The purpose of this Policy is to ensure that MotoCut Oy complies with the GDPR, national data protection legislation and other legislation that concerns the processing of personal data and that such compliance may be demonstrated through appropriate and up-to-date documentation.
All the members of MotoCut Oy (top management, employees and visitors) are obligated to adhere to this Data Protection Policy and all the other practices, regulations and instructions governing data protection and information security within MotoCut Oy.
This is the Registry and Privacy Statement on the processing of personal data in accordance with the Data Protection Act 1050/2018 and the EU General Data Protection Regulation 2016/679 (GDPR).
The description will be updated as necessary.
Last Updated Date: 29.4.2022
Ilkka Hietala, CEO
MotoCut Oy customer and contact information registers.
The legal basis for the processing of personal data under the EU General Data Protection Regulation is:
Personal information is used in accordance with existing laws and regulations to manage and develop customer relationships, marketing, and communications. The data is not used for automated decision making or profiling.
The information stored in the register includes name, position, company / organization, contact information (telephone number, e-mail address, address) and website addresses.
Company processes and stores personal data only for as long as required by a legal obligation or when necessary for the pre-defined purpose of the personal data. Personal data that has become redundant and that companies no longer have a reason to store or process is deleted at regular intervals in accordance with the Group's own data protection policies.
The information stored in the register is obtained from the customer e.g., messages sent via web forms, e-mail, telephone, via social media services, agreements, customer meetings and other situations in which the customer or a partner provides information himself or herself or his or her employer.
In addition, information is obtained from public / publicly available sources such as the Internet or the Trade Register.
The data will not be disclosed or regularly transferred to other parties, either within the EU or outside the EU or the EEA.
The register shall be handled with due care and the data processed by the information systems shall be adequately protected.
If manual information is generated, it will be handled properly and stored in a locked space.
When registry information is stored on Internet servers, the physical and digital security of their hardware is adequately addressed.
The controller shall ensure that the data stored, as well as the access rights to the servers and other information critical to the security of personal data, are treated confidentially and only by the employees whose job description it includes.
Every person in the register has the right to check the information stored in the register and to request the correction of any incorrect information or the completion of incomplete information.
If a person wishes to check the data stored about him or her or to request their correction or deletion, the request must be sent in writing to the data controller.
If necessary, the controller may ask the applicant to prove his or her identity.
The controller will respond to the customer within the timeframe set out in the EU Data Protection Regulation (generally within one month).
We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services.