Customer Register of Suomen Kaukokiito, Privacy Statement
The controller is Suomen Kaukokiito Oy. Data may be disclosed to the owner carriers of Suomen Kaukokiito Oy and other companies of the Kaukokiito chain in accordance with customer contracts to provide services and carry out the chain’s business operations. The owner carriers of Suomen Kaukokiito Oy are Kuljetusliike Ilmari Lehtonen Oy, Kuljetusliike Kantola & Koramo Oy, Kuljetusliike Taipale Oy and Kuljetusliike Y. Auramaa Oy.
Controller contact details
Suomen Kaukokiito Oy
33330 Tampere, Finland
Tel. +358 (0)10 5100
Business ID 0114330-2
The customer register of Suomen Kaukokiito Oy
Purpose and reason for processing personal data
The data of customers of the Kaukokiito chain and their contact persons are stored in the register. Personal data is processed for purposes related to the management, administration and development of customer relationships, providing services and products, sales and delivery as well as the development and invoicing of services and products. Personal data is also processed in connection with purposes related to investigating possible complaints and other claims.
In addition, personal data is processed in customer communications, such as for sending the customers notifications and news, event invitations, in surveys and market research as well as in marketing. As part of marketing, personal data may be processed also for purposes related to direct marketing and electronic direct marketing.
The customer has the right to forbid all the direct marketing directed at them.
The reason for processing personal data is the customer relationship between the controller and customer, the customer’s consent, customer assignment or another appropriate connection.
The controller processes the information and uses partners in processing personal data for and on the behalf of the controller.
Register data content
The following data and similar data may be stored on the data subject: personal data, such as name, job title, date of birth, employer’s address information, telephone number, e-mail address, credit rating and the name of the company the data subject represents. In addition, we may store background data related to sales and data related to contacting the customer as well as purchase and order history.
Retention period of personal data
The controller stores personal data in the customer register until the customer relationship between the data subject and customer can be seen to have ended. The time of ending is defined from the expiration of the validity of a customer contract or from the latest service contact to which five years are added. Data used as invoice basis are stored for the period required in legislation related to accounting.
Regular data sources
Data is received from the data subjects or orderers of service. Data may also be acquired from official registers (for instance, the trade register). In addition, we use the open business data found online.
Regular disclosure of data
Data is disclosed to the owner carriers of Suomen Kaukokiito Oy and other companies of the Kaukokiito chain in accordance with customer contracts to provide services and carry out the chain’s business operations. The owner carriers of Suomen Kaukokiito Oy are Kuljetusliike Ilmari Lehtonen Oy, Kuljetusliike Kantola & Koramo Oy, Kuljetusliike Taipale Oy and Kuljetusliike Y. Auramaa Oy. Customer data may also be disclosed to a partner for handling debt collection.
Data transfers outside the European Union or European Economic Area
Personal data may be transferred to locations outside the EU/EEA area if required by the service production. In these cases, data privacy is ensured in accordance with data privacy legislation and other regulations.
Description of the principles of register protection
Any possible manual material is stored in locked premises where only designated people may access when it is necessary for them for realising their work.
Only authorised employees or partners may access digital material using their personal login credentials. There are different levels of access rights, and each user is granted sufficient rights for their work but in an as limited manner as possible.
Data subject’s rights
According to the General Data Protection Regulation (GDPR), data subjects of our person registers have special rights.
1. Data subject’s right of access (right to inspection)
The data subject has the right to inspect what data about them is stored in the register. The right to inspection may be rejected based on legal grounds. Primarily, using the right to inspection is free.
2. Data subject’s right to rectification, erasure or restriction of processing
The data subject has the right to rectify the data about them. The data subject also has the right to demand the controller to restrict the use of their personal data, for instance, in a situation in which the data subject is awaiting a reply to their request concerning the rectification or erasure of their data.
3. Data subject’s right to data portability
For the parts that the data subject has provided data to the customer register and the data processed based on the data subject’s consent or assignment, the data subject has the right to receive this kind of data primarily in a machine-readable format. The data subject also has the right to transfer this data to another controller.
4. Data subject’s right to lodge a complaint with the data protection authority
The data subject has the right to lodge a complaint to the competent data protection authority if the controller has not complied with the applicable data protection regulations in their operations.
5. Other rights
If personal data is processed based on the data subject’s consent, the data subject has the right to revoke their consent by notifying us.