Registrar: Fiscales Oy (company in charge)
Pohjoisesplanadi 33 A, FI – 00100 Helsinki / Logomo Byrå / Junakatu 9, FI – 20100 Turku
Tel. +358 44 745 0401
Contact person for registry matters: [email protected]
Name of the register
Customer, supplier and marketing register
What is the legal basis and purpose of the processing of personal data?
Processing of personal data is based on our justified benefits (e.g. maintenance and taking care of customer relationships and invoicing), enforcement of the agreement made between us and fulfilment of our statutory obligations.
We process personal data because of:
• better delivery and development of our products and services to users,
• purchasing and ordering services and products needed to maintain our business;
• fulfilment of our promises and obligations under e.g. our agreement,
• managing our customer relationship,
• fulfilment of our statutory obligations concerning e.g. money laundering and knowing the suppliers,
• analyzing and profiling the customer or other registered behaviour,
• electronic and direct marketing;
• targeting advertising on our online services.
We use personal data stored in the customer register also for profiling purposes. Profiling is accomplished by creating a unique customer ID or file (e.g cookies) that is saved to the main device of the registrar. This enables us or our subcontractor to unite information formed when using the service concerning the registered and to create a profile that reflects the behaviour of the registered. Profiling is used to get information about customer behaviour to target marketing and to develop services to better reflect customers’ demand.
What information do we process?
In connection with the customer, supplier and marketing register, we process the following personal information of a customer, supplier or other registered person (such as a trainee or prospectus):
• basic information of the registered such as name, date of birth, personal identification number, customer number, user ID and / or other unique identifier, mother tongue;
• the contact information of the registered, such as e-mail address, telephone number, address;
• Company’s and its contact person’s information such as business ID and names of the contact persons and contact information;
• customer and contract information such as past and current contracts and orders, correspondence and other communications with the customer, customer’s payment information, and information voluntarily provided by the customer to our systems;
• information about the data connection and main device used by the registered, such as IP address, device ID or other device-specific identifier and cookie information;
• information about events in which the registered participates, such as information related to event registration (including dietary information that is processed only with the individual's explicit consent) and invoicing;
• information regarding the direct marketing ban of the registered
• any other information collected with the consent of the registered.
Where do we get the information?
We obtain information primarily from the registered, the authorities, credit agencies, contact service providers and other similar trusted entities.
In addition, we may collect and update personal information for the purposes described in this privacy statement, subject to applicable law, based on information obtained from publicly available sources such as newspapers and news, professional social media networks, corporate websites, and authorities or other third parties. Such updating of the information is done manually or by automated means.
To whom do we transfer information and do we transfer information outside the EU or the EEA?
We may disclose this customer, supplier, and marketing information to our partners in cooperation who do marketing or organize campaigns and events with and for us and who consider themselves to be registrars and not personal data processors working on behalf of us (such as various social media players and advertising networks). Otherwise, we will not disclose registry information to third parties unless we are required to do so by law or regulation.
We process the information ourselves and utilize subcontractors working on behalf of us when processing personal data (an up-to-date list of our subcontractors is available upon request). We have outsourced IT management and maintenance of our customer and marketing systems to third parties that manage and secure the servers where the personal data is stored.
We transfer personal data outside the EU / EEA as part of our operations. When transferring personal information, we ensure that such information is adequately protected, as required by applicable data protection law, by using EU Commission model clauses.
Cookies allow Fiscales to collect information such as from which page a visitor has navigated to, which of our web pages are browsed and when, what browser is being used, and what is the IP address of the computer.
We typically use the information collected through cookies for the following purposes:
Essential cookies and the provision of services: Cookies are essential to the operation of our website and provide a smooth user experience. These cookies do not collect information that identifies the user.
Website improvement cookies: By tracking the use of these cookies, we can improve the performance of our websites. For example, we find out what are the most popular parts of our pages, where users are headed, or what web page they are coming from and how long they stay on our pages. For example, we may obtain information about articles read by users (so that we know popular topics).
Social media and marketing targeting: These cookies allow us to make the content as personalized as possible, allowing us to display, for example, user-targeted ads and content based on past online behaviour. Fiscales uses advertising cookies managed by third parties to promote its products on its own websites and those of other parties. You can disable certain third-party managed advertising cookies on third-party management sites.
Our websites may contain links and connections to third party websites, products and services, and third parties’ so-called community links (like LinkedIn and Twitter). Community links managed by third parties in Fiscales webpage will be loaded from the servers of these services, so that the third party may set their own cookies. To these services and applications of third parties in Fiscales webpage is the third party's privacy statement applied. We recommend reviewing the privacy policies of third party.
The cookie storage time varies depending on the type of the cookie. Session cookies expire when you close your browser. Permanent cookies usually have a validity period of between two months and a few years.
How do we protect data and how long do we keep it?
Only our employees who are authorized to process customer data on behalf of their work are entitled to use the personal data system. All of our employees have a non-disclousure agreement in place. Each user has their own username and password for the system. The information is collected in databases that are protected by firewalls, passwords and other technical means. Databases and their backups are located in locked areas and only certain pre-designated persons have access to the data.
We will retain personal information for as long as is necessary for the purpose for which the personal information is used. The personal data in the customer and marketing register will be deleted when the claim and complaint period for a particular customer relationship or service has expired. This period is typically ten (10) years. The data processed for marketing purposes will be retained for the time being.
We assess the need for data retention regularly in the light of applicable legislation. In addition, we will take reasonable steps to ensure that information of the registered that is incompatible, outdated or inaccurate in relation to the purpose of processing are not kept. We will promptly correct or delete such information.
What are your rights as registered?
As a registered user, you have the right to inspect the personal data stored in your personal data file and to request correction or deletion of any incorrect information. You also have the right to withdraw your consent insofar as we process your information based on your consent.
As a registered user, you have the right to object or request a restriction on the processing of your data and to lodge a complaint with the supervisory authority under the General Data Protection Regulation (as of May 25, 2018).
For specific personal reasons, you also have the right to object profiling focusing on yourself and other actions when it is in our justified interest to process the information. In connection with your claim, you must identify the specific situation on which you base the objection of processing. We can only refuse a request for objection on the grounds provided by law.
As a registered you also have the right to object at any time and free of charge, including profiling to the extent that it relates to direct marketing.
You may submit all requests and claims under this section, in person or in writing, to the entity listed under the contact person for registry matters.
Changes to this leaflet
As we make changes to this leaflet, we will update the new leaflet and note the date of the update. If the changes we make are significant, we may notify you by various means, such as sending an email or posting a bulletin on our webpage. You can check this leaflet regularly to stay informed of any changes.