According to The Personal Data Act (523/1999) 10 §:
1. The Registrar
Hattumyynti Ainamuoti Oy (VAT: FI-02059129)
Kuninkaankatu 19 B 21
2. The person in charge of register issues
Hattumyynti Ainamuoti Oy
Kuninkaankatu 19 B 21
3. Name of the register
hattu.fi online customer register
4. Use of Personal Data
Personal data is processed www.hattu.fi online store registered to treat the customer's customer relationships and maintenance, e-commerce development and management of the data controller business planning and development, customer communications and marketing. personal data contained in the register can be used for advertising hattu.fi/Ainamuoti/Hattumyynti, direct marketing, including e-direct marketing, distance selling and marketing and opinion surveys.
5. Data content of the register
The register contains the following information:
- The customer's first and last names
- Mail addresses
- E-mail addresses
- Ordering Information
- The customer's consent to receive the newsletter
- The customer's head size (if the customer has give the information)
- The customer's Date of Birth (if the customer has give the information)
Interest, profile and participation information, such as:
• interest in the registered information communicated as well as other information on the service
• answers to various campaigns frequently asked questions from the data.
To manage customer related information, such as:
• contacts and communication in relation to inducing (including feedback and complaints)
• targeted registered any marketing activities, as well as other measures relating to the maintenance of the customer relationship
• direct marketing permissions and prohibitions
updating the information specified above.
6. Regular sources of information
Registered yourself when giving personal information www.hattu.fi site, hattu.fi:n social network (facebook, instagram, etc.) Or forms filled in stores, exhibitions, fair etc, a variety of controller events or campaigns or by phone during customer service calls.
7. Disclosure of Information
Personal data is not regularly disclosed to third parties. The registrar has the right to disclose personal information for example. authorities, as well as for direct marketing purposes in accordance with the data protection laws. Information is not transferred outside the European Union or the European Economic Area, unless it is necessary due to the implementation of the service.
Register related databases are protected by firewalls, passwords and other technical means to secure the external security breaches. Data bases and their backups are located in locked premises.
Only the companies identified in the controller and on its behalf and on behalf of employees have access to the data contained in the register by granting the registrar personal right of use.
9. The inspection, prohibition and the right to repair
The data subject has the right to check what information about them is stored in the register in accordance with the Personal Data Act. The inspection request must be sent to the person in charge of register issues and must be in writing and signed. The inspection request can also be made in person at the registrar's. The registrar may charge a reasonable compensation arising from the provision of information, if registered to use its right to audit more than once a year. The data subject has the right to object to the processing of data concerning him and the disclosure of direct advertising, distance selling and direct marketing, as well as for marketing and opinion surveys to contact the controller. The data subject has the right to demand the correction of incorrect information by contacting the registrar.