The General Data Protection Regulation (EU) (2016/679)
Henkilötietolaki (523/1999, Personal Data Act), articles 10 and 24
Updated 17 May 2018
88610 VUOKATTI, FINLAND
2. Contact person for matters relating to the register
88610 VUOKATTI, FINLAND
3. Name of register
SUOKONE - customer register
- a customer register based on customer relationships or other relevant connection
4. Purpose and legal basis for processing of personal data
Matters related to business operations and customer service.
5. Contents of the register
The register contains the following information about a data subject:
SUOKONE customer data
• Organisation: company name, address details, invoicing information,
email address, phone number, company ID, internet address, start and
end date of customer relationship, services connected to the organisation
• Contact person: name, email address, phone number and job title
Data about a person may also be collected through websites with their consent,
and this data covers actions such as visiting a company website, downloading
documents, viewing pages and filling in forms.
6. Regular sources of data
Personal information disclosed by the data subject themselves when in contact with
Suokone: business cards, emails, phone calls, trade fairs, seminars, client visits,
visits to Suokone or sales organisation by the client.
Data subject’s requests for information through websites.
Data obtained from other sources:
BIS (Business Information System): client organisation’s business ID and basic
informationSuomen Asiakastieto Oy: verifying the accuracy of a client’s identifying
Finnish Patent And Registration Office: client organisation’s register number and
Fonecta Oy: other information about the client, such as industry, office locations
and contact information.
7. Regular destinations of disclosed data
In order to produce services, identifying information may be disclosed within legal
boundaries to partners of Suokone Oy, such as different organisations in
a supply chain.
8. Transfer of personal data outside the EU or EEA
Personal data obtained from EU and EEA countries will not be transferred outside
the EU and EEA. Data obtained from other countries may be disclosed to a supply
organisation in these countries.
9. Data file security principles
a) Hard copies
Documents containing clients’ personal data are stored in a locked filing cabinet in
an office where unauthorised access is prohibited.
b) Electronic copies
The network and hardware on which the register is stored are secured and
protected by firewalls, passwords and other generally accepted technology.
10. Right of access
Customers have the right to check their information. Suokone aims to reply to
requests to access personal data within 72 hours on weekdays.
11. Right to rectification
Customers have the right to demand the rectification or erasure of their data.
Suokone aims to rectify inaccurate data within 72 hours on weekdays.
Requests concerning the execution of the rights of a data subject must be
submitted to the contact person mentioned in this statement.
12. Other rights related to processing of personal data
Requests for more information about processing of personal data must be
submitted to the contact person mentioned in section 2.