This is the Company and Personal Data Act (Articles 10 and 24) and the EU General Data Protection Regulation (GDPR) and the Privacy Policy. Done at 24.05.2018. Latest change 24.05.2018.

1. Controller

Ideamarket Oy, Vapaalantie 8, 01650 Vantaa

2. Contact person responsible for the register

Juhana Palmunen,
support@ideamarket.fi
+358 10 504 7388

3. Name of the registry

Online Service User Register.
The customer register.

4. Legal basis and purpose of processing personal data

The purpose of the processing of personal data is marketing activities, communicating with customers, maintaining customer relationships and using the online service.

5. Content of the register

The information you need to store in the register is: person’s name, company / organization, contact information (phone number, email address, address, IP address), information about subscribed services and their changes, billing information, other customer relationship and subscribed services information.

6. Regular sources of information

The information to be recorded in the register can be obtained from the customer. messages sent via web forms, email, telephone, contracts, customer meetings, and other situations where the customer discloses their information.

7. Regular disclosure of data and transfer of data outside the EU or the EEA

The information is not regularly disclosed to other parties. The information may be published to the extent agreed with the customer.

8. Principles of Registry Security

The registry is handled with care and the information processed by information systems is properly protected. Keeping registry information on Internet servers ensures that the hardware and digital security of their hardware is properly managed. The Controller ensures that the stored data, as well as server access and other critical information for the security of personal data, is treated confidentially and only by the employees whose job description it contains.

9. Right of inspection and right to demand the rectification of information

Every person in the register has the right to check the information stored in the register and to request the correction of any incorrect information or supplementation of incomplete information. If a person wants to check the information stored on him or her to claim correction, the request must be sent in writing to the controller. The controller may ask the applicant, if necessary, to prove his / her identity. The controller is responsible to the customer within the timeframe provided for in the EU Data Protection Regulation (as a rule within one month).

10. Other rights related to the processing of personal data

The person in the register has the right to request that the personal data concerning him / her be removed from the register (“the right to be forgotten”). Likewise, the data subjects have other restrictions on the processing of personal data in certain situations. Requests must be sent in writing to the controller. The controller may ask the applicant, if necessary, to prove his / her identity. The controller is responsible to the customer within the timeframe provided for in the EU Data Protection Regulation (as a rule within one month).