This is the Registration and Privacy Statement of Profile Vehicles LTD in accordance with EU General Data Protection Regulation (2016/679, “GDPR”) and applicable national legislation (including Finnish Data Protection Act 1050/2018). Created on 20.06.2019. Last change 12.02.2021.
1. Registrar
Profile Vehicles Oy
Yrittäjäntie 1
74130 Iisalmi
+358 17 821 7411
info@profilevehicles.com
2. Contact person responsible for the register
Johanna Repo
+358 44 721 7450
johanna.repo@profilevehicles.com
3. Register name
Profile Vehicles LTD Customer Register
4. Legal basis and purpose of the processing of personal data
The legal basis for the processing of personal data in accordance with the EU General Data Protection Regulation is
- the consent of the person (documented, voluntary, identified, informed and unambiguous)
- the legitimate interest of the controller (eg customer relationship, employment relationship).
Data is not used for automated decision making or profiling.
5. The information to be entered in the register’s data content
Register is: person’s name, position, company / organization, contact information (phone number, e-mail address, address), website addresses, IP address of network connection, information on subscribed services and their changes, billing information, other information related to customer relationship and ordered services.
6. Regular sources of information
Records to be recorded in the register are obtained from the customer. Messages sent via web forms, via email, telephone, contracts, customer meetings, and other situations where the customer delivers information.
7. Regular disclosure of data and transfer of data outside the EU or the EEA
The data are not regularly disclosed to other parties.
The data will not be transferred by the controller also outside the EU or the EEA.
8. Principles of Registry Security
The register is handled with care and the information processed by information systems is properly protected. Keeping registry information on Internet servers ensures that the hardware and digital security of their hardware is properly managed. The Controller ensures that the stored data, as well as server access and other critical information for the security of personal data, is treated confidentially and only by the employees whose job description it contains.
9. Right of Inspection and Right to Require Correction of Data
Each person in the registry has the right to verify the data stored in the register and to request the correction of any incorrect information or supplementation of incomplete information. If a person wants to check the data stored on him or needs to correct them, the request must be sent to the controller. The controller may ask the applicant, if necessary, to prove his / her identity. The controller is responsible to the customer within the timeframe provided for in the EU Data Protection Regulation (as a rule within one month).
10. Other rights related to the processing of personal data
The person in the register has the right to request the removal of personal data concerning him / her from the register (“right to be forgotten”). Likewise, the data subjects have other rights under the EU General Data Protection Regulation, such as restricting the processing of personal data in certain situations. Requests should be sent to the controller. The controller may ask the applicant, if necessary, to prove his / her identity. The controller is responsible to the customer within the timeframe provided for in the EU Data Protection Regulation (as a rule within one month).