Asiakas- ja markkinointirekisterin tietosuojaseloste
The Data controller is obligated by the General Data Protection Regulation (2016/679) to provide information to the data subjects in a clear and plain language. In this privacy policy we describe how Temet processes personal data of contact persons of corporations and other stakeholders in connection with its business. Temet complies with practices set forth in this privacy policy to meet the obligation to provide information as per the General Data Protection Regulation of the EU.
1. Controller
Temet Group Oy
Contact details in matters concerning this customer register:
Hannuksenpelto 3
02270 Espoo
Finland
+358 207579510
info@temet.com
2. Data subjects and data sources
- We collect personal data into our customer register when
- you register as our customer.
- give us feedback, leave a contact request or otherwise contact us.
- you are our corporate customer or a contact person of other stakeholder or you contact us on behalf of your corporation.
We receive the data directly from you when you contact us through our services or our representatives.
3. The purpose and legal grounds for personal data processing
The main reason for having a customer register is:
- Provision of services. Data concerning you will be processed to deliver products you ordered for your business, to provide a service you purchased or to otherwise perform a
contract. - Contacting customers. With your data we can identify you and respond to the feedback or reclamation you sent. Additionally, your data will be processed to provide customer
communication and to resolve disputes. - Marketing. Your data will be processed to market our goods and services.
- Business and service development. We use your data for analytical, statistical and reporting purposes and to develop our business, products and services.
The legitimate ground for processing personal data is maintaining the customer relationship, performance of a contract or executing measures prior to entering into a contract, direct marketing or the consent of the data subject (Article 6 Section 1 Subsections (a) and (b) of the GDPR) in addition to meeting maintenance and guarantee obligations.
4. Storing and protection of the data
The data we process varies in accordance with the services you use. Most common personal data we store are your name, contact information (such as (work)email address and (work)phone number) and your position in the company you represent. The service-specific processing is described in more detail in section 10 below.
We protect the processing of the personal data in our customer register with appropriate technical and organisational protection measures, such as access limitations and passwords and, when feasible pseudonymisation and anonymisation of the personal data. The person processing the personal data stored in the register is also bound by a confidentiality obligation. In addition to this, our data protection policy as applicable form time ensures that personal data is processed in accordance with the applicable data protection law.
5. Data subject’s rights
The data subject has the following rights:
- Access to data. The data subject is entitled to a confirmation from the controller whether their personal data is being processed or not.
- Right to receive a copy. The data subject is entitled to receive a copy of the data we have stored concerning them by sending a request via email to info@temet.fi.
- Right to rectification. The data subject has the right to obtain from the controller the rectification of inaccurate personal data concerning them.
- Right to restriction of processing. The data subject can ask us to restrict the processing of their personal data if they find that their personal data has been processed unlawfully or if the data
subject contests the accuracy of the personal data. - Right to object. The data subject has the right to object at any time to processing of personal data concerning them for direct marketing purposes. We will process the objection to
processing of personal data for purposes other than direct marketing after which we will end the processing or inform the data subject about a legitimate reason why the processing of such data will be continued. - Right to erasure. The data subject has the right to obtain from the controller the erasure of personal data concerning them, if the processing of personal data is no longer necessary. We will process the request for erasure after which we will either erase the data or inform the data subject with a legitimate reason why the erasure cannot be carried out.
- Right to portability. The data subject shall have the right to receive the personal data concerning them, which they have provided to a controller, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller from the controller to which the personal data have been provided, if the processing is based on consent or on a contract and the processing is carried out by automated means. We will process the request for such transfer after which we either transfer the data or inform the data subject on a legitimate reason why the transfer cannot be carried out.
The controller may be obligated by law or other right not to erase certain data requested. For example, the controller is obligated to retain accounting material for 10 years in accordance with the Accounting Act (Chapter 2 Section 10). Due to this obligation, accounting material must not be erased before the time limit.
