1. Controller and contact person
Controller:
Power Tech Group Oy
Business ID:
2873711-9
Address:
Selkätie 18, FI-48810 KOTKA
Website:
www.powertechgroup.fi
Contact person for register-related enquiries:
Ilmari Viitaniemi
Selkätie 18
FI-48810 Kotka
ilmari.viitaniemi@kotkapower.fi
2. Name of the register
Customer register of Power Tech Group Oy
3. Purpose of the processing of personal data
The controller or a person authorized by the controller may use the personal data of customers or potential customers in accordance with the European Union General Data Protection Regulation. The personal data are used for the following purposes:
Management and development of Power Tech Group Oy’s customer relations, services, products and business concerns.
Advertising, marketing, direct response marketing, distance sales, providing and delivering products and services.
Billing, monitoring and collecting payments.
Developing the business and customer service of the controller, conducting opinion polls and market surveys.
4. Data content of the register
Data are collected and stored from customers and such potential customers who have given their consent for marketing or communication. Data are collected and stored for the purpose described above, and may include the following:
Basic customer data relating to contractual relations, such as name, business ID, customer number, contact information (incl. address, phone number, email address) and contact history.
Billing and payment information, such as billing address, billing group, payment term, billing method, account number, and information about payment behavior, such as transaction data and receivables.
Other information, such as customer feedback; permits or prohibitions of legitimate direct marketing, distance sales and other direct marketing; other information obtained with the consent or authorization of the customer or potential customer that is necessary for providing the service requested by the customer.
Data gathered during the use of services: visiting certain websites, purchase activity, searches, time and date of visits, frequency and duration of visits. Additionally, the browser used, type of device (e.g. computer or mobile device), IP address, time and duration of the session, screen resolution, and unique identifiers such as cookies or device IDs.
Interaction with company communications: we monitor the accessibility of our email communications by recording the views and clicks on our newsletters and mapping them to email addresses. We may also record other information gathered with the user’s consent for the same purpose.
5. Regular sources of information
The register is updated in connection with tenders, orders, contracts or other relevant contacts. Potential customer data are gathered for example in marketing events, contests and raffles.
All contacts to our customer service may be recorded. The recordings are used to verify the contacts, to process reclamations and to improve customer service and quality.
Personal data may also be collected, stored and updated from the register of the Digital and Population Data Services Agency or other data controller providing similar address or update services.
6. Data retention period
Personal data shall be retained only for as long as it is necessary to retain it in order to meet the purpose for which it has been collected in accordance with this privacy policy. Data relating to contracts are retained in principle for the duration of the customer relationship. After this, the data will be deleted, unless we are obligated to retain it either by law or by contractual rights and responsibilities.
The customer data of potential customers, collected with consent, are retained until the customer withdraws the consent. In case of external registers, the controller’s instructions are followed.
The data are deleted according to the deletion process of the controller. After contractual relations have expired, the controller may process personal data in accordance with direct marketing legislation.
7. Regular disclosure and transfer of personal data
Power Tech Group Oy does not disclose data in its customer register to third parties. Data may be disclosed only with the registered person’s consent. Data may be disclosed to authorities as required by existing legislation.
Data is not transferred outside the European Union or the European Economic Area.
8. Principles of protecting the register
The servers of Power Tech Group Oy’s data processing system are kept in a locked, fireproof space. Only authorized persons have access to the space. Using the system requires a username and a password. Users are assigned to groups, and access permits are granted on the basis of group. The system is backed up daily.
The data may be used by persons employed by Power Tech Group Oy or by persons employed by entities that have been authorized by Power Tech Group Oy, in order to complete their work tasks. Power Tech Group Oy requires that its personnel and business partners commit to non-disclosure of customer data.
Any physical material is stored in a filing space specifically appointed to the purpose. Only Power Tech Oy personnel have access to the space, and it is kept locked outside office hours.
9. The right to inspect, rectify and prohibit
Per the EU General Data Protection Regulation, the data subject has the right to inspect the data concerning him- or herself, and the right to demand rectification of erroneous data. Written requests for inspection or rectification are sent, with the data subject’s signature, to:
Power Tech Group Oy
Selkätie 18
FI-48810 Kotka
The data subject also has the right to prohibit the use of his or her information in direct marketing or distance sales by contacting Power Tech Group Oy’s customer service either in writing or by telephone. The data subject may also inspect the data on Power Tech Group Oy’s premises. The data subject’s identity will be verified before disclosing the data.