Labmaster Oy Ltd (0601728-4) Hereinafter the Company
Data protection oﬃcer and/or contact person
+358 22 760 555
Name of personal data ﬁle
Labmaster Oy Ltd customer and marketing register
Personal data that we collect
We collect personal data necessary for the management of customer relationships, such as the customer’s name and contact details as well as user data in the service. We collect personal data from data subjects themselves as well as from other publicly available registers maintained by the authorities and from other external sources, such as the Finnish Trade Register and similar public company registers. We also collect data from those who submit contact forms, and we use the data for the aforementioned purposes of maintaining customer relationships.
Purpose and grounds for processing personal data
Personal data are processed to the extent permitted by existing legislation for testing the online service, managing customer relationships and sharing information and advice about the services. We may use the data to collect and analyse user statistics. The data collected are also used for marketing communications. The processing of personal data for marketing communications is based on the consent given by anyone who submits the contact form.
Direct marketing will be discontinued at the customer’s request. Customers can withdraw their consent at any time by notifying the aforementioned contact person. The processing of personal data may be necessary for the purposes of the legitimate interests of the Company with regard to customer relationships. The company has a legitimate interest in processing personal data in the context of marketing, service and customer analyses as well as testing the service. When used for marketing purposes, proﬁling may also be carried out. In this case, data subjects have the right to object to the processing of their personal data.
Personal data can only be accessed by those responsible for customer relationship management and marketing eﬀorts.
Disclosure of data
Personal data will not be disclosed to third parties or transferred outside the European Union or the European Economic Area unless this is necessary for the technical implementation of the service. In any situations requiring the disclosure and transfer of the data, the level of data protection required by data protection legislation and other necessary security measures will be in place.
We protect personal data using appropriate technical and organisational measures. The data are collected in databases, which are protected by ﬁrewalls, passwords and other technical measures. Databases and their backups are located in locked and protected spaces, and only certain pre-designated persons have access to the data.
Retention period and destruction of personal data
Personal data are retained for as long as needed for the purpose for which they were collected and processed, or for the implementation of a contract, or for as long as required by law and regulations, after which the data are destroyed in an appropriate manner.
Rights of data subjects
Data subjects have the following rights:
- Data subjects must have access to their personal data upon request within the limits of business conﬁdentiality and internal Requests for access must be sent to the aforementioned contact person in writing and signed by the data subject, who must be identiﬁed in a reliable manner.
- Data subjects can request that their data be rectiﬁed if incomplete or
- Data subjects may request that their data be deleted if there is no reason for processing the data on the grounds of data protection legislation or for any reason that is not dependent on the data subject’s
- Data subjects have the right to restrict the processing of their personal data if the accuracy or lawfulness of the data so requires, or, under the right to object to the processing, they can request that the processing of personal data be restricted only to storing the
- Data subjects have the right to object to the processing of data for purposes of direct marketing on the basis of the legitimate interest of the
- Data subjects can ask for their data to be transferred to another controller if it is safe and technically possible to do
- Data subjects must submit requests concerning their rights in writing or by email to:
Request concerning access/other issues related to personal data Rauhalinnantie 31, 20780 Kaarina, Finland
The Company will respond to requests within one month of the request being made unless there are special reasons to extend the response time.