PRIVACY POLICY

Updated 17th November 2018.

This is the privacy policy of Vesikaste Oy based on the Finnish personal information law (Henkilötietolaki 10 and 24 §) and EU’s General Data Protection Regulation (GDPR). Made on 01.09.2018 and valid until further notice.

We reserve the right to update this privacy policy as necessary. Our website is being developed constantly. We ask you to visit this privacy policy page from time to time.

By using the www.vesikaste.net contact form, registration, or webshop, you accept this privacy policy.

REGISTRAR
Vesikaste Oy, Murronkaari 7, 30420 Forssa, Finland
Business ID: FI29110369

PERSON RESPONSIBLE
Arja Lundeqvist c/o Vesikaste Oy,  Murronkaari 7, 30420 Forssa, Finland
Email: info@vesikaste.net

REGISTER NAME
“Verkkokaupan www.vesikaste.net ja www.vesikaste.fi rekisteri- ja tietosuojaseloste.”

PURPOSE OF THE REGISTER
Customer’s personal information is used to handle payments/billing and to maintain, handle, and develop customer relations, as well as to help with analysis, marketing, statistics, produce and offer services. Marketing messages might be sent via email, but very rarely.

INFORMATION STORED IN THE REGISTER
The register handles following types of information:

• First and last name
• Company name (if ordering as a company)
• Address
• Email address
• Phone number
• Order details and tracking codes
• Information declared by the customer related to handling customer relations and/or marketing

Information related to the customer can be handled, within the legal limits of the personal information law on the registers owned by Vesikaste.

PERSONAL DATA RETENTION TIME
Personal information will not be retained longer than necessary for its purpose, or demanded in a contract or law. Any physical material maintained manually will be destroyed by burning.

INFORMATION SOURCES COMPLIANCE
Information stored in the register is obtained from the customer though the order or contact forms, emails, phone, social media services, contracts, customer meetings and other situations when a customer hands over information.

DISCLOSING INFORMATION
Information in the register will not be handed over to 3rd parties, with the exception of technical administration of the webshop, for example server admins. The register data is not transferred or disclosed outside EU or ETA countries.

Personal information can be added to email service and cloud service administered by Microsoft, whose servers might be located outside EU. However, these services are committed to abide by the European Union’s GDPR.

PROTECTION OF THE REGISTER
The information system and files of the registrar have been secured using technical protection processes used widely in business transactions. Usage of the register requires a used ID and password which is in the sole possession of the responsible registrar person.

All databases are located within locked areas.

Information related to the orders made through the webshop can be found in the admin interface of the website, which is also protected with a strong password.

The website is hosted on a server of Louhi Net Oy.

Manually maintained physical material are located within areas restricted from irrelevant people.

CUSTOMER RIGHTS
As per the personal information law, a customer has a right to check, request to change or delete their own information stored in the register.

A check request must be sent in physical mail and with a signature, to the following address:
Arja Lundeqvist, Vesikaste Oy, Murronkaari 7, 30420 Forssa, Finland

A change or deletion request can be done by sending an email to us at info@vesikaste.net.