LAST UPDATED: 15.2.2021
It is important to us that you can safely share your personal information with us. In our privacy statement, we tell you what information we collect about you, how we treat it, and to whom we share it.
This is a combined Privacy Statement and Information Document for Hannika Gabrielsson's customers, potential customers, service providers and other stakeholders in accordance with Articles 12 and 13 of the General EU Data Protection Regulation (679/2016) and Articles 10 and 24 of the Personal Data Act (523/1999). as well as website users.
REGISTRAR AND PERSON RESPONSIBLE FOR REGISTRATION
Name: Hannika Gabrielsson
Business ID: 3018938-5
Address: Gunillantie 17 A 10
Zip code: 00870
Post office: HELSINKI
Phone number: +358 (0)50 358 6042
Email address: info@hannikagabrielsson.com
Website: hannikagabrielsson.com
PERSONAL REGISTERS MAINTAINED BY HANNIKA GABRIELSSON
Email Registry
Billing information
Image gallery
PURPOSE OF THE REGISTER
The personal data collected is used:
to provide you with information about the description
to provide you with pictures after shooting
to deliver the products you ordered
to charge you a fee
to maintain and develop customer relationships
to connect with our customers
to meet the requirements of the Accounting Act and the Consumer Protection Act
The data is not used for automated decision making or profiling.
We also collect information to improve and market our services.
PERSONAL INFORMATION WE COLLECT
The information to be stored in the register is:
Personal information: first name, last name, contact information (phone number, e-mail address, address), www.site addresses, IP address of the network connection, information about the ordered services and their changes, billing information, other information related to the customer relationship and ordered services, and a photo.
WHERE DO WE GET THE INFORMATION?
We receive the customer's information from the customer himself, e.g. Messages sent via web forms, e-mail, telephone, via social media services, contracts, customer meetings and other situations in which the customer discloses their information.
We receive some of the information when a potential customer visits our website using the Google Analytics analytics tool.
The IP address of the website user is stored.
Potential customer information from publicly available information sources.
HOW LONG DO WE PROCESS YOUR DATA?
As a general rule, we process data for as long as the basis for processing exists. For the customer, this means the validity period of the customer relationship. At the end of the customer relationship, we process the data, for example, when the ex-customer has arrears for 10 years.
Website visitor data is retained for 24 months.
Note! The retention periods of personal data are also affected by, for example, the Accounting Act. According to the Accounting Act, supporting documents for the financial year, correspondence concerning business transactions and other accounting material must be kept for six years from the end of the calendar year during which the financial year ends. If the financial year has ended, for example, on 30 April 2018, the documents must be kept until 31 December 2024. Thus, the Accounting Act may in some respects result in longer retention periods for personal data.
Your personal information can also be kept longer in situations where it is part of particularly important documents. We retain contracts and other relevant documents for 10 years. The reason is the Limitation Period of the indemnification obligation: the obligation usually ends within ten (10) years from the occurrence or discovery of the damage.
YOUR RIGHTS
Right of inspection: You can check the personal data we store about you.
Right of rectification: If you find inaccuracies or omissions in your information,
you have the right to ask us to correct or supplement the information.
Right to object: You have the right to object at any time
processing of your personal data if you feel that we have processed your personal data unlawfully or that we do not have the right to process some of your personal data.
Prohibition of direct marketing: You may at any time prohibit the use of your information for direct marketing. We will not disclose your personal information to anyone without your consent so that they may target direct marketing to you.
Right of deletion: If you consider that the processing of some of your data is not necessary for our tasks, you have the right to ask us to delete that data. We will process your request, after which we will either delete your information or provide you with a valid reason why we are unable to delete your information. If you disagree with our solution, you have the right to complain to the Data Protection Officer.
Right of Restriction: You also have the right to demand that we therefore limit the processing of disputed information until the matter is resolved.
Right of Complaint: You have the right to file a complaint with the Data Protection Officer if you believe that we are violating your personal information when we process data protection laws.
The right to transfer data from one system to another. You have the right to receive your personal data stored in the membership register in a commonly used electronic file format.
Who else processes your information?
Hannika Gabrielsson uses only high-quality service providers with whom an agreement on the processing of personal data has been concluded in accordance with the Data Protection Regulation. Suppliers include:
accounting company 1
IT service company 2
image products supplier 3
How do we protect your information?
We protect your internet connection (https)
We encrypt data (encryption)
We restrict access to the register to those who need it
REGULAR DATA TRANSMISSION AND TRANSFER OUTSIDE THE EU OR THE EUROPEAN ECONOMIC AREA
The information is not regularly disclosed to other parties. The information may be published to the extent agreed with the customer. Data may also be transferred by the controller outside the EU or the EEA. Some third-party service or software providers displayed by the company may store information outside the EU or the European Economic Area.