Description of the data file as per section 10 of the Personal Data Act (532/1999):
Puustelli Group Oy (business ID: 1570646-0)
Tel.: +358 10 277 6000
Name of data file
Puustelli Group Oy direct marketing register
Purpose of processing personal data
The personal data are processed for the purpose of direct advertising, distance sales or other direct marketing, opinion polls or market surveys, or other comparable individually addressed items. The data may also be analysed and processed for the purpose of targeting marketing communications so as to be of interest to recipients.
Content of the data file
The following details may be handled in the data file:
- contact details (mailing address, phone number, e-mail address)
- title, occupation or other details concerning the duties or position of the subject in business or in public office
- one other identifying detail related to the subject
- permissions and bans on direct marketing
- details on amendments to any of the above personal data
Regular sources of information
Subjects themselves provide data for instance when participating in marketing campaigns organised by the controller, whether online or traditionally, including but not limited to marketing lotteries and competitions and various customer-interface events such as kitchen exhibitions. Personal data may also be collected from the controller’s other data files, from the controller’s partners and from authorities and enterprises offering personal data services.
Disclosure and transfer of data
Data may be disclosed within the limits of and as required by current legislation, unless the subject has specifically forbidden the disclosure of his/her personal data. Therefore data may be disclosed for purposes of direct advertising, distance sales or other direct marketing, and opinion polls and market surveys.
Due to the technological arrangements for handling the data, some personal data may be physically located on servers of the controller’s subcontractors and accessed over a technical connection while complying with the requirements of personal data legislation.
Data are not transferred outside the European Union or the European Economic Area unless necessary for the purposes of handling personal data described above.
Data file protection
The databases making up the data file are protected with firewalls, password protection and other technological means generally considered acceptable in the field of information security. The databases, their backups and manually maintained materials are physically located in locked premises.
Only specifically authorised employees of the controller and of enterprises operating on behalf of and under instructions from the controller have access to the data in the data file, with individual user rights granted by the controller.
Right of access, prohibition and rectification
Under the Personal Data Act, a subject is entitled to inspect the data on him/her in the data file. A written, signed request for inspection must be sent to the person managing the data file. A request for inspection may also be made in person at the controller’s premises.
A subject is entitled to prohibit the handling and disclosure of data on him/her for the purposes of direct advertising, distance sales and other direct marketing and for opinion polls and market surveys. To enter a prohibition, the subject must contact the controller.
A subject is entitled to demand rectification of incorrect data by contacting the controller.