Register and Privacy Statement
This is the register and privacy statement of Evelec Oy (Business ID: 3255669-5) in accordance with the EU General Data Protection Regulation (GDPR). Created on 02/25/2024. Last modified 02/25/2024.
2. Name of the Register
Customer and marketing register for the Netkone online store.
3. Legal Basis and Purpose for Personal Data Processing
The legal basis for processing personal data under the EU General Data Protection Regulation is the management of the customer relationship and marketing.
The data stored in the register includes: Customer's name, address, phone number, and other necessary information required to manage the customer relationship. Marketing and customer registers. The IP addresses of website visitors and cookies necessary for the functioning of the service are processed based on legitimate interest, for example to ensure data security and to collect statistics on site visitors when such data can be considered personal information. Consent for third-party cookies will be requested separately if necessary.
5. Regular Sources of Data
Information stored in the register is obtained from the customer, for example, via messages sent through web forms, by email, phone, through social media services, agreements, customer meetings, and other situations in which the customer provides their information. Contact information for company and other organizational representatives may also be collected from public sources such as websites, directory services, and other companies.
6. Regular Disclosure of Data and Transfers Outside the EU or EEA
Customer data (orderer) can be disclosed to wholesalers for product delivery if the product is only in the wholesaler's stock, and to payment service providers. Data is not regularly disclosed to other parties.
7. Principles of Register Protection
Care is taken in handling the register, and data processed via information systems is adequately protected. When register data is stored on internet servers, their hardware's physical and digital security is properly ensured. The data controller ensures that stored data, as well as server access rights and other information critical to personal data security, are processed confidentially and only by employees whose job descriptions include such tasks.
8. Right of Access and Right to Request Data Correction
Everyone registered has the right to inspect the information stored about them and to demand correction of any inaccurate data or completion of incomplete data. If a person wishes to check their stored information or request corrections, the request must be sent in writing to the data controller. The data controller may request the applicant to verify their identity if necessary. The data controller will respond to the customer within the timeframe set by the EU data protection regulation (usually within a month).
9. Other Rights Related to Personal Data Processing
Persons included in the register have the right to request removal of their personal data from the register ("right to be forgotten"). Similarly, registered individuals have other rights under the EU General Data Protection Regulation, such as the right to restrict the processing of personal data in certain situations. Requests must be sent in writing to the data controller. The data controller may request the applicant to verify their identity if necessary. The data controller will respond to the customer within the timeframe set by the EU data protection regulation (usually within a month).