Data protection description
Customer data file related to Kauko Oy’s web services.
Personal Data Act (523/99) sections 10, 24
Kauko Oy (hereinafter “Controller”) honors the right to privacy and is committed to protecting the privacy of the persons (hereinafter “User”) using its web services. This data protection description provides information about the processing by the Controller of the Users’ personal data and about the Controller’s data protection practices. Personal data refers to information about the User that is identifiable as concerning a specific User, such as the User’s name, address and e-mail address. Please read this document in its entirety before using the web services.
1. General rules on the processing of data
Personal data is processed for the use, maintenance and further development of the web services. In processing data, the Controller is committed to complying with the Personal Data Act (523/99) and other applicable valid stipulations laid down in Finnish legislation concerning personal data protection, as well as good practices in processing personal data. The Controller shall endeavor to prevent and minimize, using appropriate measures, threats concerning unauthorized access to, the inappropriate use of and possible inaccuracies in personal data. The persons processing the data are under obligation to keep the data confidential.
The Controller gathers information on the number of web service users, the ways in which the users use the services, and which services and pages are most or least used or visited. This information is used to further develop the web services and other services.
The purpose of gathering personal data on the users of the web service is to be able to provide additional information to those providing their data and to produce targeted services or other similar send-outs containing contact data.
The Controller endeavors to continuously develop its web services, and the Controller reserves the right to change this data protection statement. The User must check this data protection description periodically for any changes.
2. Gathered data and data sources
The Users’ information belonging to the following categories is maintained in the file:
• general customer data, such as name, contact details, general description of the customer’s business, customer’s wishes
• information gathered by cookies from the customer’s visits to the web services
• log data related to the use of the web services, indicating how the customer uses the site, e.g. location, time and preferences
• information related to orders
• user profiles that are created based on the above-mentioned information
• financial customer data related to services or products purchased through the web services
The Controller files the following information concerning the User of the Service:
• Information provided by the customer, such as general customer data and order data
• Information gathered by the Controller and its partners and subcontractors through cookies
• Log data gathered by the Controller and its partners and subcontractors by monitoring the use of the web services
• The units of the Controller and its partners and subcontractors that produce services, products and additional services for the web services
• The units of the Controller and its partners and subcontractors that produce logistic services, such as invoicing, haulage, maintenance, etc.
• The Controller may, on its own initiative or on a User’s request, complement, rectify or remove incomplete, inaccurate or outdated personal data.
The file’s regular sources of data are Kauko Oy’s customer file, web services and publicly available databases and web services.
3. Purpose of processing
Personal data is primarily used for marketing, information, sales and business planning purposes. The purpose of the file is to:
• Provide the Controller’s web services and related products to customers
• Manage and develop the customer relationship
• Develop and manage the Controller’s web services and related products, and handle the Controller’s or its subcontractors’ internal and external tasks to the extent that they are related to the web services or the services offered through the web services or to handling orders or contacts.
• Produce information for use in the above-described manner in the Controller’s direct marketing, direct advertising, distance sales, opinion and market surveys, data sourcing and related tasks, such as profiling of customer data and other activities that can be equated to these.
4. Disclosure of data
Data is not disclosed to parties outside the Service Provider or its partners and subcontractors or for direct advertising, distance sales or other direct marketing, market and opinion surveys or personal data registers. As an exception, data can be disclosed to third parties if required by law or an official, for implementing the applicable terms and conditions of use and investigating possible breaches against the terms and conditions and for safeguarding the security of the Service.
In terms of the technical implementation of the data processing, part of the data is physically located on the Controller’s external servers, on which it is processed via a technical user connection.
Data is disclosed and transferred for specified purposes within the Controller and to its partners’ and subcontractors’ units, some of which are located outside the EU or the European Economic Area. Some of the servers used for maintaining the web services can also be located outside the EU or the European Economic Area.
5. File protection principles
The file data is protected using passwords or is otherwise stored in locked spaces. In addition, it is subject to the Controller’s general data security guidelines and principles concerning data contained in the information systems, such as firewalls. Only separately designated employees of the Controller and its partners and subcontractors have access to the Users’ personal data contained in the file data.
7. Right of access and right to prohibit
The User has the right of access to the data pertaining to him/her free of charge once a year. In order to exercise his/her right of access, the User shall send a request of access to the Controller to the address below. The data subject may prohibit the use of his/her data for direct marketing by notifying the Controller thereof. For more information, we kindly ask you to contact firstname.lastname@example.org.
Please use the contact forms provided in the web services to send any questions or feedback concerning the Controller’s performance in maintaining the web services, or send them to the address email@example.com
Kauko Oy, business ID 0100650-0
Tel: +358 (0)9 5211
Contact details of the person in charge of file matters
Kauko, Communications and Marketing
tel. +358 (0)9 5211