Data protection description

​Customer register of consumer customers of Lassila & Tikanoja plc

Data protection description in accordance with section 10 of the Personal Data Act (523/99)
Date of preparation: 8 September 2014

Controller:

Name: Lassila & Tikanoja plc
Business ID: 1680140-0
Postal address: P.O. Box 48, FI-00441 Helsinki, Finland
Street address: Sentnerikuja 1, FI-00440 Helsinki, Finland
Telephone: +358 (0)10 636 111 (switchboard)

Contact person in matters concerning the register:

Name: Marika Tuominen (Director, Customer Service)
Postal address: P.O. Box 48, FI-00441 Helsinki, Finland
Email: marika.tuominen@lassila-tikanoja.fi

Name of the register:

Customer register of consumer customers of Lassila & Tikanoja plc

Purpose of the processing of personal data (purpose of the register):

Personal data in the register may be processed for the following purposes: control and management of customer relationships, provision of services, invoicing, supervision of payments, collection of payments, marketing, development of customer relationships and business operations, and other comparable purposes.

Data content of the register:

The register may contain the following data:
• contact details, such as name, address, telephone number and email address
• basic data, such as date of birth/personal identity number, size of household, form of housing
• data concerning the customer relationship, such as the customer/agreement number, data on services ordered by the customer, invoicing and payment data, data related to collection, customer feedback, contacts, and data on suspension or cancellation of service
• permissions and prohibitions on direct marketing
• any other additional data provided by customers themselves and other data collected with customers’ consent

Regular sources of information:

Data is mainly collected from the data subjects themselves by telephone, via the Internet, by email or in other comparable ways. Data may also be collected from the controller’s own information systems when the data subject uses services.

Regular disclosure of data:

The data is only used for the management of customer relationships, and it is not regularly disclosed further. Individual pieces of data may be disclosed to debt collection agencies for collection measures concerning unpaid invoices.

Transfer of data outside the EU or EEA:

Data is not transferred outside the European Union or the European Economic Area, unless it is necessary for the technical maintenance of the register. In such cases, the controller sees to the sufficient level of privacy protection required by the law.

Right of access and rectification of data:

Data subjects have the right to check the data entered on them in the register. The request for access shall be signed and delivered in writing to the person responsible for matters concerning the register. The request for access may also be presented personally at the place of business of the controller at the aforementioned address. Should there be any errors in the stored data, the data subject has the right to demand the rectification of the erroneous data by contacting the person responsible for matters concerning the register.

Right to prohibit processing:

Data subjects have the right to prohibit the use of their data for purposes of direct advertising, distance selling, other direct marketing, market research and opinion polls. The prohibition may be notified to the person responsible for matters concerning the register.

Principles of register protection:

The data in the register is stored in an electronic system protected by firewalls and other technical measures. Only persons in the employ of Lassila & Tikanoja plc who participate in the processing of data under their duties have the access to the system. Each employee using the register has a personal username and password for the system. The server equipment is stored inside locked premises.