Client register data protection notice
The controller is, under the European Union’s General Data Protection Regulation (GDPR), obliged to provide the data subject with clear information. This notice fulfils that informational obligation.
1. Controller
Sonator Oy
Lapintie 32 A 2
33100 TAMPERE
2. Data subjects
Clients and potential clients
3. Purpose of the usage of personal data
Personal data are used on the basis of the client relationship with the data subject and his or her consent only for pre-defined purposes, which are the following:
- maintaining the client relationship
- giving information about our services
- completing client assignments.
4. Personal data stored in the register
Contact details
- company
- contact person’s name
- company address
- telephone number
Client details
- details of services ordered
- possible personal data supplied when the client ordered an assignment
5. Rights of the data subject
The data subject has the following rights. Requests regarding the exercise of these rights should be made to Sonator Oy
Lapintie 32 A 2
33100 TAMPERE
sonator@sonator.fi
The data subject may inspect the personal data we hold and request us to correct erroneous or deficient personal data concerning him or her. He or she may decline for his or her personal data to be processed if he or she considers that his or her personal data have been processed illegally.
The data subject has the right to refuse that his or her data be used for direct marketing, as well as the right to request that the data be erased if the data processing is no longer necessary. We shall process the erasure request, after which we shall either erase the data or give a justified reason for not being able to erase them. Please note that the controller may have a legal or other right not to erase the data requested. The controller is obliged to store accounting materials for the time (10 years) set by the Accounting Act (Chapter 2, Section 10). For this reason, accounting materials may not be erased before this time has elapsed.
If the processing of the data subject’s personal data is based solely on consent, and not, for example, on a client relationship or membership, the data subject may withdraw consent.
The data subject has the right to demand that we limit the processing of disputed data for a time until the matter is resolved.
The data subject has the right to make a complaint to the data protection ombudsman if he or she considers that we have broken data protection legislation in force at the time in our processing of personal data. Contact details for the data protection ombudsman: Office of the Data Protection Ombudsman
6. Data sources
As a rule, client data are received from the client him- or herself when the client relationship is established.
7. Data handover
Data are not handed over to anyone outside Sonator Oy for any purpose.
8. Duration of processing
As a rule, personal data are processed for as long as the client relationship exists.
9. Personal data processors
The employees of Sonator Oy process the client register. We may also partly outsource the processing of personal data to third parties, accountants or IT support, in which case we ensure by contract that personal data are processed in accordance with existing data protection legislation and correctly in other respects.
10. Transfer of data outside the EU
Personal data are not transferred outside the European Union (EU) or the European Economic Area.
11. Automatic decision-making and profiling
Data are not used for automatic decision-making or profiling.
Contact details for matters concerning the register
Sonator Oy
Maarit Manninen / Hanna Lappalainen
Lapintie 32 A 2
33100 TAMPERE
+358 (0)3 3446267
sonator@sonator.fi
