Häggblom

 

Privacy statement

1. Name of the data file

Ab A. Häggblom Oy’s customer and marketing register.

2. Data stored in the data file

Customer details and information related to the customer base as well as marketing information.

3.  Data collected in the data file

  • Company name and/or contact person's first and last name, visiting and postal address, email address, telephone number
  • Website, generally available classification information
  • Information on marketing authorisations and prohibitions
  • Classification information and job descriptions provided by contact persons themselves
  • IP address or other call detail records collected through the service
  • Customer feedback details
  • Order, shipping, and billing information
  • Data collected through cookies

Other data collected from customers or groups of customers when they use the service:

  • Sets of data generated by the service and the reporting data compiled from these sets as well as historical data
  • Data collected from the online service; data supplied by an external system provider
  • We store data submitted by data subjects via the contact form on Ab A. Häggblom Oy’s website or by email in connection with the customer service or the service offered

4. Purpose of the data file

Personal data are processed within the limits and in the manner permitted and required by the Personal Data Act (523/1999) and the EU's General Data Protection Regulation (2016/679). The data file is used in accordance with existing laws and regulations for:

  • Managing, maintaining and developing customer relationships
  • Production and development of the services
  • Internal training
  • Categorisation of services and customers
  • Communications
  • Invoicing for the services
  • Debt collection when necessary

The data collected in the register and the use of such data fully complies with the purposes defined by law and regulations, and the use of the data by all parties is subject to the responsibilities and obligations of the data processor and the data controller.

The purpose of the marketing register is to carry out communications activities and, where appropriate, various direct marketing activities, such as emails, calls or contact using other media approved by the data subjects.

5. Regular sources of data

  • Ab A. Häggblom Oy’s customer register
  • Public websites
  • Data provided by the customer service team in relation to the services used, including data supplied by a potential external system provider
  • Data produced and provided by customers

6. Regular transfers of data or transfers of data outside the EU or the EEA

Data shall not be disclosed or sold to third parties. Data shall not be transferred overseas, outside the EU or the EEA.

In order to ensure the quality of the service, we may disclose data to our technical partners who process data only within the limits required for the provision of the service. Our partners shall not use the data for other purposes nor disclose or sell data to third parties.

The data collected from the services is stored and then disclosed, when necessary, to system providers who supply the services and to the data files they specify, to the extent necessary for them to supply the services and as described in the system provider's privacy statement.

7. Principles of protecting the data file

In addition to data management best practices, the processing of personal data is subject to strict standards of care and protection in accordance with data protection legislation. The data file shall be protected from any use by third parties and technically protected by both the data controller and the system providers. When data are transferred, the data shall be protected and transferred in accordance with laws and regulations.

Access to the data file and personal data is restricted to those employees of Ab A. Häggblom Oy whose duties require the processing of data contained in the file. Access to the data file is protected by personal user IDs and passwords. Ab A. Häggblom Oy’s  employees are bound by professional secrecy and confidentiality.

All necessary measures are taken in the processing of data to ensure that personal data are protected against unauthorised access and accidental or unlawful destruction, alteration, disclosure, transfer and other unlawful processing. Data stored and processed digitally are stored in databases protected by firewalls, passwords and other technical measures. Data processed in paper form are stored in locked spaces.

8. Retention period and criteria

Personal data shall only be retained for as long as necessary. The criteria for the point and process of deletion is determined, and obsolete and unnecessary personal data shall be deleted. There may be a legal obligation for the retention of personal data.

9. Cookies

We use cookies on our website. A cookie is a small text file sent to and stored on a user's computer; it does not harm the computer or any files on the computer.

The purpose of cookies is to improve and customise the website's user experience and to analyse and improve the functionality and content of the website. Data collected using cookies can also be used to target communication and marketing efforts and to optimise marketing activities.

The purpose of cookies is to improve the website's user experience and to analyse and improve the functionality and content of our website. We use Google Analytics to compile statistics and analyse data; you can read more about how Google Analytics uses cookies on the service's privacy policy page.

Visitors cannot be identified by cookies alone. However, data obtained using cookies may be associated with data obtained from a user in another context; for example, when a user completes a form on our website.

Cookies are used to collect the following data:

  • Visitor's IP address
  • Time of visit
  • Pages browsed and length of time spent on the pages
  • Visitor's browser

Visitors to our website have the option to block cookies at any time by changing their browser settings. Most browsers allow users to disable cookies and remove those stored on the computer. Blocking cookies may affect the website's usability.

10. Rights of data subjects

Section 26 of the Personal Data Act and the EU's General Data Protection Regulation (679/2016) give data subjects the right to check what data concerning themselves has been collected by Ab A. Häggblom Oy.

Data subjects can check their personal data stored in the data file by sending a written request to the person responsible for the data file. The request must contain the data subject's personal identification code and signature. The request can also be submitted in person to the controller at Ab A. Häggblom Oy’s office.

Data subjects have the right to request the correction of incorrect information concerning themselves, the deletion of their personal data from the data file or the transfer of their personal data to another data controller. However, the right does not apply to data the retention of which is subject to a legal obligation. Data on the use of the service stored in the data files may be disclosed to a user of the service upon request, to the extent that it concerns him or her.

Data subjects have the right to prohibit the use of their data for purposes of direct marketing, distance selling, surveys and market research.

Electronic direct marketing may be sent to data subjects if they have given their explicit consent. Data subjects have the right to withdraw their consent at any time.

Any disputes are primarily solved by mutual negotiations. Data subjects are also entitled to refer matters concerning personal data processing to the data protection authority.