GDPR / JAS Tekniikka: Register and privacy statement in accordance with Sections 10 and 24 of the Personal Data Act (523/1999)
1. Controller of the personal data being processed:
JAS Tekniikka Oy (Y-tunnus 1091427-9)
Maariankatu 1
20100 Turku
puh. 010 292 3000
info@jastekniikka.fi
2. Contact person regarding the register
Katja Särkijärvi katja.sarkijarvi@jastekniikka.fi 010 292 3034
3. Register name
JAS Tekniikka Oy’s marketing and customer register.
4. Purpose of processing personal data
The register is used for managing customer relationships, processing and archiving service and sales orders, and for the development, evaluation, and marketing of the company’s operations, provided the customer consents. Placing an order does not require registration in the customer register.
5. Contents of the register
The register includes the customer’s contact details provided to the company, including name, address, telephone number, and email address.
The register retains the customer’s service and sales history.
6. Regular sources of information
The customer’s contact information is recorded in connection with service and sales transactions and when registering in the online store.
7. Regular disclosures of data
Register information may be shared within the organization, and data related to warranty service cases may be disclosed to the principals. Disclosure of information to partners occurs only for purposes that support the intended use of the register.
8. Transfer of data outside the EU or EEA
JAS Tekniikka does not transfer data outside the EU or EEA and strives to use service providers located within the EU. If data is transferred outside the EU or EEA, the data controller ensures that there is a valid legal basis for the transfer and that personal data is protected using standard contractual clauses approved by the authorities and appropriate technical safeguards
9. Principles of register protection
All register information is protected against unauthorized access, accidental or unlawful destruction, alteration, disclosure, transfer, or any other illegal processing.
JAS Tekniikka stores register data in Finland. The servers are protected against data breaches and denial-of-service attacks.
The processing of personal data complies with the requirements of the EU General Data Protection Regulation (GDPR), applicable since 25 May 2018. All access to personal data is monitored in accordance with good practices. The right to use the data is limited to JAS Tekniikka employees who need the information to perform their duties.
10. Right to access personal data
Under the EU General Data Protection Regulation (GDPR), a data subject has the right to access the personal data stored about them in the register. A written request for access must be signed and sent to the contact person responsible for register matters (see Section 2). Personal data will only be disclosed upon verification of the customer’s identity. The right of access is free of charge when exercised no more than once per year.
11. Right to request correction of data
A data subject has the right to request the correction of inaccurate or outdated information, the deletion of data, or the transfer of data from one system to another. They also have the right to restrict or object to the processing of their data in accordance with Articles 18 and 21 of the EU General Data Protection Regulation (GDPR).
12. Other rights related to the processing of personal data
A data subject has the right to withdraw previously given consent for the processing of their data or to lodge a complaint regarding the processing of their personal data with the supervisory authority. The data subject also has the right to prohibit the use of their data for direct marketing purposes.