FI-24910 Halikko As.
Business ID: FI06838568
The register lists the company’s business partners, customers and potential customers, and persons who have made contact with the company. We also make use of public business data available online or collected from various authorities.
The content of the register is used for managing user and customer relationships:
Purpose of data processing and use of data file. Personal data are only processed for purposes stated in advance, which are as follows:
Additionally, anonymous tracking data are collected on the use of the website using the Google Analytics service:
Tracking can be prevented by disabling cookies or using the browser’s Do Not Track option.
4. Personal data stored in the register
The customer register contains the following details:
The rights of the data subject are listed below. Any requests concerning exercising those rights must be addressed to:
FI-24910 Halikko As.
Business ID: FI06838568
Right to access personal data
Data subjects may check the personal data that we have stored on themselves.
Right to rectification of data
Data subjects may request that we rectify any erroneous or incomplete data we have stored on themselves.
Right to object
Data subjects may object to the processing of their personal data if they consider improper processing to have taken place.
Direct marketing ban
Data subjects have the right to deny the use of their data for direct marketing purposes by informing the controller of the data file in writing.
Right to erasure
Data subjects have the right to request the erasure of their data when processing of the data is no longer necessary. After handling the request, we will either erase the data or provide justifiable grounds as to why we cannot erase them. Please note that the controller of the data file may have a right, legal or otherwise, not to erase the requested data. The controller of the data file is required by the Finnish Accounting Act (Chapter 2, section 10) to store accounting materials for the period stated in the law (10 years). Therefore accounting-related data may not be removed before this period expires.
Cancellation of consent
If the processing of the data subject’s personal data is based entirely on consent (and not on e.g. a customer relationship or membership), the data subject may cancel their consent.
Complaints on decisions may be addressed to the Data Protection Ombudsman
Data subjects have the right to demand that processing of data involved in a conflict be restricted for the duration of the resolution of the conflict.
Right to appeal
Data subjects are entitled to make a complaint to the Data Protection Ombudsman if they feel that we have violated applicable data protection legislation in processing personal data. Data Protection Ombudsman’s contact details: www.tietosuoja.fi/fi/index/yhteystiedot.html
Regular sources of customer details:
Data is not usually disclosed for marketing purposes to parties outside of Heina Ltd. We have ensured that all of our service providers comply with data protection legislation.
We will store and process your personal data for as long as it is necessary to fulfill the stated purposes. Laws and regulations set certain requirements for the storage and use of materials containing personal data, which affect how long data are stored.
Personal data are processed by the controller of the data file and its employees. We may also outsource a part of our personal data processing to a third party, in which case we will contractually ensure that personal data are only handled according to valid data protection legislation and otherwise appropriately. The persons handling your personal data have all received data protection and privacy training. Our employees only have access to the personal data that are essential for them to complete their tasks. The information system and its files are protected using technical protection methods commonly used in business operations. Personal data are handled confidentially, and the necessary level of data and processing protection is ensured using appropriate measures.
No personal data will be transferred outside of the European Union or European Economic Area unless it is essential for the maintenance and technical fulfillment of services. In such cases, we will ensure appropriate data protection as required by law.
This policy was last updated on 29th March 2022, and it is valid until further notice.