Zermatt Ltd's Register and Privacy Policy 7.11.2024
Zermatt Oy complies with the GDPR 679/2016 in the protection of personal data.
According to the GDPR, the controller is obliged to inform registered persons in a clear manner. This privacy notice fulfils that obligation.
1. Administrator of the register
Zermatt Oy Johanna Konttila
Contact information:
Veräjänkierto 35, 01900 Nurmijärvi, Finland
Contact information for matters concerning the register.
Zermatt Oy
Johanna Konttila
Veräjänkierto 35
01900 Nurmijärvi
040 352 8899
johanna.konttila@zermatt.fi
2. Registered persons
The register contains the clients of the management consultancy company.
3. Purpose of the use of personal data
Grounds for keeping the register:
Personal data are processed based on the customer relationship of the person concerned.
Purpose of the processing of personal data and use of the register:
Personal data are processed only for predefined purposes, which are:
- Customer relationship management.
- Preparation of the customer relationship
- Based on the consent of the data subject, such as form messages.
- Invoicing
- Personal data may be used to target and execute marketing communications and other marketing activities.
4. Data to be stored in the register
The customer register contains the following information:
- Contact details
- Name
- address
- phone number
5. Rights of the registered person
The registered person has the following rights, the exercise of which should be requested at johanna.konttila@zermatt.fi
- Right to review. The registered person may check the personal data we have stored.
- Right to correct the data. The person concerned may request the correction of inaccurate or incomplete data relating to the person concerned.
- Right to object. The person concerned may object to the processing of personal data if the person feels that the data has been processed unlawfully.
- Prohibition of direct marketing. The person concerned has the right to object to the use of the data for direct marketing.
- Right of withdrawal. The person concerned has the right to request the deletion of data if the processing is no longer necessary. We will process the request for erasure, after which we will either delete the data or provide a reasoned justification why the data cannot be deleted. Please note that the controller may have a legal or other right not to delete the requested data. The record holder is obliged to keep the accounting records for the period specified in the Accounting Act (Chapter 2, Section 10) (10 years). Therefore, accounting records cannot be deleted before the expiry of this period.
- Withdrawal of consent. If the processing of personal data concerning a person is based solely on consent and not, for example, on customer or membership, the person may withdraw consent.
- The person concerned may appeal against the decision to the Data Protection Ombudsman
- The person concerned has the right to request that we restrict the processing of the disputed data until the case is resolved.
- Right of appeal. The person concerned has the right to complain to the Data Protection Ombudsman if he or she feels that we are in breach of the applicable data protection legislation when we process personal data. Contact the Data Protection Ombudsman: https://tietosuoja.fi/en/office-of-the-data-protection-ombudsman
6. Regular sources of information
Customer data are obtained on a regular basis:
- From the customer at the time of the customer relationship
- At the request of the data subject
- Cookies
We use Google Analytics visitor tracking on our website, provided that you accept this in the cookie settings.
7. Regular disclosures of data
No information will be disclosed for marketing purposes outside Zermatt Oy.
We have ensured that all our service providers comply with data protection legislation. We regularly use the services of an accountant, whose contact details may be requested where necessary.
8. Duration of processing
As a rule, personal data will be processed for as long as the customer relationship lasts.
9. Processors of personal data
The customer register is processed by the CEO of Zermatt Oy. The company may also outsource part of the processing of personal data to a third party, in which case it will ensure through contract arrangements that the personal data is processed in accordance with the applicable data protection legislation and otherwise in an appropriate manner.
10. Protection of the register
The register is protected by appropriate technical and organizational measures to protect personal data.
All manual material is kept in the locked and controlled premises of the controller. No access to electronic data is granted to persons other than the registry administrator. Zermatt's partners comply with the data protection provisions of the EU Regulation and are contractually obliged to keep all personal data strictly confidential.
The information systems used for processing personal data and access to them are protected by appropriate technical measures. The register data are backed up securely. The destruction of material containing personal data is carried out in a secure manner.
11. Transfer of data outside the EU
Personal data will not be transferred outside the EU or the European Economic Area.
12. Automated decision-making and profiling
We do not use data for automated decision-making or profiling.
As a business or corporate customer, you provide personal data of employees and other parties to Zermatt Ltd. It is your company's or entity's responsibility to inform those individuals of our privacy policy.
