Personal Data Act (523/99) 10 §
Date of issue 10.03.2018
Zoro Ky/THINK TODAY
Elopellontie 1 i, 33470 Ylöjärvi
2. Registry contact person
3. Register name
Zoro Ky online store user register
4. Purpose of personal data handling (the register’s purpose)
All user information stored in the Zoro Ky online store’s register is used for customer relations and contacts as well as other online service reasons. Our newsletter subscribers’ contact information is used for marketing purposes. Information filled out for purchases made online is not used for marketing purposes.
5. Register’s information content
Basic information such as name, address, phone number and email will be stored in the register.
6. Storing information
The register’s controller will store the information that the Zoro Ky user fills out while using the website.
7. Regular disclosure of information and transfer of data outside the EU or the European Economic Area
No data disclosure to third parties. No release of data outside the EU or EEA areas.
8. Principles of registry protection
Zoro Ky’s online store user register information is protected by the operating system security software. Entering the system requires entering a username and password. The system is also protected by firewalls and other technical means. The information contained in the registry is only accessible to certain pre-determined employees. The information contained in the register is located in locked and guarded premises.
9. Denial right
A registered individual has the right to deny the controller the processing of information about himself concerning direct mail, distance sales and other direct marketing as well as market and opinion polls, as well as personal identity and genealogy. Prohibitions should be made in writing and addressed to persons responsible for registry matters.
10. Right of inspection
A registered individual has the right to inspect the data stored in the register of themselves and to obtain copies of them. The request for verification must be made in writing and addressed to the person responsible for the register.
11. Correcting information
The responsible of the register rectifies, removes or supplements any unauthorized, unnecessary, defective or obsolete personal data contained in the register for the purpose of processing on its own initiative or at the request of a registered person. The data subject should contact the person in charge of the Registry Registry to correct the information.
Susanne Hamari/Zoro Ky
Zoro Ky / THINK TODAY is concerned about the proper handling of personal data. This includes fair, transparent processing of data and the recognition and observance of the principles of data protection. The rights of the data subject are respected and the information is processed only on legal grounds and to the extent necessary to deal with the services provided by Zoro Ky / THINK TODAY.
Zoro Ky / THINK TODAY strives to comply with all data protection regulations, including the European Union’s General Data Protection Regulation (GDPR).
The processing of personal data is made transparent so that the data subject can access information about the processing of information about them.
Our aim is to comply with the following privacy principles when handling personal information:
– Lawfulness, fairness and transparency Personal data must be processed legally, properly and transparently from a registered point of view.
– Usefulness Personal data must be collected for a specific, explicit and legitimate purpose and may not be processed in a manner that is incompatible with this purpose in the future.
– Data minimization Personal data must be appropriate and relevant and limited to what is necessary in relation to the uses for which the data are processed.
– Punctuality The personal data processed must be accurate, correct and, if necessary, updated.
– Restrictions on storage Personal data will only be retained for as long as is necessary for the intended purpose
– Authenticity, integrity and confidentiality Personal data must be processed in a manner that ensures their proper security, including the protection against unauthorized or unlawful processing, accidental loss, destruction or damage (data security).