Data Protection Policy of Saija Oy
+358 8 847 511
Company identification number 0802689-7
Saija Oy / Mrs Niina Karppinen
+358 8 847 511
2. Data subjects
The employees of Saija Oy, partners, current and potential customers
3. Basis for processing data and purpose of registry
The personal data will be collected based on partner contracts or actual customer relations or the fact that the subject has somewhere else given consent to have data collected and processed (for ex. on a questionnaire when asked for a permission for marketing). The personal data will be collected and processed for the purpose of handling Saija Oy's partner and customer relations, customer service, marketing communications and direct marketing (if the data subjects have given a permission).
4. Content of register
Data entered in the system
- Contact information
- name and for corporations, also the name of the corporation
- date of birth or social security numer or corporate ID
- phone number
- Customer information
- sales data of products and services
5. Rights of data subject
The data subject has the following rights (for application, please contact firstname.lastname@example.org)
- Access to information
- The data subjects have the right to request access to the information we have on them.
- Information Correction
If the data subjects believe that the information we have about them is incorrect, they are welcome to contact us so we can update it and keep their data accurate.
Right to object
The data subjects have the right to object to processing of personal data concerning them, if they believe that their data has been processed against the law.
Decline of direct marketing
The data subjects have the right to decline use of the collected data for direct marketing.
Right to erasure
The data subjects have the right to be forgotten. They may ask for deletion of the data, if they believe the storage of the data is no longer necessary. After reception of a request for deletion, we will either delete the requested data or we will inform about a well-grounded reason, why the data can not be deleted.
To be noticed: Due to the law or some other regulation, the Controller may have the right to decline the request. The Controller is due to the [finnish] Accounting Law (Chapter 2, 10 §) obligated to perserve company bookkeeping material for a spesific period (10 years). Therefore the data related to bookkeeping can not be deleted before expiration of the period.
Right to decline consent
If processing of data is only based on a consent the subject has given, and not for ex. on customership or membership, the data subject may decline the consent.
Right to complain to Data Protection Ombudsman
The data subjects have the right to complain to the Data Protection Ombudsman if they believe that we are processing the personal data against the current GDPR legislation. They also have the right to request the restriction of the processing of contentious personal data until the issue has been solved.
Contact information of the Data Protection Ombudsman: www.tietosuoja.fi/fi/index/yhteystiedot.html
6. Regular sources of information
Saija Oy collects the data only for its own purposes.
The personal data is usually got
- from the subjects themselves when establishing the customer or partner relation
- from the subjects themselves through a questionnaire on the internet or through some other questionnaire
- through partners
7. Regular data disclosure
Data are usually not disclosed for marketing purposes to any third party.
Only for maintenance of our services we disclose data to the occupational health services (concerning the employees of Saija Oy), the service provider of hotel management software and the service provider of website and newsletter templates.
We have ensured that our service providers conform the GDPR legislation.
8. Period for which data will be stored
The personal data of the employees of Saija Oy will be stored for a period determined by law and regulations. Other personal data will be stored for 5 years after the latest contact. The data subjects may however ask for delition of their data already earlier.
9. Processor of collected data
The processors are the employees of Saija Oy.
The controller and its employees process the personal data. We may also give the permission to a third party, partially to take care of processing. In that case we ensure through contracts that the personal data will be processed in an adequate way and according the current GDPR legislation.
10. Transfer of data outside the EU or EEA
The register data are not transferred outside the EU or EEA.
11. Automated decision making and profiling
We don't use personal data to make automated decisions or profiling.
Cookies are usually small text files, sent to the server by the website and saved on the user’s device. Cookies are used in order to identify the user to improve the user-friendliness of the website. The text files include a little amount of information, which can be read by server when you visit the same website again. Some of the cookies are necessary for browsing a website. Others are useful for the website visitors, because they help browsing for example by remembering your user name or the language settings which were chosen. With the help of these cookies, we can identify your web browser and use the gathered information for analysis and development of our website. This will be done to improve our services to a better respond the needs of website visitors.
With these cookies, we track, among other things, the IP addresses, the time of the visit, the sites visited and the time used in the website, the browser type, the operating system, how visitors are directed to the site, to which web address they move after the visit and which web server the visitors have come from.