VK-Products

Menu

Privacy policy

Privacy Policy

  1. Data Controller and Contact Person for Data Protection Matters
    Name: VK-Products Oy
    Business ID: 1852748-4
    Address: Elontie 9, 50600 Mikkeli
    Contact Person: Vesa Kääriäinen
    Phone Number: +358 40 595 1515
    Email: vesa.kaariainen@vk-products.fi
  2. Name of the Register
    The name of the register is VK-Products Oy’s customer register.
  3. Purpose of the Register
    The personal data collected is used to manage and administer customer relationships, process and deliver orders, archiving, service development, billing, and financial administration. Personal data is also processed in connection with handling complaints and other claims. Additionally, personal data is processed in customer-specific communications, such as for information purposes and marketing, including electronic direct marketing.
  4. Legal Basis for Data Collection and Processing
    The legal bases for processing personal data are as follows, in accordance with the EU General Data Protection Regulation (GDPR):
    ● The explicit consent given by the customer for the use of data for one or more specific purposes (Article 6(1)(a))
    ● The performance of a contract or pre-contractual measures taken at the request of the data subject (Article 6(1)(b))
    ● The legitimate interests pursued by the data controller or a third party (Article 6(1)(f))

The legitimate interest is based on a meaningful and relevant relationship between the data subject and the data controller, arising from the data subject being a customer of the data controller. Additionally, the processing must occur for purposes that the data subject could reasonably expect at the time of data collection and in connection with the customer relationship.

  1. Contents of the Register
    The customer register contains basic and contact information provided by the data subject (first name, last name, street address, postal code, city, country, email address, phone number), preferred language and currency used during transactions. For business customers, the company name and business ID are also recorded. In addition, information generated through the use of services is stored, including order history, online store usage and browsing data, and device identifiers such as IP addresses. Consent for or prohibition of direct marketing is also recorded.

Third-party payment and delivery services are used in the online store. Service providers process personal data for order fulfillment, service development, statistics, customer service, and to meet obligations based on legal requirements or regulations from authorities.

  1. Retention Period of Data
    Personal data is retained as long as necessary to fulfill the purposes mentioned in Section 3. Some data may be retained for a longer period as required to fulfill legal obligations (e.g., accounting and consumer sales obligations).
    Personal data is retained as long as necessary to fulfill the purposes of the register.
  2. Regular Sources of Data
    The data in the register is collected directly from the data subject and through the use of online services.
  3. Regular Disclosures and Transfers of Data Outside the EU or EEA
    Contact information necessary for payment and delivery processing is shared with service providers maintaining these services to enable the functioning of the online store, as well as with analytics and statistics partners. Other data is not disclosed to third parties.

Subcontractors and servers where data is processed may be located outside the EU/EEA. The data controller does not otherwise transfer personal data outside the EU/EEA.

  1. Data Security
    The data controller ensures that personal data is processed, transferred, and stored with sufficient security measures. Data is transmitted via SSL-secured connections. Digitally stored data is protected by firewalls, user credentials, and passwords. Access to the data is restricted to those employees of the data controller who require it for their duties.
  2. Cookies, Web Analytics, and Targeted Marketing
    The online store uses cookies to provide the best possible user experience for visitors. Cookies are short text files stored on the user’s device by the web server. Cookies provide service providers with information about how users interact with the site.

The data controller may use cookies to develop services and the website, analyze usage, and target marketing. Users can consent to or block the use of cookies through their web browser settings. If you do not wish to have information collected about you through cookies, most browsers allow you to block cookie usage. However, some aspects of the service may not be usable without cookies.

  1. Rights of the Data Subject
    Under the EU General Data Protection Regulation, the data subject has the following rights:
    ● The right to access personal data, including:
    o the purposes of processing
    o the categories of personal data concerned
    o recipients to whom the personal data has been disclosed or will be disclosed
    o the intended retention period for the personal data, or if not possible, the criteria used to determine the retention period
    o if the data was not collected directly from the data subject, any available information about the source of the data

● The right to withdraw consent for the use of their data at any time
● The right to request rectification of inaccurate or incomplete personal data without undue delay
● The right to have incomplete personal data completed, including by providing additional clarification, taking into account the purposes for which the data is processed
● The right to lodge a complaint with a supervisory authority
● The right to request the data controller to delete inaccurate, outdated, or unnecessary personal data, or if the processing violates the GDPR.

Requests for the exercise of data subject rights should be directed to the contact person of the data controller mentioned in Section 1. Written requests for data inspection must be signed and sent to the person responsible for register matters. The right of access is free of charge if exercised no more than once per year.

The data subject has the right to object to the use of their data for direct marketing purposes.

Updated: 1st October 2024

 

 

Shopping Basket