Business ID: 2784960-2
In matters of Data protection and Customer Register, please contact:
email@example.com, 020 127 7840
In all matters of us holding and using personal customer details as well as questions about customer rights, we suggest you contact the above mentioned person.
Name of the register:
The e-commerce customer register of Tella Ltd.
Legal basis and purpose of the processing of personal data:
The processing of personal data shall be based on the legitimate interests of the controller and / or the consent of the data subject. Customers have a meaningful relationship with the controller because of the customer relationship. The processing of personal data is based on the customer relationship (agreement), the customer’s consent or the exercise of rights and obligations arising from contracts between the controller and the customer.
We use personal information to process e-commerce orders and to manage and develop customer relationships.
We also collect personal information for direct marketing with the customer’s separate consent.
We do not make customer profiling or automated decisions.
Information content of the register:
We only collect personal information from registrants that is relevant and necessary for the purposes described in this privacy statement.
In our customer register we hold the following information:
- telephone number
- e-mail address
- web address
- user ID and password
- marketing authorizations and prohibitions
- communications language
- purchases and deliveries
Regular sources of information
As a rule, the above information is obtained from the data subject himself. The information is obtained by contacting the data subject via telephone, email or feedback forms, or through messages or other similar communications to social channels.
Regular disclosures and transfers of data outside the EU or the EEA
As a rule, the data of the data subject is not disclosed to third parties. However, the information may be disclosed to third parties authorized by Tella Ltd, who may use the information only for the purposes described in this privacy statement. Authorized third parties only deal with customer relationship management: order placement, payment services, or e-commerce technical management activities such as server or e-commerce platform management.
As a general rule, customer register data are processed only within the EU. If necessary, we may outsource the processing of personal data to an authorized company outside the EU or EEA, such as the United States. In this case, personal data will be processed in connection with the provision of IT services or newsletters. Tella Ltd undertakes to comply with applicable laws when transferring personal data to the United States or elsewhere outside the European Union.
Retention period of data
Customer register information is maintained for the duration of the customer relationship. Order and payment information is processed and retained as required by accounting law. The necessity of the registry’s personal data is assessed regularly, as a rule every two years. Unnecessary data will be deleted and incorrect data will be corrected.
Register security principles
We handle customer register information with care and confidentiality. We have adequately protected the register with technical safeguards. We actively monitor and maintain software security.
Recipients of information and information disclosure
The controller shall ensure that the processing of the data is carried out only by the representatives of the controller with a view to their job description. Those who use the register are bound by the obligation of confidentiality. Data may also be processed on a case-by-case basis by other representatives of persons processing personal data under an agreement with the controller, if this is necessary to fulfill the purpose for which the personal data are processed. Information is not routinely disclosed to third parties.
Rights of the data subject
Access to your own information
The data subject shall have the right of access to his or her personal data contained in the register on a written request signed by the data subject. The request must be forwarded to the person responsible for the register, cf. contact details above.
Correction of data
The data subject has the right to request correction of the erroneous information by contacting the person responsible for the register, cf. contact details above.
Withdrawal of consent and deletion of data
If the processing of personal data is based on the consent of the data subject, the data subject may at any time revoke his or her consent by contacting the controller, cf. contact details above. After the cancellation, the processing of personal data based on consent will cease.
Right to limit processing
The data subject has the right to restrict the processing of their personal data under the conditions provided for by the data protection rules. For example, if the data subject has stated that their personal data is inaccurate, the data subject has the right to request that their data processing be restricted until the accuracy of the data is verified.
The right to transfer data between systems
The data subject has the right to transfer data from one system to another under the conditions provided for by the data protection rules.
The right to object to the processing of personal data
The data subject has the right to object to the processing of his or her personal data on the basis of his or her personal situation, under the conditions provided for by the data protection rules.
Right of appeal to the supervisory authority
The data subject may lodge a complaint against the processing of their personal data with the Data Protection Officer. For more information, see www.tietosuoja.fi/en/home.
Customer can update their name and address information from the E-Commerce Profile view or by contacting the person responsible for the register.