Small Data Garden protects the privacy of data subjects and complies with the general data protection regulation of the European Union (2016/679) as well as other applicable and up-to-date data protection legislation and good data processing practices in all processing of personal data.
1. Register holder
Small Data Garden
Contact information regarding register
2. Purpose of personal data
Personal data is processed based on a registered customer relationship.
Personal data will only be processed for pre-defined purposes, which are as follows:
- Customer relationship management and offering products / services. In this case, the processing of personal data is based on an agreement between you or the company you represent and us.
- Customer relationship development. In this case, the processing of personal data is based on our legitimate interest in obtaining adequate and relevant information for the development of our services and the management of our business.
Informing about new products and offers. In this case, the processing of personal information is based on our legitimate interest in providing information as part of our service and in marketing other services to you.
3. Sources of information
Customer information is obtained:
- from the customer himself when a customer relationship arises
- purchase history
- contact with the customer during the customer relationship public information sources.
4. Personal data to be stored in the register
The customer register contains the following information:
- company name and business ID
- contact person
- telephone number
- information on purchased products / services, payment information, billing information, and marketing authorizations and prohibitions
- customer contacts and related correspondence information on communication, marketing and response to the data subject
5. Rights of the data subject
The data subject shall have the following rights, the exercise of which may be affected by sending a written, signed request to the controller using the contact details provided in point 1.
Right of inspection
The data subject can check the personal data we have stored.
Right to rectification
The data subject may request the correction of incorrect or incomplete information concerning him.
Right to object
The data subject may object to the processing of personal data if he or she feels that the personal data has been processed unlawfully.
Prohibition of direct marketing
The data subject has the right to prohibit the use of the data for direct marketing.
Right of removal
The data subject has the right to request the deletion of data if it is not necessary to process the data. We will process the deletion request, after which we will either delete the data or state a valid reason why the data cannot be deleted. It should be noted that the controller may have a statutory or other right not to delete the requested information. The registrar is obliged to keep the accounting material in accordance with the period (10 years) specified in the Finnish Kirjanpitolaki (Chapter 2, Section 10). Therefore, accounting material cannot be deleted before the deadline.
The right to transfer data from one system to another
In certain cases, you have the right to transfer the personal data you provide to us from one system to another, ie the right to receive your personal data in a structured, commonly used, machine-readable form and to transfer your personal data to another controller in accordance with applicable law.
Withdrawal of consent
If the processing of personal data concerning the data subject is based only on consent and not, for example, based on customer relationship or membership, the data subject may withdraw the consent. The data subject may appeal against the decision to the Data Protection Officer. The data subject has the right to demand that we therefore limit the processing of the disputed data until the matter can be resolved.
Right of appeal
The data subject has the right to lodge a complaint with the Data Protection Officer if he or she feels that we are in breach of the applicable data protection legislation when processing personal data. Contact information of the Data Protection Supervisor: www.tietosuoja.fi/fi/index/yhteoduction.html
6. Regulatory disclosures
We may disclose personal information to third parties:
– when our partners process personal information on our behalf on our behalf and in accordance with our instructions.
– as required by the competent authorities or other bodies, based on the legislation in force at the time.
7. Duration of processing
Personal data is generally processed for as long as the customer relationship is valid. In addition, we may retain some personal information to the extent required or permitted by applicable law after the termination of the customer relationship, for example, to comply with the Accounting, Consumer Protection and Product Liability Act.
The registered person can leave our marketing list by notifying by e-mail to: email@example.com
8. Processors of personal data
The controller and his staff process personal data. We may also partially outsource the processing of personal data to a third party, in which case we guarantee through contractual arrangements that the personal data will be processed in accordance with applicable data protection legislation and otherwise in an appropriate manner.
Use of the contact form
If you send us questions through the contact form, we will collect the information entered on the form, including the contact information you provide, to answer your question and any follow-up questions. We will not share this information without your permission.
Therefore, we will only process any information you provide on the contact form with your consent Art. In accordance with Article 6 (1) (a) of the GDPR. You can withdraw your consent at any time. An informal e-mail to firstname.lastname@example.org is sufficient. Data processed before the request is received can still be processed lawfully.
We will retain the information you provide on the contact form until you request that it be deleted, that you withdraw your consent to retain it, or that it is no longer intended to be retained (e.g., after completing the request). This provision does not affect all mandatory statutory provisions, those concerning mandatory data retention periods.
Use of our live chat support
You can use the live chat as a contact form to chat with our staff in near real time. At the start of the chat, personal data is collected.
- Date and time of the call,
- browser type/version
- IP address
- operating system used
- URL of the previously visited website
- amount of data sent
- First name, last name
- email address
Depending on the course of the conversation with our employees, further personal data may arise in the chat, which are entered by you. The type of data depends strongly on your request or the problem you describe to us.
All our employees have been and will be trained about data protection and on the safe and confidential handling of customer data. All our employees are bound to confidentiality and have accordingly signed an addendum to the obligation to maintain confidentiality and to observe data protection in their employee contracts.
We do not store chat records.
9. Data transfer outside the EU
Some of the service providers who work for us operate outside the EU or the European Economic Area (EEA), so when they process your personal data, the data must be transferred outside the EEA. In these cases, we will take the necessary safeguards as required by applicable law. This means: Personal data will only be transferred to countries which have been assessed by a decision of the European Commission as providing an adequate level of data protection (“Data Protection Adequacy Decision”). More information about Data Protection Adequacy Decision.
When a service provider operates in a country not covered by the “decision on adequacy”, separate contractual clauses adopted by the European Commission apply, which provide for the same level of contractual protection of personal data as within the EEA. For more information, please read this Commission Decision.
We may also use service providers in the United States who are committed to the so-called Privacy Shield Framework, which requires them to provide adequate protection for personal information shared between Europe and the United States. You can find more information about data protection here.
Personal information is collected in databases that are protected by firewalls, passwords and other technical means. The databases and their backups are located in locked premises and the data can be accessed by authorized and confidential persons.
Opposing campaign emails
We hereby prohibit the use of contact information published in connection with the statutory notices on the website for the purpose of sending promotional and informational materials that are not specifically requested. The webmaster reserves the right to take legal action if unsolicited promotional material, such as email spam, is received to any contact information found on this website.
The information collected by cookies and various tools is the property of Small Data Garden registrars and can only be used by Small Data Garden. Our partners act as data processors for and on behalf of Small Data Garden and do not use the data for their own purposes.
Only with the consent of marketing cookies can we disclose information to third parties. The use of this information is the responsibility of third parties as independent controllers in accordance with their own data protection policies.
We use the following cookies on our website:
We use Google Analytics to analyze error situations, usage volumes, and traffic to our website.
Third-party cookies (LinkedIn) allow us to target the user with up to date Small Data Garden marketing in LinkedIn. They also provide us with statistics on marketing and target groups. Retention periods for marketing cookies are the responsibility of third parties in accordance with their own privacy policies. Read more about LinkedIn’s marketing cookies.
Deleting cookie history and disabling cookies
Would you like to ask more? Contact us at email@example.com