Description of processing operations
EU General Data Protection Regulation (2016/679), Articles 13, 14, 15, 16, 17, 18, 20, 21 and 30. Updated: 01.11.2023
Neidon Sydän Oy
Contact persons responsible for registry matters
Contact person: Riitta Kulju
Neidon Sydän Oy
Neidon Sydän Oy's customer and contact information register.
Neidon Sydän Oy processes the personal data of registered persons in the online store and otherwise using the service (hereinafter "Customer" or "Registered") in accordance with the Data Protection Regulation. By subscribing to the newsletter, registering a user account, ordering products from the online store, ordering products from Neidon Sydän through other way or giving marketing permission, the Customer gives Neidon Sydän Oy permission to process the personal data in accordance with the regulations below and gives Neidon Sydän Oy permission to store the information in the register.
2. Processing of personal data
Providing personal information is a requirement for concluding a contract. Personal information is obtained directly from the Customer.
Neidon Sydän Oy processes the Customer's personal data:
- to fulfill their obligations based on contractual relationships;
- to comply with its legal obligations;
- claims and legal proceedings;
- to enable data management, provide services and manage personal customer relationships;
- for direct marketing, to produce targeted and personalized content;
- To plan and develop the business of Neidon Sydän Oy. In addition, Neidon Sydän Oy analyzes and conducts market and opinion surveys and processes customer feedback.
The legal basis for the processing of personal data is the execution of a contract, a legal obligation or a legitimate interest. The processing of the data used to implement the service is based on the execution of the contract, the fulfillment of statutory obligations, such as compliance with accounting obligations, the processing of the data used for a legal obligation and the processing of the data used for marketing purposes other than the current customers of Neidon Sydän Oy are entitled to a benefit.
Personal data can be processed in the society belonging to Neidon Sydän Oy and used for the marketing purposes of them in accordance with the Data Protection Regulation.
For the purpose of communication (arranging deliveries and sending service messages), we process the name and contact information of our customers. Based on the customer relationship or contact, Neidon Sydän Oy has the right to process the Customer's data. With the help of the information, we can verify the Customer's identity, respond to messages, offer the service the Customer wants and develop our service. The personal data processing practices apply to personal data that the Customer has given to Neidon Sydän Oy when placing an order or registering a customer account in the online store or in other contexts.
We process the following information of the Customer:
payment instrument information, such as payment instrument number and expiration date
personal identification number, if the Customer is strongly identified; and
other information that the customer provides when creating/changing an account, placing an order, by phone or e-mail, such as, for example, the identifier of the linked service, customer number, information about contacting our customer service and the version, settings and other identifying information of the hardware and browser used.
The register only contains information provided by the user himself. Information is obtained from the customer contract concluded by the Customer and from the Customer himself during the customer relationship through communication and service use. Personal data is needed to maintain the customer relationship.
3. Disclosure of information
Neidon Sydän Oy may also hand over the Customer's data to a third party or another data controller, if this has been separately agreed with the Customer. These third parties are, for example, the authorized service providers we use.
Neidon Sydän Oy can hand over information stored in the register to the entity that has entered into a cooperation agreement for the purpose of delivering orders and processing payments. Neidon Sydän Oy's partners do not forward information to third parties, and do not use information for other purposes. Neidon Sydän Oy may be obliged to hand over customer data if the applicable law or regulation or the request of a judicial or administrative authority requires this. We use certain services as part of our own service and tools on our website, whose service providers may also be located outside the EU or the European Economic Area.
4. Storage period
The registrar keeps personal data for the time being and as long as the customer relationship continues. However, at least the time that the order's shipments have been delivered or the time required for invoicing, to verify the payment of the invoice.
5. Purpose of the customer register
The customer register is used for order processing and delivery, customer management, analysis and development, and statistical purposes. In addition, the information can be used for the Marketing of the Controller.
6. Protection of the customer register
The customer register of the Neidon Sydän Oy online store is kept only electronically. The register is technically protected with firewalls and passwords. The register is used only by those persons whose job description includes the use of the register. Each person handling the register has a personal username and password for the system. Information from the customer register is processed for managing and developing the customer relationship.
7. Rights of the registered
The right to access personal data
The registered person has the right to check the information about him, stored in the register. The inspection request is free of charge once a year and must be made in writing and signed to Neidon Sydän Oy's data protection officer.
Right to rectification of data
If there are errors or are incomplete in the information of the Registered User, the Registered User has the right to demand that the incorrect information be corrected or that the incomplete information be supplemented.
The right to delete data
The registered person also has the right to demand the deletion of information about him to the extent that it does not contain information that is subject to the retention obligation in terms of official supervision. Your data will be deleted if there is no longer a legal basis for the processing.
The right to transfer data from one system to another
The registered person has the right to receive the information he has provided in a machine-readable format and to transfer the information to another system when the processing is based on consent or an agreement and the processing is done automatically.
Right to object
Neidon Sydän Oy can process the Registrant's personal data based on the contract as part of the business, if the processing does not violate the protection of the Registrant's personal data. The registered person has the right to object to the processing of his personal data.
The right to restrict processing
If, for example, the Registrant disputes the correctness of their personal data or if the processing is illegal, the Registrant can limit the processing of their personal data, in which case Neidon Sydän Oy will not, as a rule, process the Registrant's data other than by keeping the information.
The registered person has the right to prohibit the use of their data for direct marketing by notifying Neidon Sydän Oy's data protection officer.
The right to file a complaint with the supervisory authority
The customer has the right to file a complaint with the data protection commissioner if he considers that Neidon Sydän Oy does not act in accordance with the Data Protection Regulation when processing the customer's personal data.
10. Using data for other purposes
Nidon Sydän Oy does not use the Customer's information for purposes other than those stated in this statement. We inform the Customer of the new purposes of use and the basis for their processing. If necessary, Neidon Sydän Oy will ask the Customer for consent to the processing of personal data for new purposes.
11. Information security
Neidon Sydän Oy uses administrative, organizational, technical and physical measures such as encryption, firewalls to protect the data it collects and processes. All information security breaches are reported as soon as possible as required by the applicable legislation to the relevant authorities and, if required by the data protection legislation.
Cookies are not harmful, and they do not harm your computer, files or internet use.
Cookies are used to collect e.g. the following information about website users:
device information such as browser type and language and the date and time of your request and the address from which the site was accessed;
your preferences, such as language preferences, site notifications or alerts;
what content you view or what pages you visit;
searches you make using our site search
Deleting and blocking cookies