1. Data Controller
Suomen IT-Keskus Oy, Sammonkatu 68 LT 1, 33540 Tampere Phone: 045 490 4026 info@tampereentietokoneapu.fi
2. Contact person responsible for the register
Ville Kontola, ville@itkeskus.fi, 045 490 4026
3. Name of the register
Company marketing and customer register
4. Legal basis and purpose of processing personal data
The legal basis for the processing of personal data under the EU General Data Protection Regulation is the contract in which the data subject is a party, and the legitimate interest of the data controller. The purpose of processing personal data is to communicate with customers, maintain customer relationships, marketing, and proof of work done to the tax authorities and other authorities.
5. Contents of the register
Data stored in the register include: person’s name, contact information (phone number, email address, address), information about the services ordered and changes to them, billing information, and other information related to customer relationships and ordered services.
6. Regular sources of information
Data stored in the register is obtained from the customer, among others, through messages sent via web forms, by email, by phone, through social media services, contracts, customer meetings, and other situations where the customer provides their information.
7. Regular disclosures of information and transfer of information outside the EU or EEA
Information is not regularly disclosed to other parties. Data may be published to the extent agreed with the customer. Information may also be transferred by the data controller outside the EU or EEA.
8. Principles of protecting the register
Due care is exercised in the processing of the register, and the data processed with information systems is adequately protected. When register data is stored on internet servers, appropriate measures are taken to ensure its physical and digital security. The data controller ensures that stored data, server access rights, and other information critical to the safety of personal data are handled confidentially and only by the employees whose job it is to access them.
9. Right to inspect and the right to request rectification of information
Every individual in the register has the right to check their data stored in the register and to request correction of any erroneous data or completion of any incomplete information. If a person wishes to check the data stored about them or request corrections, the request must be submitted in writing to the data controller. The data controller may ask the requester to verify their identity if necessary. The data controller will respond to the customer within the time prescribed by the EU Data Protection Regulation (generally within one month).
10. Other rights related to the processing of personal data
An individual in the register has the right to request the deletion of their personal data from the register (“right to be forgotten”). Registered individuals also have other rights under the EU General Data Protection Regulation, such as the right to restrict processing of personal data in certain situations. Requests must be sent in writing to the data controller. The data controller may ask the requester to verify their identity if necessary. The data controller will respond to the customer within the time prescribed by the EU Data Protection Regulation (generally within one month).