processed, what purposes the data is used for and to which entities can the data be disclosed.
the processing of personal data.
We pay special attention to protecting the privacy of data subjects and we observe EU’s General
Data Protection Regulation (2016/679) as well as other applicable data protection legislation
(“data protection legislation”) and good data processing practices in all processing of personal
customers, collaboration partners, service providers and subcontractors’ representatives.
Personal data refers to all information concerning a natural person (“data subject”), which can
be used to directly or indirectly identify him/her, in accordance to what has been set out in the
data protection regulation. Information, which cannot be used to directly or indirectly identify a
data subject, is not personal data.
2. Data controller and contact person
Data controller: Ebisu Oy
Business ID: 2999037-8
Address: Kulosaaren puistotie 44 G, 00570 Helsinki
Contact person: Elisa Koivumaa, puh. 040 575 5550
3. Legal basis for processing personal data
Personal data is processed for e.g. the following purposes:
- For ordering the company’s products and services, as well as communications, development,
quality assurance and information
- For personalised customer service concerning services and targeted customer communications and monitoring the use of services
- For marketing and targeting marketing to customers and potential customers
- For ensuring the safety of services and to prevent misuse
- For invoicing
The legal reason for processing personal data of data subjects is the contractual relationship
between the company and the data subject, which is based on the ordering of a service or
product offered by the company. The processing of personal data is also based on legal
obligations, such as accounting obligations. Processing for the purpose of customer relationship
management and direct marketing is based on the company’s legitimate reason.
Electronic direct marketing and subscribing to the company’s newsletter is based on consent
provided by the data subject or a legitimate reason. The data subject has the right to withdraw
their consent at any time (see the rights of the data subject below).
4. Processed personal data groups, data contents and data sources
We only collect such personal data from data subjects, which is essential and necessary in
about the data subject:
|PERSONAL DATA GROUP||PERSONAL DATA GROUP EXAMPLES OF DATA CONTENT AND THE PURPOSE OF DATA COLLECTION|
|4.1. Contact details||Sending an order|
Data subject’s name, address, phone number, email address
|4.2 Customer event details and contract details||Email communications with a customer|
Possible customer feedback, as well as communications between the data subject and the
company, reclamation and other service details
|4.3 Consents provided by the data subject|
|Information concerning the data subject’s consent for electronic direct marketing and withdrawal of consent prohibitions issued by the data subject|
|4.3 Behavioural details and technical authentication details||Online analytics and targeting social media marketing|
The data subject’s online behaviour and the monitoring of company services, for example, with the help of cookies and similar technical identifiers. Collected information may include, for example, the user’s IP address, visited pages, browser-related technical specifications, web address, time and duration of session.
In principle, personal data is collected from the data subjects themselves, for example, in
connection with concluding an agreement or during a customer relationship. The customer can
change or supplement their details at any time via the Sees Company online store’s Personal
The data subject may also have provided the company with data, for example, by subscribing to
the electronic newsletter, in social media services or on SEER Company’s website.
We may use third-party service providers for marketing, and the providers will process the data
subjects’ contact details confidentially for these purposes. The data controller and data
processor have access to the online store’s database for resolving problem situations.
The company utilises various services, such as Google Analytics, for the online services’ visitor
monitoring. These services utilise the browsers’ cookies and other identifiers. More information
about these can be found in the privacy policies of each relevant service.
5. Transferring data outside the EU or Europe
Content of the customer register shall not be disclosed or transferred outside the EU or
European Economic Area.
6. Protection principles of the register
All the register data has been stored in systems which have been carefully protected both in
terms of the network and physically. The data is only accessible to key persons and access
requires logging in with credentials.
7. Right to review and its implementation
In principle, a data subject always has the right to review information stored about them.
Personal data can be obtained free of charge once a year with a signed letter.
8. Correction of details and implementation of data corrections
Data subjects have the right to demand any personal data-related information to be rectified by
the data controller. Personal data can also be corrected directly under management.
Information about cookies used on the website
tracking code. A cookie is a small text file which can be delivered to your terminal device when
you visit our website.
browser settings. You can also choose to remove previously saved cookies. However, please