The present is the register and data protection regulation of Brunberg Oy according to the GDPR of EU. Established on November 9, 2020.
1. Controller of personal data
+358 19 548 4200
2. Contact person responsible for the personal data
3. Name of register
Customer and marketing register for Brunberg Oy’s webshop
4. The purpose of the register
Maintenance of the customer and marketing register of Brunberg Oy, management and archiving of the purchases of the customers, maintenance of customer relations, information about services to customers and development and maintenance of the webshop. The data can be used for developing the activities and for statistics. The personal data are processed according to the personal data act regulation.
5. Grounds for the register
Any person who has purchased products from the Brunberg Oy webshop (www.brunberg.fi) as a registered or non-registered customer. The customer has voluntarily been added to the e-mail list in connection with the purchase from the webshop.
6. The register includes, at the most, the following:
Name and surname of the customer, address, phone number, e-mail address and information about the purchase. The register includes only the information the customer has submitted to Brunberg.
7. The principles of the personal data protection
When processing the Brunberg Oy personal data register we observe adequate care and ensure that the data processed in information systems are duly protected. When data is stored on Internet servers, the physical and digital information security of the server is adequately handled. The controller ensures that the stored data and the administration of the server, as well as other critical information concerning the security of the personal data, are treated confidentially and only by competent personnel.
8. The right to inspect and demand correction of data
Each person in the register has the right to inspect his or her information in the personal data register and to demand correction of possible errors or completion if incomplete data. If a person wants to inspect the stored information or demand a correction, a written request must be sent to the contact person of the personal data. The contact person may, if necessary, request identification. The contact person will reply to the applicant within the time frame stipulated by the Data Protection Regulation of the EU (usually within one month).
9. Other rights concerning processing of personal data
Persons included in the register have the right to request that the data concerning him or her be deleted (“the right to be forgotten”). The person also has other rights, e.g. restriction of the processing of personal data in certain circumstances. A written request must be sent to the contact person of the personal data register. The contact person may, if necessary, request identification. The contact person will reply to the applicant within the time frame stipulated ty the Data Protection Regulation of the EU (usually within a month).