1. Data controller
Käännös- ja kielipalvelu Kaisa Nurkka
Soittajantie 3 R 122, 00420 Helsinki
VAT number: FI32761699
2. Contact person responsible for the register
Kaisa Nurkka, +358 40 160 8083, firstname.lastname@example.org
3. Register name
Company Customer Register
4. Legal basis and purpose of processing personal data
The legal basis for processing personal data under the EU General Data Protection Regulation is:
- a contract to which the data subject is a party
- statutory obligation, Accounting Act (1336/1997)
- the legitimate interest of the controller (customer relationship before the contract).
The purpose of processing personal data is communication with customers, maintenance of customer relations, execution of orders, billing and compliance with accounting obligations.
The data is not used for automated decision making or profiling.
5. Data content of the register
Data to be stored in the register include: name, position, company/organisation, contact information (telephone number, email address, address), web site addresses, information about services ordered and changes thereof, billing information, other customer relationship and services ordered data.
We store data as long as it is necessary for the purposes of processing personal data or to comply with legal obligations.
6. Regular sources of information
The data stored in the register is obtained from messages sent from the customer through web forms, email, telephone, social media services, contracts, customer meetings and other situations in which the customer discloses their data. Information about contact persons of companies and other organizations can also be collected from public sources such as websites, directory services and other companies.
7. Regular disclosures and transfer of data outside the EU or EEA
The information is only disclosed to the company's billing service and accountant in Finland. Information is not regularly disclosed to other entities. The data will not be transferred outside the EU or the EEA.
8. Principles of register protection
Care is exercised in the processing of the register and the data processed through information systems is properly protected. When register data is stored on Internet servers, the physical and digital security of their hardware is properly taken care of. The controller shall ensure that stored data, server access rights and other data critical to the security of personal data are treated confidentially and only by employees whose job description is part of it.
9. Right of inspection and right to require correction of information
Each person in the register has the right to verify their data stored in the register and demand correction of any incorrect information or replenishment of incomplete information. If a person wishes to verify or require correction of the data stored about them, the request should be sent in writing to the controller. If necessary, the controller may ask the applicant to prove their identity. The controller responds to the customer within the time frame set out in the EU Data Protection Regulation (as a rule, within one month).
10. Other rights related to the processing of personal data
The person in the register has the right to request
the removal of personal data relating to him from the register ("right to be
forgotten"). Data subjects also enjoy other rights under the EU General
Data Protection Regulation
, such as limiting the processing of personal data in certain situations.
Requests should be sent in writing to the controller. If necessary, the
controller may ask the applicant to prove his identity. The controller responds
to the customer within the time frame set out in the EU Data Protection
Regulation (as a rule, within one month).