Privacy statement

JS Nicca Oy customer, order, invoicing and marketing data register.

Data protection and Registry statement in accordance with the General Data Protection Regulation on the protection of natural persons in the processing of personal data and on the free movement of this data

Registrar

JS Nicca Oy, social security number 16273097
Pihatörma 1 B, 02240 Espoo
Juha Hongell: 044 3477799

Principles regarding the processing of personal data

We comply with the following requirements regarding personal data:

a) they must be processed lawfully, properly and transparently from the point of view of the data subject ("lawfulness, reasonableness and transparency");

b) they must be collected for a specific, specific and lawful purpose and must not be subsequently processed in a manner incompatible with those purposes; subsequent processing for archival purposes in the public interest or for scientific or historical research purposes or statistical purposes is not considered incompatible with the original purposes in accordance with Article 89(1) ("use-purpose binding");

c) personal data must be relevant and relevant and limited to what is necessary in relation to the purposes for which it is processed ("data minimization");

d) personal data must be accurate and, if necessary, updated; must take all possible reasonable measures to ensure that personal data that are inaccurate or incorrect in relation to the purposes of the processing are deleted or corrected without delay ("accuracy");

e) they must be kept in a form from which the data subject can be identified only for as long as is necessary to fulfill the purposes of data processing; personal data can be stored for longer periods if the personal data is processed only for archival purposes in the public interest or for scientific or historical research purposes or statistical purposes in accordance with Article 89, paragraph 1, provided that the appropriate technical and organizational measures required by this regulation have been implemented to protect the rights and freedoms of the data subject ("storage restriction');

f) they must be processed in a way that ensures the appropriate security of personal data, including protection against unauthorized and unlawful processing and against accidental loss, destruction or damage using appropriate technical or organizational measures ("integrity and confidentiality").

The customer has the right to find out if his personal data has been stored in the system, the right to correct it, and the right and conditions to have it deleted. Data will not be processed outside the EEA area, e.g. anonymous web analytics (Google Analytics, Facebook etc.). The data is stored until the customer requests its deletion. Storage is done for e.g. web analytics (statistical reasons) and e.g. to facilitate placing a new order (customer interest).

Purpose of the register

The purpose of the register is customer contact, maintenance and development of customer and business relationships, and use for reporting and statistical purposes. JS Nicca Oy uses this and other information generated during the customer relationship to plan the product and service offering and to target the offer.

Personal data is used within the framework permitted and required by the Personal Data Act. The register will not be handed over to outside parties.

The e-mail address of those who subscribed to the newsletter is used to send the newsletter. The information of those who fill out the contact form is used to respond to the contact.

Information contained in the register

The customer register consists of several separate registers compiled according to the main purpose of use. Together, these customer data form the data sets stored about the customer as follows:

• The customer's contact information and the information that enables ordering: first and last name, street address, zip code, post office, country, language, phone number, email address and social security number. For company, association and community customers, company name and business ID.
• Customer group information, discount category and other customer-specific additional information.
• Billing address and other billing information.
• Possible consent to send direct marketing.
• Information about customer orders, deliveries and returns.
• Identifiers required to log into the service.
• IP address information or other identifier.
• Other textual information related to the customer, such as the purpose of the contact request or the desired delivery time of the order.

The registrant's personal data will be destroyed at the user's request.

Data transfer and transfer

Information will not be passed on, except when required by official actions. Due to data processing, some of the data may be located at the company's subcontractors.

Regular sources of information

The register's contact and customer information is obtained from notifications made by the customer to the controller when and during the creation of the customer relationship. A customer relationship is created when a customer registers for the service, places an order, orders direct marketing or makes a purchase. The customer relationship can also be started at the customer's request, e.g. based on a telephone conversation.

Information on the customer's creditworthiness at the time of the order is obtained from the system of Suomen Asiakastieto Oy (business ID 0111027-9).

Anonymous web analytics

To collect anonymous information about internet roaming, we can use e.g. the following tools and services:

• Google Analytics
• Facebook Pixel
• Microsoft Bing Ads

Legal basis for processing personal data

There must be a legal basis for the processing of personal data. We process personal data for the purpose of someone's consent (e.g. subscribing to a newsletter), a contract (e.g. placing an order), a legal obligation of the data controller (e.g. products that require a legal permission to possess or use), protection of vital interests (e.g. training or a course that is required of participants information related to personal health), the legitimate interest of the controller or a third party (e.g. web analytics).

Cookies

Our website uses cookies, which allow us to develop our website for you. The purpose of cookies is to improve and speed up the shopping experience. Cookies can also be used to offer better offers and more personalized product recommendations to the customer. A cookie is a small text file that the web server stores on the user's hard drive. Some of the site's content may require accepting cookies in order to function. The user's web browser probably accepts cookies with ready-made default settings, but the user can also prevent the use of cookies from the browser settings or by deleting cookies from the browser after using the service. More information about browser-specific usage can be found in the browser manufacturer's instructions.

Registry protection

Access to the register requires special access rights. The right of use is limited only to information necessary for the person's job duties and requires the use of personal usernames. The customer register and the information system equipment that processes it are located in closed computer rooms. Hardware and software updates are handled regularly and appropriately, and possible threats are responded to immediately. In case of disturbances, the information is regularly verified by copying. The system is protected by a firewall against outside communications.

Employees handling customer register data are bound by the duty of confidentiality. Information is shared or disclosed to outsiders only due to a statutory notification obligation, such as the customer's own request or an authority's statutory request.

Other registers

Account information for customers' payment credits. The register enables payment refunds to be made. Responsible person Juha Hongell
Register of pre-paid and acknowledged pick-up orders. The register is kept to speed up the delivery of pick-up orders.