This is a Privacy Statement in accordance with Positive Power Finland Ou's EU General Data Protection Regulation (GDPR). Prepared on June 20, 2021.
Positive Power Finland Ou, Company ID 16251224, Hämeentie 68 B A7, 00550 Helsinki
Person responsible for registration matters
Name of the registry
Positive Power Finland customer register
Legal basis and purpose of the processing of personal data
The person has registered as a customer of Positive Power Finland Ou after purchasing goods or subscribing to a newsletter from the online store.
The legal bases for processing with you are the performance of the contract with you, the legitimate interest and consent you have given, and statutory obligations. Personal data to the extent permitted and protected by data protection law. Data is collected from registrants themselves in connection with purchase transactions and newsletter subscriptions, as well as by observing the use of the service.
Positive Power Finland Ou has the right to use the information contained in the customer register in electronic or written form, unless the customer specifically prohibits it. The list means, for example, mailing labels for direct mail. The customer has the right to refuse to disclose the information to Positive Power Finland's customer service by e-mail email@example.com or to the registrar.
Information to be processed for the implementation of the agreement
We process your personal information to maintain a customer registry and to archive and process orders, including billing, package tracking and customer relationship management.
Information to be processed on the basis of a legitimate interest
We process information from your purchase history for business development and statistical purposes. In addition, this information may be used to produce more personalized targeted content on our online services and to target advertising. In this case, data processing also includes profiling.
Information to be processed on the basis of consent
If you block or disable the setting of mandatory cookies on your computer, some e-commerce features may not work.
Newsletters will also be sent with your consent and you may cancel the newsletter at any time.
Information to be processed on the basis of legal obligations
Information on orders and returns is processed to fulfill obligations under the Accounting Act and the Consumer Protection Act.
Information contained in the register
The personal register contains the following information:
The person's first and last name
Details of processed orders and returns
Order delivery and tracking information
Payment information, such as billing information and selected payment method, as well as information required for credit
Marketing Communications Permissions and Prohibitions and Newsletter Subscriptions
Customer service messages
Disclosure and transfer of information
The information in the customer register is only used by Positive Power Finland, except when Positive Power Finland uses an external service provider either to provide a value-added service, arrange the transport of parcels, mediate payments and support a credit decision. Some registry information may be transferred to partner servers due to technical requirements. Personal data will not be transferred outside the European Union unless it is necessary to ensure the technical implementation of Positive Power Finland or its partner.
The information will not be disclosed outside Positive Power Finland or for the personal use of its partners, except in matters related to the transport of parcels, payment intermediation, credit applications, collection or invoicing, and when required by law.
Deletion of data
The personal data of the data subject shall be destroyed upon request, unless the deletion of the data is prevented by law, open invoices or recovery measures. Otherwise, we will retain customer relationship information for 6 years from the most recent order. Due to accounting, consumer or other mandatory legislation, the data may have to be kept even after the end of the customer relationship or other basis for processing personal data.
Registry security principles
The register shall be handled with due care and the data processed by the information systems shall be adequately protected. When registry data is stored on Internet servers, the physical and digital security of their hardware is adequately addressed. The controller shall ensure that the data stored, as well as the access rights to the servers and other information critical to the security of personal data, are treated confidentially and only by the employees whose job description it belongs to.
Right of inspection and other rights of the data subject
Every person in the register has the right to check the information stored in the register and to request the correction or correction of any incorrect or incomplete information. Under certain conditions, you also have the right to request that the processing of your data be restricted or to object to the processing of your data, for example for direct marketing, and to request the deletion of your data.
If the data subject wishes to verify the data stored about him or her or exercise his or her other rights, the request must be sent in writing to the data controller. If necessary, the controller may ask the applicant to prove his or her identity. The controller will respond to the customer within the timeframe set out in the EU Data Protection Regulation.