the accounting is handed over to the accounting firm used by Telakka and Rakennustyöt Tejara Oy. However, personal data may be disclosed on the basis of an agreement between the customer and Telakka and Rakennustyöt Tejara Oy, the customer relationship between the customer and Telakka and Rakennustyöt Tejara Oy or the legislation in force, e.g. authorities. Data will not be transferred outside the EU or the EEA.
Registry security principles
The data is kept technically secure. Physical access to data is blocked through access control and other security measures Access to information requires adequate rights as well as multi-stage authentication. Unauthorized access is also prevented e.g. firewall and technical protection. Only the registrar and separately designated technical persons have access to the register data. Only designated persons have the right to process and maintain the data in the register. Users are bound by professional secrecy. The registry information is backed up securely and can be restored if needed.
Rights of the registreren
- The registreren has the right to inspect the personal data stored in the register and thereof to receive copies of the data. The request for inspection must be made in writing and addressed to the party responsible for the register (see section Registrant responsible for the register).
- The party maintaining the register shall correct, delete or supplement personal data in the register which is incorrect, unnecessary, incomplete or out of date for the purpose of processing, on its own initiative or at the registrered request . The registered must contact the registrar’s registry in writing to correct the information (see section Registry).
- To the extent that the processing of personal data is based on the registered person consent, the registered has the right to withdraw the consent at any time. Withdrawal of consent shall not affect the lawfulness of how the processing of any previous data has been done.
- The registered has the right to lodge a complaint about the processing of personal data with the supervisory authority.