Privacy policy

 
 
 
1. The administrator of the register and its contact details:
Artezan Oy
PL 999
42011 BUSINESS LOCKER
Business ID 3462690-9
Tel: +358449555178
 
For more information on data protection and the processing of personal data, please contact us by email: toimisto@cbdarctic.com
 
2. The company responsible for the registry: Artezan Oy
 
3. Name of the register: Artezan Oy's customer register
 
4. The purpose of the processing of personal data or the purpose of the register: Customer relationship management and order processing.
 
5. Data content of the register What information may be collected about you:
-Name -Address details (street address, house/apartment/apartment number) -Postal and postal code -Email address -Phone number
What the data is used for: -To maintain loyalty -For order processing, delivery and archiving -To develop e-commerce services and improve the customer experience -For analytics -For targeted content and marketing -To prevent fraud -To improve customer service
 
6. Regular sources of information The customer's own declaration, the e-commerce ordering system and any purchases of customer data from third parties in accordance with Finnish law.
 
7. Principles of register protection Manual data are stored in a locked and electronically protected area. The computer-based system is kept in a locked room protected by firewall, user name and password protection.
The data is transmitted as necessary, both internally and externally, to the following groups: - Persons within the company who need the data to perform their duties; - Authorities as required by law (e.g. social welfare and tax authorities); - Partners and subcontractors necessary for processing orders and managing customer relationships (e.g. parties involved in paying for and delivering orders, such as Paytrail, Stripe, Posti, Matkahuolto).
Access to and use of the data contained in the register is restricted to predefined employees of the controller whose job description includes processing the data. These employees are bound by the obligation of professional secrecy.
 
8. Right of inspection and exercise of the right of inspection Data subjects have the right to inspect and obtain copies of the personal data stored in the register. The request for inspection must be made in writing and signed. The request for inspection must be submitted to the company responsible for the register.
 
9. Rectifying information and implementing the rectification of information The data subject has the right to request the correction of inaccurate information contained in the register. The request for rectification must be made in writing and be sufficiently specific. Requests for rectification shall be addressed in writing to the undertaking responsible for the register.
 
10. The right of prohibition The data subject has the right to object to the controller processing data relating to him or her for the purposes of direct marketing, distance selling and other direct marketing, market research, public opinion polling and genealogical research. The objection must be addressed in writing to the company responsible for the register.