Privacy statement
Privacy Statement for Tyylivoitto's Customer Register
Data Controller and Contact Information
Tyylivoitto / Jenni Mäkiranta
Mooskerintie 20
28800 Pori
Finland
tyylivoitto@gmail.com
Business ID: FI30867908
Person Responsible for Registry Matters
Jenni Mäkiranta
Content of the Register
The customer register stores the customer's first name, last name, street address, postal code, city, country, email address, phone number, and currency used during transactions. For business customers, additional information such as the company name, business ID, and VAT number is stored.
Furthermore, information provided by the customer during order placement, such as order content, payment method, and delivery method, is stored in the online store's order data.
Billing and accounting software also stores data about customer purchases.
Purpose of Processing Personal Data
Personal data are processed for purposes related to managing customer relationships, administration and development, provision and delivery of services, and related billing. Personal data are also processed to handle any complaints and other demands.
Additionally, personal data are used in customer-targeted communications, such as information dissemination and news purposes, and marketing, which includes direct marketing and electronic direct marketing purposes.
Customers have the right to refuse direct marketing targeted at them.
The processing of personal data complies with the requirements set by the EU General Data Protection Regulation, effective May 25, 2018.
Retention Period of Personal Data
We retain your personal data as long as necessary for the purposes of using the register.
Some data may be retained longer as necessary to fulfill legal obligations, such as those related to accounting and consumer trade responsibilities.
Principles of Register Data Protection
Materials containing personal data are stored in locked premises, accessible only to designated persons authorized due to their duties.
The database containing personal data is on a server kept in a locked space, accessible only to designated persons authorized due to their duties. The server is protected by appropriate firewalls and technical security measures.
Access to databases and systems is granted only through individually assigned user IDs and passwords. The data controller has limited access rights and authorizations to information systems and other storage platforms so that the data can only be accessed and processed by persons necessary for lawful processing. Additionally, usage events in databases and systems are logged in the data controller's IT system logs.
Employees of the data controller and other persons are committed to confidentiality and are obligated to keep secret any information obtained in connection with the processing of personal data.
Disclosure of Information to Third Parties
We disclose personal data only to logistics and payment service partners to enable the operation of our online store.
Customer Rights
As a customer, you have the following rights:
- Right to review
- Right to correction
- Right to withdraw consent
- Right to deletion