REGISTER AND PRIVACY POLICY

This is the register and privacy policy of JAK-Metalli Oy according to the Personal Data Act (10 and 24§) and the EU GDPR. Created on 13.06.2018. Last modified on 13.06.2018.

1.REGISTER HOLDER

JAK-Metalli Oy, Louhimontie, 2 35800 Mänttä

 

2. CONTACT PERSON RESPONSIBLE FOR THE REGISTER

Ville Eklöf, ville.eklof@jak-metalli.fi, 0405947057

 

3. NAME OF REGISTER

The customer and marketing register of JAK-Metalli Oy

 

4. THE LEGAL BASIS AND THE PURPOSE OF PERSONAL DATA PROCESSING

According to the EU GDPR a legal basis for personal data processing is

  • communication with customers and managing customer relations
  • business and service planning and development
  • marketing
  • web service development

5. REGISTER DATA CONTENT

Data stored in the register includes:

  • first name and last name
  • contact details (e-mail address, phone number)
  • other text based information related to the customership
  • data collected through cookies
  • IP address information or other identifiers

6. REGULAR SOURCES OF DATA

Data stored in the register is received from customers for example through messages sent via an online form, e-mail, telephone, social media services, contracts, customer meetings and other situations where the customer gives their information.

The website also uses the cookie-based Google Analytics application, which collects anonymous data about website visits.

7. REGULAR DATA DISCLOSEMENT AND TRANSFER OF DATA TO OUTSIDE THE EU OR THE ETA

Data is not disclosed regularly to other parties. Information can be published as far as agreed with the customer.

Data can be transferred by the register holder to outside the EU or the ETA.

8. REGISTER PROTECTION PRINCIPLES

The register is processed with care and data processed with information systems are protected appropriately. When register data is stored in Internet servers, the physical and digital data security of their systems are taken care of appropriately. The registermakes sure that stored data and server access rights and other critical information regarding personal data security is processed confidentially and only by those employees whose job description includes it.

9. THE RIGHT FOR INSPECTION AND THE RIGHT TO DEMAND CORRECTION OF INFORMATION

Every person in the register has the right to inspect their data in the register and to demand the correction of possible incorrect information or the completion of incomplete information. If the person wants to check the data stored about them or demand a correction, the request should be sent to the register holder in written form. The register holder may ask the requester to prove their identity if needed. The register holder will respond to the customer within the time period determined by the EU GDPR (usually within a month).

10. OTHER RIGHTS REGARDING THE PROCESSING OF PERSONAL DATA

People in the register have the right to request the erasal of their personal data from the register (“the right to become forgotten”).  Data subjects also have all the other rights according to the EU GDPR such as restricting personal data processing in certain situations. Requests should be sent to the register holder in written form. The register holder may ask the requester to prove their identity if needed. The register holder will respond to the customer within the time period determined by the EU GDPR (usually within a month).