Crasman Logo
fi
fi
{fi=Tietosuojaseloste fi, id: 9125890155, slug: tietosuojaseloste1}

    PRIVACY STATEMENT

    Combined register description and information document

    1. Controller

    Crasman Ltd
    Merimiehenkatu 36 D
    FI-00150 Helsinki
    Business ID: 1045259-6

    2.Register matters and contact person

    Crasman Ltd customer service handles register matters on weekdays from 9 a.m. to 5 p.m.

    The person responsible for marketing and customer registration matters at Crasman Ltd is Samuli Hokkanen. Contact related to registration matters can be made by e-mail to crasman@crasman.fi or by phone to +358 10 217 6989.

    3. Name of register

    Crasman Ltd Marketing and Customer Register

    4. Grounds for and purpose of keeping the register

    Crasman Ltd maintains a marketing and customer register for managing, taking care of, maintaining and developing a customer relationship or other relationship based on a relevant relationship, targeting and analysis of supply, production, provision and development of services, as well as market research and other statistical purposes.

    The register information may be used for marketing (including electronic direct marketing) between Crasman Ltd and the customer or potential customer and for targeting it within the limits permitted by law.

    The contractual contact persons of the customer company have the right to determine the contact persons to be stored in Crasman Ltd's marketing and customer register for the customer relationship in question.

    5. Information contained in the register

    The information stored in Crasman Ltd's marketing and customer register does not include the personal information of the contact persons, unless it is necessary for the current or potential future customer relationship or is identical to the company's information.

    The register may contain the following information about the contact persons of the client company:

    • forename and surname
    • mobile phone number
    • landline number
    • email address
    • language
    • role and/or position in the company
    • interests
    • marketing authorisations and prohibitions
    • customer relationship information (e.g., billing and payment information, product and order information, customer feedback, and contact information).

    In addition to the above, the register may contain information related to the contact person of the customer company or potential customer company, such as:

    • information about upcoming events (dates and places of meetings)
    • historical information on past events (contact, offer, meeting and conference information)
    • information on the use of Crasman Ltd's marketing content.

    6. Regular sources of information

    Crasman Ltd collects personal data during the customer relationship and during the work carried out to create a potential customer relationship.

    Data may be collected and supplemented with the consent of the data subject (e.g. by the use of cookies), the population register and other third party registers.

    Data is also collected in connection with various marketing actions such as electronic direct marketing and events, as well as from public sources.

    7. Disclosure or transfer of information

    In principle, Crasman Ltd does not disclose the personal data of the registered persons to third parties, unless required by law or required by mandatory legislation. 

    Notwithstanding the above, Crasman Ltd uses reliable service providers to process its services that process personal data on behalf of Crasman Ltd. These personal data processing agreements have been concluded, for example, with information technology and analytics service providers and marketing and communication service companies.

    Personal data may be transferred outside the European Union or the European Economic Area in accordance with data protection legislation and within the limits set by it. We have ensured an adequate level of data protection, in accordance with the conditions of the EU General Data Protection Regulation, including in situations where data is transferred outside the EU or the EEA in accordance with the adequacy decisions set by the European Commission and using, where appropriate, standard contractual clauses adopted by the European Commission and, where appropriate, supplementary safeguards.

    8. Principle of register security

    The personal data in Crasman Ltd's marketing and customer register is processed in a reliable way in a closed and secure information system. Access to the register is protected by user-specific IDs, passwords, and access rights, and the register is accessed through a secure connection.

    Crasman Ltd has issued binding written regulations to its employees regarding the processing of personal data, data security and data protection, and the employees have undertaken to comply with these instructions.

    With regard to external partners and service providers, Crasman Ltd always has a valid Data Processing Agreement (DPA) and data is processed in accordance with documented instructions.

    9. Retention period of information

    Crasman Ltd processes and stores data only for as long as is necessary for the predefined purpose of the personal data.

    Personal data that has become redundant and is no longer justified to be stored or processed will be deleted at regular intervals in accordance with Crasman Ltd's own data protection policies.

    Personal data has become redundant, for example, when a customer, business, cooperation or contractual relationship has ended and Crasman Ltd does not consider it probable that a new business relationship will arise.

    The data shall be kept for a maximum of 12 months after its need ends. The cleaning of register data is performed annually.

    10. Rights of the data subject

    The data subject has all the rights under the regulation to check and manage his or her own data.

    Right to inspect data

    The data subject has the right to check what information concerning him or her has been stored in Crasman Ltd's marketing and customer register. The right to inspect is free of charge once a year (12 months). The data review request can be sent by email to the data controller. The information with which the data subject can be identified must be clearly identified in the request.

    Right to rectify information and limit processing

    The data subject has the right to demand the correction or deletion of his/her incorrect, incomplete, unnecessary or outdated information by notifying Crasman Ltd. In addition, the data subject also has the right in certain situations to request a restriction on the processing of his or her personal data or otherwise object to its processing.

    The right to request the deletion of data or to object to the processing of data

    The data subject has the right to request the deletion of his or her personal data or to object to their processing when it is based on a legitimate interest. The data subject always has the right to object to direct marketing via the link at the end of the e-mail sent by Crasman Ltd or by contacting Crasman Ltd.

    Right to appeal to the supervisory authority

    The data subject may lodge a complaint against the processing of personal data with the supervisory authority, which is the Data Protection Officer.

    All the above requests should be sent to the addresses found in sections 1 and 2 of this description.

    11. Cookies

    Crasman Ltd uses cookies in its online service. See current information about the cookies we use.

    You can manage the use of cookies by choosing the Cookie settings.

     

    Updated 1 March 2023