Ottipeli Private Company
Contact person for registry matters
Name of the register
Purpose and justification of the processing of personal data
The purpose of processing personal data in the register is to provide Ottipeli services to its customers. Personal data may be processed, to the extent permitted by the EU Data Protection Regulation and the Personal Data Act, for the management, development, analysis (including targeted verification and security measures), and in addition to complying with any legal obligation. In addition, Ottipeli may use personal information to target sales and marketing in a personalized manner, or for other digital marketing purposes.
The processing of personal data is based on the approval of the processing of personal data by the web service user. In other cases, the processing is justified because the online service user has voluntarily entered his or her personal information into the service in order to use the services of Ottipeli.
Information content of the register
The register contains personal information entered by the customer, as well as information generated by the customer upon request or with the consent of the service. As a registered user of the Service, the following personal data will generally be processed:
Information about customer orders, shipments and returns.
Regular disclosure of information
The information may be disclosed to Ottipeli’s service providers for the purpose of storing and maintaining the information, charging fees or performing customer-ordered services. Information may also be disclosed to the authorities for the performance of their statutory duties or upon request. In addition, when upgrading or repairing a service, experts subject to a maintenance contract and confidentiality may be called upon to provide access to customer service information for the service, if necessary. A copy of the Service may be made including the personal information of the Service Users for quality assurance purposes for development and maintenance purposes.
Transfer of data outside the EU or the EEA
Information will not be disclosed outside the EU or the EEA.
Registry security principles
The register is not kept in hard copy, but the customer information is stored electronically in the data centers of Ottipeli or its service providers. The customer register is handled confidentially. Access to the customer register is restricted to Ottipeli employees and subcontractors, who are bound by a confidentiality agreement and whose duties require the use of the register.
The registry is adequately secured from outside by firewalls as well as other technical and organizational safeguards. Please note, however, that any service provided over the Internet is not completely secure.
Rights of the data subject
Ottipeli guarantees the data subjects all the legal rights they have with regard to the processing of their personal data. These include in particular the right of access, the right of access, the right to have their data rectified and transmitted, the right to have their data deleted (forgotten) and the right to limit processing.
The right of a data subject to have his or her data deleted is not exclusive. The game may be withheld if its processing is necessary to comply, for example, with a legal obligation, to verify a contractual obligation, to provide information on potential security risks, or for any other similar justification. However, Ottipeli does not actively process personal data if the data subject denies it.
If the data subject wishes to exercise their legal rights, the data subject must prove his / her identity and submit his / her request to Ottipeli in writing. The contact details are listed above in section 1 (Registrar). The data subject acknowledges that if the processing of his / her personal data is restricted or completely erased, it will restrict or may prevent the provision of services.
Retention period of data
Customer information is retained for the duration of the customer relationship. Customer information will be deleted after that customer has not logged in for three years. If it is necessary to preserve the information for the purpose of fulfilling its statutory obligations (eg accounting obligations), the retention period shall be 10 years or such other period as may be expressly provided for by law.
Ottipieli regularly examines and evaluates the use of customer data as part of its business development and possible legislative changes. Ottipeli has the right to unilaterally change this Privacy Statement by informing you of the benefits
© 2020 Ottipeli