This Privacy Notice describes how we handle the personal data of our customers, suppliers and other cooperation partners at Ampner Oy. The protection of personal data is very important for us and we process personal data in accordance with the applicable data protection legislation.
1. The controller
Ampner Oy (2470226-9)
Contact details for privacy matters:
Ampner Oy / Niclas Snellman
+358 40 5578436
2. Registered subjects
The private cooperation partners and the contact persons of the current and potential corporate customers, suppliers and cooperation partners are registered.
3. Purpose and basis of the processing of personal data
The purpose of the processing is to manage the customer, supplier and other cooperation partner agreements and relationships. The processing of personal data is necessary for the fulfilment of the agreements, the actions required before the agreement and the legal requirements, and for the purposes of the legitimate interests pursued by the controller in connection with the customer service and marketing.
- Data stored in the registry
Only such personal data of the private cooperation partners and the contact persons of our corporate customers, suppliers and other partners is registered which is necessary for the processing:
- Given and family names of the individual
- Contact information
- Employer information
- Consent for direct marketing
- Information to support marketing and sales
- Information for managing the customer relationship
- Electrical data sent to the servers of the controller (e.g., IP address, cookies)
5. The rights of the individual
The individual has the following rights, and all requests to exercise these rights shall be directed to email@example.com:
The right to access stored data
The individual can access his/her personal data we have stored.
The right to rectify the stored data
The individual can request to rectify the faulty or incomplete personal data.
The right to object the processing of the personal data
The individual can object the processing of the personal data under the suspicion of unlawful processing of the data.
The right to forbid direct marketing
The individual has the right to forbid the use of personal data for direct marketing.
The right to erase personal data
The individual has the right to request erasure of his/her personal data, in case the need to process such information is no longer necessary. We shall process the request and either erase the data or inform the individual a justified reason for not erasing the personal data in the registry.
It should be noted that the controller may have a legal requirement or right not to erase the personal data.
Withdrawing the consent to process data
If the personal data is being processed solely on the basis of the consent by the individual, the individual may withdraw his/her consent.
The right to file a complaint
The individual has the right to request to limit the use of the disputed personal data until the matter has been resolved.
The individual has the right to file a complaint to the Data Protection Ombudsman in case of suspicion of us breaking the current data protection legislation while processing the personal data.
Contact information for the Data Protection Ombudsman: https://tietosuoja.fi/en/home
6. Regular sources of personal data
The personal data shall be collected from the individual, the customers, the suppliers or other cooperation partners when forming the customer relationship or through services provided by the controller or by various sales and marketing events. The personal data may also be collected from the registries of other companies belonging to the group of the controller or through companies offering services related to personal data. You can also leave information on our web page through the contact form.
7. Regular transfer of personal data
Personal data is not transferred outside the controller for marketing purposes. The processing of personal data may be partly outsourced to a third party e.g. due to IT support or accounting. In such cases the protection of personal data shall be secured through appropriate agreements.
8. Duration of the processing the personal data
Personal data is processed only as long as it is necessary for the operations of the controller.
9. Processors of personal data
Personal data will only be processed by the controller’s employees and sub-contractors who need the personal data to perform their work. The personal data has been appropriately secured by technical and organizational measures. Personal data in electric form is secured by tokens, fire walls etc. and papers are stored in locked premises in locked drawers.
10. Transfer of personal data outside EU
The personal data shall primarily not be transferred outside EU or the European Economic Area. However, the data may need to be transferred in some cases outside the EU/EEA. In such case a sufficient level of data security is ensured by applying protection measures to the transfer in accordance with the data protection legislation.
11. Automated decision making and profiling
We shall not use the personal data for automated decision making or profiling.