Sulje menu

Categories

Sulje menu

Categories

MEDKIT FINLAND LTD PRIVACY POLICY

MedKit Finland Ltd privacy policy complies with the EU General Data Protection Regulation.

Updated 24. May 2018

Processor of personal data

Medkit Finland Oy
Business-ID: 2175153-2
Haaransuontie 6 90240 Oulu, Finland

Person responsible for matters regarding privacy and data protection

 Jukka Marjoniemi, jukka.marjoniemi(at)medkit.fi or;

Medkit Finland Oy / Jukka Marjoniemi
Haaransuontie 6
90240 Oulu, Finland

Special categories of the personal data concerned

We collect personal data primarily directly from the registered persons themselves as a part of use of our services. Furthermore, the personal data may be collected and updated from third party sources which are publicly available. These sources may include registers held by governmental agencies (such as population register) and registers held by authorities, company registration offices, enforcement authorities and from credit rating registers. Updating personal data from third party sources is performed manually.

The personal data concerned can be categorized as follows:

  • Private customer basic information: customer ID, first name and surname, mailing address, telephone number, e-mail address
  • Corporate customer representative information: customer ID, first name and surname, title, company name, mailing address, telephone number, e-mail address
  • Information related to legal obligations: taxation country and foreign tax registration number
  • Customer history (for example contacts, orders, feedback, information related to billing and the debt collection)
  • Technical information and online behaviour: internet protocol address, cookies sent to the users' browser, device information
  • Marketing and promotion: marketing efforts targeted to the registered person, marketing consents and withdrawals.
  • Information available on public sources: registers held by government or authorities, credit rating registers
  • Interests and profiling

Purpose of processing personal data

We collect, handle and store information for the following purposes:

  • Fulfilment of customership and customer communication: The main purpose of processing personal information is to send quotations and deliver the required service or product.
  • Fulfilment of requirements and obligations stated in laws and regulations: bookkeeping regulations, reporting to authorities
  • Marketing, product and customer analysis: Personal data is also processed in context analysis. The purpose is to develop business, systems and marketing processes and thus to improve our services or our selection. Analysis may also include profiling. (More information below)
  • Marketing based on consent: We can send marketing messages to private customers and corporate customer representatives who have given an explicit consent. Both can withdraw the consent anytime.
  • Profiling and statistics: We may profile customers based on their online behaviour to get statistical data, for example with Google Analytics. Profiling helps us also to customize our website to better suit the users' interests. Profiling is performed by using cookies. As a user of our site, you may prevent the site collecting cookies and remove them from your browser. Read more about the cookies collected here: Cookie Policy.

 Automated decision-making

We use automated decision-making for the customer's profiling so that we can offer the user the most relevant content on our site and communication. The profiling is based on cookies. You can read more about cookies here: Cookie policy.

Transferring personal data

In order to provide our services, we share parts of the personal data to our cooperation partners. This is done due to technical and logistical demands and to provide payment solutions. The third parties process personal data only to provide the services in collaboration with us.

Transfer of information outside EU or EEA

We may use service providers who have access to your personal data from outside EU/EEA area, such as from the United States. We ensure the proper and legal transfer of personal data complying with the current legislation.
We transfer the personal data outside EU/EEA only when the following conditions apply:

  • The European Commission has decided that in the country where the data is transferred to has a sufficient level of data protection or;
  • We have carried out the proper protective measures for transfer by using regular phrases regarding data privacy protection accepted by the European Commission. You have a right to get the copy of the regular phrases in question by contacting us or;
  • You have given your specific consent to the transfer of your personal data outside EU/EEA or;
  • The transfer is based on a legal arrangement, such as for the Privacy Shield arrangement when data is transferred to the United States.

 Time of processing of personal data

The system containing personal data is only accessible for our employees and partners who have a justified right to process the personal data. Every user has their own username and password for the system. The information is stored in databases which are protected by firewall, passwords and other technical methods.

The databases and their back-up copies are located on locked premises and information is accessible only by certain persons named in advance. We estimate the necessity of storing personal data considering the current legislation. In addition to this, we take moderate actions to ensure that we do not retain any incompatible, faulty or aged personal data from the registered users. We correct or delete all this kind of information immediately.

Privacy rights of the registered person

As a data subject you have certain rights to the personal data MedKit Finland possesses:

A. The right to request access to the personal data MedKit Finland possesses

 B. The right to request the correction of faulty or incomplete information. If the personal data is faulty or incomplete you have the right to have the data rectified if the current legislation does not restrict it.

 C) The right to request the erasure of the personal data.

You have the right to request the erasure of personal data if any of the following apply:

  • You withdraw the given consent to process personal data and there is no other justified reason to retain it.
  • You object to the processing and there is no justified reason for continuing the processing.
  • You object to the processing for direct marketing
  • Processing is against the law.
  • The personal data belongs to an underaged person
  • Due to the current legislation we have an obligation to retain your personal data after the termination of customership in certain cases.

 

D) The right to restrict processing of your personal data.

If you consider that purposes of the processing of your personal data are not legal or justified, you have a right to restrict the processing of the data. We can only store your data and not use it for any purposes until we have secured and ensured that the purposes of the data processing are justified.  

 E) The right to object to the processing of your personal data for direct marketing and profiling.

 F) The right to request your personal data in portable format.

You have the right to request the data we have registered from you in machine-readable format.

This right applies to personal data processed automatically and in context of fulfilling a contract.

 If you want to use your right listed above, the requests are assessed and handled individually.

Please note that we may continue processing and storing your data if it is necessary to comply with the current legal obligations. We can also ask you for more information or ensure your identity before continuing to handle your request.

 Contact Medkit Finland or the data protection authority 

In case you have something to ask about Medkit Finland privacy policy or you want to use your rights as a data subject you can contact us either by e-mail or by mailing us.

You can contact us as follows:

by e-mail

Jukka Marjoniemi, [email protected]

Subject: Request concerning data privacy

by mail

Medkit Finland Oy / Jukka Marjoniemi

Privacy policy

Haaransuontie 6 90240 Oulu, Finland

We react to the requests as soon as possible but within 1 month at the latest. You have the right to complain to the privacy authority if you consider that we have not processed your personal data according to the current data privacy legislation.

 Updates on our privacy policy

We continuously improve our services and therefore we reserve the right to update this privacy policy by informing about it on this page.

Request for a copy or removal of your personal data

You can request a copy or removal of your personal data here.