Privacy Statement

This is the registry and privacy statement of Varaani Works Oy in accordance with the Personal Data Act (Sections 10 and 24) and the EU General Data Protection Regulation (GDPR). Prepared in Finnish language on 26.03.2021, translated to English. Last modified on 8.02.2024.

1. Data controller

Varaani Works Oy, Vuolteenkatu 1, 33100 TAMPERE

2. Contact person responsible for the register

3. Register name

Varaani Works Oy’s customer register

4. Legal basis and purpose of processing personal data

The legal basis for the processing of personal data in accordance with the EU General Data Protection Regulation is the legitimate interest of the data controller (customer relationship). The purpose of processing personal data is communication with customers, maintaining customer relationships, and marketing. The information is not used for automated decision-making or profiling.

5. Contents of the register

The data stored in the register includes the person’s name, contact information (phone number, email address, address), website addresses, information about ordered products and services and any changes to them, and other information related to customer relationships and ordered services.

6. Regular sources of information

The information to be stored in the register is obtained from the customer through, among other things, messages sent via websites, email, telephone, social media services, contracts, customer meetings, and other situations where the customer provides their information.

7. Regular disclosures of information and transfer of information outside the EU or EEA

Information is not regularly disclosed to third parties. Information may be published to the extent agreed upon with the customer. Information may also be transferred by the data controller outside the EU or EEA if the technical implementation of the service requires it.

8. Principles of register protection

Care is taken in the processing of the register, and the information processed by information systems is appropriately protected. When registry information is stored on Internet servers, their physical and digital security is appropriately taken care of. The data controller ensures that stored information, server access rights, and other information critical to the security of personal data are handled confidentially and only by employees whose job description includes it.

9. Right of inspection and right to demand correction of information

Every person in the register has the right to check the information stored about them in the register and to request the correction of any incorrect information or the supplementation of incomplete information. If a person wishes to check the information stored about them or request correction, the request must be sent in writing to the data controller. The data controller may, if necessary, request the person making the request to prove their identity. The data controller responds to the customer within the time frame specified in the EU General Data Protection Regulation (usually within one month).

10. Other rights related to the processing of personal data

A person in the register has the right to request the deletion of personal data concerning them from the register (“right to be forgotten”). Similarly, registered persons have other rights under the EU General Data Protection Regulation, such as restricting the processing of personal data in certain situations. Requests should be sent in writing to the data controller. The data controller may, if necessary, request the person making the request to prove their identity. The data controller responds to the customer within the time frame specified in the EU General Data Protection Regulation (usually within one month).

Cookies

Cookies are used on the website to identify the pages visited. This helps to analyze traffic on the websites. The information collected from cookies is used solely for statistical purposes. You can manage the use of cookies from the cookie management banner on this website, which is located at the bottom left of the screen, or on the first visit, the banner covers the entire bottom of the screen.

We use tools such as Google Analytics to measure the use of our website. The data stored in cookies used by Google’s tools are sent for storage to Google’s servers in the EU area if the use takes place within the EU. Consequently, this information may be processed on servers located outside the user’s country of residence. With the information received, Google evaluates how the user browses the content of the pages and prepares summary reports on the use of the website. In addition, Google compiles reports on the services offered in connection with the websites and produces statistics on internet usage. Google may also customize the content of ads displayed to users based on their browsing history. Google may also transfer data to third parties if required by law or in cases where a third party processes data on behalf of Google.

Preventing the use of Google Analytics: Users can prevent website data from being used in Google Analytics by disabling cookies used for analytics from the cookie banner on this website, or by installing a browser extension that prevents the use of Google Analytics. The extension prevents the JavaScript of Google Analytics running on websites from sharing website visit data with Google Analytics.

Social media cookies: Social media service providers collect information about our services through cookies, plugins, and buttons. The purpose and scope of the data collection carried out by social media service providers, the ways in which the data is used, and the rights related to it, as well as information about changing privacy settings, are set out in the privacy terms of each social media service. You can also refuse or manage the use of these cookies in the cookie management banner.