Privacy Policy

This is Sometehdas Oy’s privacy policy. It complies with the Finnish Personal Data Act (Henkilötietolaki 523/1999) (Sections 10 and 24) and the EU General Data Protection Regulation (GDPR). Compiled on May 30, 2018. Last updated on November 1, 2019.

1. DATA CONTROLLER

Sometehdas Oy
Business ID: 2881816-2
Köydenpunojankatu 14, Logomo Byrå
20100 Turku, Finland
[email protected]

2. CONTACT PERSON FOR DATA FILE-RELATED MATTERS

Jukka Terho, [email protected], tel. +358 500 522 175

3. NAME OF THE DATA FILE AND DATA SUBJECTS

Sometehdas Oy’s marketing and customer register.
We use the register to process the personal data of our customers as well as our potential customers and their representatives.

4. LEGAL BASIS FOR THE PROCESSING OF PERSONAL DATA

We process personal data to manage customer relationships, to communicate with customers and to improve the user experience of the Sometehdas.fi online service in order to target relevant content to users. We also process personal data for marketing purposes. We process your personal data for marketing purposes based on our legitimate interests and to manage customer relationships on the basis that it is necessary for implementing a contract between you and us. We may also send you direct marketing messages based on your consent. We do not process personal data for automated decision-making or profiling purposes.

5. CONTENT OF THE DATA FILE

The types of information we may collect about you include your name, email address, postal address, and any other information you provide. Cookies provide us with statistical data about the visitors of our website, which we use, for example, when planning our marketing. This allows us to target our communication efforts as precisely as possible. Information collected through cookies may also be used for the purpose of targeted marketing (remarketing), which is why you may see advertising content on products that you have previously viewed on our website, for example, on Facebook. We do not disclose your personal data to third parties for their direct marketing purposes.
The following information may be collected about data subjects:

  • Name, email address and job title / area of responsibility
  • Company’s name, contact information and field of business
  • Information related to customer relationship management and communication (e.g. purchase and cancellation of services, feedback, and customer service interactions)
  • Information related to the use of Sometehdas Oy’s website and services
  • Information related to marketing and promotion, such as marketing efforts directed to the data subject and participation in them (e.g. competitions, webinars and events)
  • Technical information and information related to the cookies sent to the data subject’s browser

6. REGULAR SOURCES OF DATA

The collection of names and other contact information is based on a customer relationship or other relationship with Sometehdas Oy. We collect information about you when you enter into a contract with us, when you register for an account or when you use the services of Sometehdas Oy. In other words, the personal information collected by us mainly consists of information provided by you. We also monitor cookies, and visiting Sometehdas Oy’s website leaves a trace, an IP address. Personal data may also be purchased for non-recurring marketing purposes from registers outside Sometehdas Oy. We may also collect personal data from public sources.

7. REGULAR DISCLOSURE OF DATA AND THE TRANSFER OF DATA OUTSIDE THE EU OR EEA

We do not disclose personal data to third parties. The data may be published to the extent agreed with the customer. In all cases, we will only transfer your personal data outside the EU/EEA for one of the following legitimate purposes:

  • The European Commission has determined that an adequate level of data protection is ensured in the recipient country;
  • We have implemented appropriate safeguards for the transfer of your personal data using standard data protection clauses approved by the European Commission. In such cases, you have the right to obtain a copy of these standard clauses by contacting us; or
  • You have given your explicit consent for the transfer of your personal data, or there is another legal basis for the transfer of your personal data outside of EU/EEA, such as the EU–U.S. Privacy Shield framework adopted by the European Commission.

8. PRINCIPLES OF DATA PROTECTION

We respect the confidentiality of your personal data. The information in the data file is protected by firewalls, passwords and other technical means, and is only accessible to persons authorised by Sometehdas Oy. We will dispose of any outdated and unnecessary data in an appropriate manner. We will only retain personal data for as long as is necessary to fulfil the purposes defined in this Privacy Policy. Due to the obligations under the Accounting Act (Kirjanpitolaki 1336/1997) or other applicable law, data may have to be stored for a longer period.

9. RIGHT OF ACCESS AND RIGHT TO RECTIFICATION

Data subjects have the right to request access to their personal information stored in the register and request the correction of any inaccurate or incomplete information. If a person wishes to check or rectify the information stored about them, the request must be sent in writing to the Data Controller. The Data Controller may ask the data subject to verify their identity before processing the request. The Data Controller will respond to the request within the time limit set by the GDPR (usually within a month).

10. OTHER RIGHTS CONCERNING THE PROCESSING OF PERSONAL DATA

Data subjects have the right to request the erasure of their personal data from the register (“right to be forgotten”). Data subjects also have other rights set out in the EU General Data Protection Regulation, such as the right to restrict the processing of personal data in certain situations. Requests must be sent in writing to the Data Controller. The Data Controller may ask the data subject to verify their identity before processing the request. The Data Controller will respond to the request within the time limit set by the GDPR (usually within a month).

11. CHANGES TO THE PRIVACY POLICY

We continuously develop our services and therefore reserve the right to change this Privacy Policy by providing notice thereof on this website.