According to the General Data Protection Regulation (GDPR), the data controller has an obligation to clearly inform data subjects. This statement fulfills that obligation.
1. Data Controller
Tsipaniekka Oy (Restaurant Parppeinpirtti)
Business ID: 2310416-0
Parppeintie 4
82900 Ilomantsi
Contact information for register-related matters
Marjo Niiranen
Tel. 010 239 9950
myynti@parppeinpirtti.fi
2. Data Subjects
The register contains customers, potential customers, and partners of the company who have submitted their contact information via a form.
3. Purpose of Personal Data Processing
The basis for maintaining the register is the contact information stored through the contact form. Individuals give their consent when sending a contact request.
Purpose of personal data processing and register use
Personal data is processed only for predefined purposes, which are as follows:
4. Personal Data Stored in the Register
The customer register contains the following information:
Contact Information
5. Rights of the Data Subject
The data subject has the following rights, and requests concerning their exercise should be sent to the contact information
Right of Access
The data subject can check the personal data we have stored.
Right to Rectification
The data subject can request the correction of inaccurate or incomplete data concerning them.
Right to Object
The data subject can object to the processing of personal data if they feel that personal data has been processed unlawfully.
Right to Prohibit Direct Marketing
The data subject has the right to prohibit the use of data for direct marketing.
Right to Erasure
The data subject has the right to request the deletion of data if the processing of the data is not necessary. We will process the deletion request, after which we will either delete the data or inform of a legitimate reason why the data cannot be deleted.
It should be noted that the data controller may have a legal or other right not to delete the requested information. The data controller has an obligation to retain accounting material in accordance with the period defined in the Accounting Act (Chapter 2, Section 10) (10 years). For this reason, accounting-related material cannot be deleted before the expiration of the specified period.
Withdrawal of Consent
If the processing of personal data concerning the data subject is based solely on consent, and not, for example, on a customer relationship or membership, the data subject may withdraw their consent.
Data subject can appeal the decision to the Data Protection Ombudsman
The data subject has the right to demand that we restrict the processing of disputed data until the matter is resolved.
Right to Lodge a Complaint
The data subject has the right to lodge a complaint with the Data Protection Ombudsman if they believe that we are violating current data protection legislation when processing personal data.
Data Protection Ombudsman's contact information: www.tietosuoja.fi/fi/index/yhteystiedot.html
6. Regular Sources of Information
Customer data is regularly obtained from:
- the customer or potential customer themselves when they fill in their contact information on the contact form.
7. Regular Disclosures of Data
Data is not generally disclosed for marketing purposes outside Tsipaniekka Oy.
8. Personal Data Processors
The data controller and its employees process personal data. We may also partially outsource the processing of personal data to a third party, in which case we guarantee through contractual arrangements that personal data is processed in accordance with applicable data protection legislation and otherwise appropriately.
9. Transfer of Data Outside the EU
Personal data is not transferred outside the EU or the European Economic Area.
10. Automated Decision-Making and Profiling
We do not use data for automated decision-making or profiling.
