Data protection statement in accordance with the general EU data protection regulation.
Stadin Katti Oy, Business ID: 2689418-8
Fredrikinkatu 55, 00100 Helsinki
Entity managing the register
Stadin Katti Oy
Fredrikinkatu 55, 00100 Helsinki
Name of the register
Nightwithcats customer register
Purpose and legal basis of the processing of personal data
The purpose of the processing of personal data is to manage and maintain the customer relationship between the company and the corporate customer, as well as marketing.
The information in the register is used for the company’s own direct marketing, unless the customer has prohibited direct marketing.
Purchase and transaction information processed in the register, as well as location information, can also be used for profiling and targeting
marketing measures and customer communications to register as interesting. The information will also be processed in connection with the sending of the newsletter and participation in events and other marketing activities.
The data will be processed in order to guarantee the legitimate interest of the controller.
If the data subject does not fill in the information requested in the contact form, the controller may not accept the data subject’s contact form and may not enter into an agreement between the data controller and the data subject.
Retention period of personal data
Personal data will be kept for as long as required by the measures related to the contact form completed by the data subject. The storage time depends on the information collected, e.g. According to the Accounting Act, billing information must be kept for six years. We will only retain the information on the contact form with the consent of the data subject.
Description of the registered group and information content
The register contains personal information about the company’s corporate customers.
The form information entered by the registrant himself may include e.g. email address, phone number, or address.
Regular sources of information
Information provided by the contact person as well as the customer information system and billing database.
As a general rule, personal data is not disclosed outside the organization. The personal information required by the accounting is handed over to the accounting firm used by Stadin Katti Oy.
However, personal data may be disclosed on the basis of an agreement between the customer and Stadin Katti Oy, the customer relationship between the customer and Stadin Katti Oy or the legislation in force, e.g. authorities.
Data will not be transferred outside the EU or the EEA.
Registry security principles
The data is kept technically secure. Access to information requires adequate rights as well as multi-stage authentication. Unauthorized access is also prevented e.g. firewalls and technical protection. Only the data controller and separately designated technical persons have access to the register data.
Only designated persons have the right to process and maintain the data in the register. Users are bound by professional secrecy. The registry information is backed up securely and can be restored when needed.
Rights of the data subject
The data subject has the right to inspect the personal data stored in the register and to receive copies thereof. The request for inspection must be made in writing and addressed to the party responsible for the register (see section Body responsible for the register).
The party maintaining the register shall correct, delete or supplement personal data in the register which is incorrect, unnecessary, incomplete or out of date for the purpose of processing, on its own initiative or at the request of the data subject. The data subject must contact the registrar’s registrar in writing to correct the information (see section Registrar).
To the extent that the processing of personal data is based on the data subject’s consent, the data subject has the right to withdraw the consent at any time. Withdrawal of consent shall not affect the lawfulness of any previous processing of the data.
The data subject has the right to lodge a complaint about the processing of personal data with the supervisory authority.