Bonge Oy is committed to protecting the privacy of its online services and newsletter subscribers. This privacy statement explains what information is collected about the user of online services, how it is used, and what options the user has.
The data controller has an obligation under the Data Protection Regulation to inform the data subjects in a clear manner. This description fulfills the obligation to inform.
DATA CONTROLLER Bonge Oy
CONTACT INFORMATION REGARDING THE REGISTER: Bonge Oy / Joonas Teeriaho
010 440 9180
CONTACT INFORMATION FOR THE POSSIBLE DATA PROTECTION OFFICER: Joonas Teeriaho
c/o Bonge Oy
010 440 9180
REGISTERED PERSONS The register contains potential and active consumer customers of the brands represented by Bonge Oy, as well as resellers and media partners.
BASIS AND PURPOSE OF KEEPING THE REGISTER BASIS FOR KEEPING THE REGISTER: Personal data is processed based on the data subject's customer relationship.
Personal data is processed with consent (e.g., mailing list collected at trade fairs for interested parties, consent for marketing obtained through a form)
PROCESSING OF PERSONAL DATA AND USE OF THE REGISTER Personal data is processed only for pre-defined purposes, which are as follows:
Improving offerings and services Informing about services Communicating about new products Targeted communication INFORMATION STORED IN THE REGISTER The customer register contains the following information:
CONTACT INFORMATION: name address and possibly phone number email OTHER INFORMATION: brands the customer is interested in date when the customer's information was recorded on the list consent for direct marketing RIGHTS OF THE DATA SUBJECT The data subject has the following rights, and requests to use them should be made to info(a)bonge.fi or by calling +358 10 440 9180.
RIGHT OF INSPECTION The data subject can inspect the personal data we have stored.
RIGHT TO CORRECT INFORMATION The data subject can request the correction of incorrect or incomplete information concerning them.
RIGHT TO OBJECT The data subject can object to the processing of personal data if they believe that the personal data has been processed unlawfully.
DIRECT MARKETING BAN The data subject has the right to prohibit the use of their data for direct marketing.
RIGHT TO ERASURE The data subject has the right to request the deletion of data if the processing of the data is not necessary. We will process the deletion request, after which we will either delete the data or provide a justified reason why the data cannot be deleted.
It should be noted that the data controller may have a statutory or other right not to delete the requested information. The data controller is obliged to retain accounting material in accordance with the Accounting Act (Chapter 2, Section 10) for the defined period (10 years). Therefore, accounting-related material cannot be deleted before the expiration of the deadline.
WITHDRAWAL OF CONSENT If the processing of personal data concerning the data subject is based solely on consent, and not, for example, on a customer relationship or membership, the data subject may withdraw their consent.
The data subject can complain to the Data Protection Ombudsman.
The data subject has the right to demand that we restrict the processing of disputed data until the matter is resolved.
RIGHT TO COMPLAIN The data subject has the right to file a complaint with the Data Protection Ombudsman if they believe that we are violating the data protection legislation in the processing of personal data.
Data Protection Ombudsman's contact information: www.tietosuoja.fi/fi/index/yhteystiedot.html
REGULAR SOURCES OF INFORMATION Customer information is obtained regularly from the following sources:
Lists of contact information collected at trade fairs, for example, Messumasiina, with marketing consent Directly from customers when a customer relationship is established Directly from customers through the online form REGULAR DISCLOSURES OF INFORMATION Information is not generally disclosed for marketing purposes outside Bonge Oy.
We have ensured that all our service providers comply with data protection legislation. We regularly use the following service providers:
MailChimp / Rocket Science Group
STORAGE AND DURATION OF DATA The data collected is stored in databases that are protected by, among other things, firewalls, encryption techniques, and restricted access control and permissions. The collected data is retained only as long as necessary according to applicable law. For example, some personal data is retained after the termination of the customer relationship due to accounting legislation.
Personal data is processed mainly as long as the customer relationship is in force.
The registered person can unsubscribe from our marketing list through the link in every marketing email we send.
DATA PROCESSORS The data controller and its employees process personal data. We may also partially outsource the processing of personal data to third parties, in which case we ensure, through contractual arrangements, that personal data is processed in accordance with applicable data protection legislation and otherwise properly.
TRANSFER OF DATA OUTSIDE THE EU Personal data is not transferred outside the EU or the European Economic Area.
AUTOMATIC DECISION-MAKING AND PROFILING We do not use data for automated decision-making or profiling.