Data protection notice
- Data controller
Name: Lempisana Oy
Business ID: 2952359-3
Address: Ratapihankatu 53 A
Phone: +358 (0)45 7873 7896
- Person responsible for data register matters
Company: Lempisana Oy
Name: Reetta Lempiäinen
Address: Ratapihankatu 53 A
Phone: +358 (0)45 7873 7897
- Purpose of the register
The personal data being collected are used:
To identify clients, to process their contacts and to provide them with quotes.
- Basis for collecting and processing of data
The client’s data are gathered and processed with the client’s consent, or to implement a contract concluded with the client.
- Data content of the register
Company name, business ID, email address, telephone number, address
- Data storage period
Personal data are stored for as long as necessary to implement the contract concluded with the client or to develop customer service.
- Regular data sources
Data are collected for the register from:
The person himself or herself. From registers maintained by authorities within the boundaries set by law (e.g. ytj.fi). Data are also collected using the Google Analytics tool.
- Regular disclosure and transmission of data outside the EU or European Economic Area (EEA)
Data are normally not disclosed to anywhere outside the company. Some of the third-party service or software providers used by the company may store data outside the EU or EEA.
If a visitor to our website does not wish us to receive the aforementioned information through cookies, several browsers offer the possibility to switch off of the cookie function. This is usually done via the browser settings.
However, it is worth considering that cookies may be necessary for the appropriate functioning of some of the webpages we administer and some of the services we provide.
- Protection of the register
Data are transferred via an SSL-encrypted connection.
Electronic data are protected with a firewall, logins and passwords.
Only persons working for the data controller needing the data for their work have the right to use the data.
- Automated decision-making
Automated individual decision-making (GDPR, Article 22) is not implemented.
- Rights of the data subject
The data subject has the right to check what data concerning him or her have been stored in the personal data register. A signed written request for inspection must be sent to the person responsible for register matters.
The right to inspection is free of charge when exercised no more than once a year.
The data subject has the right to demand the correction or erasure of incorrect or out-of-date data, or the transfer of data from one system to another. He or she also has the right to restrict or object to the processing of his or her data pursuant to Articles 18 and 21 of the EU GDPR.
The data subject has the right to withdraw previously given consent to data processing, or to lodge a complaint regarding the processing of his or her personal data with a supervisory authority.
The data subject also has the right to forbid using his or her data for direct marketing purposes.