- Revoking consent. If the processing of personal data is only based on consent, and not for example customer relationship, the data subject may revoke their consent. Revoking the
consent does not affect the legitimacy of the processing carried out prior to the revoking. The consent may be revoked by contacting us via email at info@temet.fi. - The data subject may lodge a complaint with the data protection ombudsman. The data subject may demand that we restrict the processing of the disputed data until a decision is
made. - Right to lodge a complaint with data protection authority. If you find that, despite the principles set forth in the privacy policy, we have infringed your rights conferred by data protection law, you may lodge a complaint with the local data protection authority. We strive to resolve the possible issues with the data subject directly, therefore we recommend contacting our customer service first to resolve the matter.
6. Regular disclosure of data
As a rule, data will not be disclosed for marketing purposes outside of Temet.
As an exception to this is Google Analytics; an analytics service provided by Google that tracks and reports on the traffic on Temet’s website. Google uses the data collected in this manner to monitor the use of our services. This data is also shared to other services provided by Google and Google may use
the collected data to personalise or direct advertisements in its own marketing networks. To decline from this kind of data collection you can install the Google Analytics opt-out extension in your browser.
7. Duration of processing
The data will be retained only so long as it is necessary for purposes detailed in this privacy policy. When the data subject exercises their rights described in Section 5 (such as revoking their consent for processing personal data), the controller endeavours to transfer, rectify, erase or restrict the processing of the data subject’s personal data without undue delay. In addition to this, adhering to mandatory provisions of law such as the Accounting Act, is an exception to the retention period and processing duration of the personal data. In these instances, the data is only processed to comply with such laws.
8. Recipients of personal data
Your data will be processed within Väistö Group Oy to which Temet is a subsidiary company. Additionally, we may disclose your data to authorities if obligated to do so by law. For the performance of a contract we may also disclose personal data also to third parties. These are for example our logistics services providing partner companies that in order to carry out a delivery may act as controller for necessary personal data. We will not disclose your data in a manner that the recipients could use them for other purposes, and we contractually obligate them to organise required level of data security. Additionally, we guarantee through contractual arrangements that personal data is processed in accordance with data protection law and otherwise in appropriate manner. Each of our country-specific representatives or resellers is responsible as a data controller for your personal data that they process in connection with their business regardless of whether you have disclosed the data to the country-specific representative/reseller or if the data has been disclosed to said entity by Temet in accordance with your wishes.
9. Data transfers to third countries
As a rule, data is not transferred outside the EU or the EEA. If data is transferred outside the EU or the EEA, we ensure the necessary level of security for personal data by concluding agreements concerning the confidentiality and processing of personal data in accordance with applicable laws and by using EU standard contractual clauses concerning data protection.
10. Service-specific data
Orders
To perform a contract, we collect data in connection with the order such as your name and contact information, that enable contacting, servicing and confirmation related to the order.
Feedback, complaint and other customer service
You can give us feedback, send a complaint about our product or service or send us an idea with the contact form on our website or one of our representatives. In such instance, we collect data based on customer relationship such as your name, contact information and possible representation information that help us to respond the message you sent us.
Processing of personal data concerning company contact persons and other stakeholders
Temet processes data concerning company’s customers, potential company’s customers, suppliers and subcontractors and other stakeholders in connection with its business. We process your personal data when you do business with us on behalf of your company, other entity or stakeholder. In these instances, we process data to perform a contract.
Your data is processed to perform a contract or to provide services, customer communication and service, and to analyse, compile statistics on, report on or develop our business. When you do business with us as a representative of a company, other entity or a stakeholder, we collect your name, contact information, position, task and/or title in the company or other entity you represent. Additionally, we collect information from publicly available sources, such as company
websites and directories maintained by authorities or service providers and contact database.
Access control systems
With access control we safeguard the safety and property of our employees, customers and other persons staying on our premises, and prevent and clarify situations that can endanger safety, property or production processes.
The following data is stored to the access control system register: name and possible social security number or part of it. In addition, we have camera surveillance on our property.
Data may be disclosed to authorities in accordance with legitimate right to receive information.