Data controller:

Name of the register:

SoundByNature Oy’s online store customer register.

Purpose of processing personal data:

Personal data is processed for the purpose of maintaining and managing customer relationships with our online store customers, such as for customer relationship-related communications and marketing purposes. 

Data content of the register:

The following information is stored in the register: The customer’s first and last name, customer number, address details, telephone number, email address, website address, information on marketing permissions and restrictions, information on the customer’s purchases, deliveries, and discounts, and any user IDs and passwords.

Regular sources of information:

The controller registers information about online store users that the users themselves provide when using the website.

Regular disclosure of information:

The data is used solely for customer relationship management purposes and is not regularly disclosed to external parties. However, the data may be disclosed in connection with activities related to the technical administration of the online store (e.g., administration of the server or online store platform), for the delivery of orders, for the collection of unpaid invoices, and to authorities when required by law and permitted by law.

Transfer of data outside the EU or the European Economic Area

No data will be transferred outside the EU or the European Economic Area.

Storage and disposal of data

Customer register data is stored for the duration of the customer relationship. However, order, invoicing, and payment data is stored in the same way as other accounting data. Data that is no longer needed is securely destroyed.

Use of cookies

We may use cookies to track visitor traffic and improve the quality of our service. Cookies are stored on the user’s computer. Cookies have a limited validity period and do not cause any damage to the user’s computer.

Principles of register protection

The customer register is treated confidentially. The register is appropriately protected from outsiders by firewalls and other technical safeguards. The register is stored only in electronic form, and any occasional paper printouts are destroyed immediately and appropriately.

The register is only used by persons whose job description includes its use and who are bound by confidentiality obligations. Each user of the register has a personal user ID and password. 

Right of inspection

In accordance with the Personal Data Act, everyone has the right to inspect the information stored about them in the personal register. Requests for inspection must be sent in a document signed by hand or certified in a similar manner, or presented in person at our office. Requests should be sent to the contact person mentioned above, who is also responsible for responding to any requests for additional information.

Updating information

Customers can update their name and address details in their online store profile. Customers can also contact our contact person mentioned above to update their details.

Other rights related to the processing of personal data

The customer has the right to prohibit the processing of their data for marketing purposes. Requests to restrict data processing must be submitted by email to the contact person for the register.