Privacy Policy

1. DATA CONTROLLER

ITK Community and JS-Mandat Ltd Oy
Ortelantie 5 B 22, Hämeenlinna
Phone: +358 400 481250
Email: info@mandat.fi

2. CONTACT PERSON

Jorma Saarinen
Phone: +358 400 481250
Email: jorma.saarinen@mandat.fi

3. DATA PROCESSOR

JS-Mandat Ltd Oy
Email: info@mandat.fi

4. NAME OF THE REGISTER

  • Customer Register and Newsletter Subscribers of ITK Exhibition
  • Customer and Subscriber Register of ITKshop.fi Online Store
  • Customer and Subscriber Register of netbook.fi Online Store

5. PURPOSE OF PROCESSING PERSONAL DATA

Personal data may be processed within the ITK Community and Mandat Oy for the following purposes:

  • Managing and developing customer relationships or providing services
  • Developing customer service and business operations for the benefit of the customer
  • Sharing marketing information about ITK
  • Analysis and statistics
  • Opinion and market surveys
  • Other similar purposes

Personal data is processed for purposes compliant with Section 19 of Chapter 4 of the Personal Data Act (Point 3).

6. CONTENT OF THE REGISTER

The customer register contains information about customer organizations necessary for providing services and delivering the service. This includes, but is not limited to, the following information:

  • Company name, business ID, company form, industry, domicile, and contact details
  • Names, positions, and contact details of individuals working in the company

7. REGULAR SOURCES OF INFORMATION

Information about the customer is regularly obtained:

  • Directly from the customer via phone, internet, email, or other similar means
  • From public and private registers
  • By retrieving information directly from company websites

Personal data is obtained for purposes compliant with Section 19 of Chapter 4 of the Personal Data Act (Point 3).

8. PLANNED RETENTION PERIODS FOR DATA GROUPS

The data contained in the register will be deleted once their purpose has ended, unless current legislation requires otherwise.

9. TRANSFER OF DATA OUTSIDE THE EU OR EEA

Data is not regularly transferred or disclosed outside the EU or the European Economic Area.

10. PRINCIPLES OF REGISTER PROTECTION

Only employees who are entitled to process customer data as part of their job have access to the system containing customer information. Each user has a unique username and password for the system.

The data is collected in databases protected by firewalls, passwords, and other technical means. The databases and their backups are located in locked premises, and only certain pre-named individuals have access to the data.

An audit has been conducted on the protection of information systems and the principles of their use. Movement within the workspaces is monitored.

There is no manual material in the register.

11. RIGHTS OF THE DATA SUBJECT

The data subject has the right to access their personal data.

The data subject can request the correction of inaccurate data concerning them.

The data subject has the right to request the deletion of their data from the register.

The data subject has the right to transfer their data from one system to another.

The data subject has the right to object to the processing of personal data, automated decision-making, and profiling.

The data subject has the right to receive notification of a personal data breach affecting them.

Requests regarding data should be addressed in writing to the person responsible for registry matters.