PRIVACY POLICY
Date: 28 May 2021
This is the Privacy Policy of the Paimio Sanatorium Foundation as required by the Personal Data Act (10 and 24 §) and the EU General Data Protection Regulation (GDPR), which details how we process the personal information of Paimio Sanatorium Foundation’s customers.
This Privacy Policy explains which customer information we collect, for which purposes we use the said information, and how we protect it. Please note that making a purchase and/or signing up to our potential newsletter means that you consent to the collection your information. We reserve the right to make changes and updates to this Privacy Policy.
1. Controller of the register
Paimio Sanatorium Foundation (3176698-4)
Alvar Aallon tie 245
21540 Paimio, Finland
2. Contact person for the register
Paimio Sanatorium Foundation (3176698-4) / Henna Helander
Alvar Aallon tie 245
21540 Paimio, Finland
3. Name of the register
The Paimio Sanatorium Foundation customer register
4. The reason for collecting personal information
We process personal information in order to manage customer relationships, to handle orders/reservations, for invoicing purposes, as well as to improve the user experience on our website, enable analytics, and prevent violations. The information is also used for communications of the Paimio Sanatorium Foundation in case you have given permission for that. You have the right to refuse the processing of your information for direct marketing purposes.
5. The content of the register
The following information is collected within the register: the name of the customer or company/organisation, the VAT number of the company, address details, telephone number, email address, permissions for marketing, payment and invoicing details, and other order and delivery related information. The personal identification number of the customer is collected for credit agreement purposes only.
When you sign up to our newsletter or complete our customer survey, we will collect the following information: name, email address, and language. In addition to this, we collect observational and analytics-based usage data from our online store, such as browsing data and device identification data (please see cookie policy below for more information).
6. Regular information sources
The primary information source is the user, either via online purchases, email, or telephone. We aim to keep you informed about which information we need to collect for agreement purposes and which is completely voluntary.
7. Release of data to third parties
Your information will only be used for customer relationship management. We may release certain necessary information to third parties, such as payment partners, credit organisations for payments in installments, delivery partners to guarantee deliveries, or analytics and statistics partners for analytics purposes. We may also share information with the authorities when required to do so by law.
8. Data transfer outside the EU or EEC
Your information will not be transferred outside the EU or EEC.
9. Data storage
The Paimio Sanatorium Foundation stores your information until further notice for the duration of the customer relationship. You can request your information to be removed at any time. However, payment and billing information related to your completed orders/reservations is stored as required by the Accounting Act (1997/1336 § 10).
10. Cookie policy
We use cookies and corresponding technologies to collect information about our user traffic and improve the user experience of our service on your device. These cookies and other session identifiers have a limited lifespan, after which they are deleted by the browser.
The cookies allow us to collect user information for analytics and personalisation purposes in collaboration with third parties. The information collected is anonymous and cannot be used to identify you. Our website analytics are based on Google Analytics. Read more about the data processing of Google Analytics.
11. The principles and measures to protect the data register
We apply extreme care in handling our customer register and ensure all the information we process is appropriately protected. Customer information is collected in a protected electronic database, accessing which requires a username and password. Usernames and the different tiers of access rights can only be assigned and defined by the key user of the customer register.
The customer register is handled in utmost confidence. The information is only processed by personnel of the Paimio Sanatorium Foundation authorised to do so and bound by a non-disclosure agreement. Customer information is stored digitally, and any unnecessary printed documents are destroyed appropriately.
12. The right to review and request the correction of your information
You have the right to request a compilation document containing all the personal information which you have provided to us. To do this, please contact us via email. You may also request your personal information to be deleted or corrected, as well as refuse the processing of your information for marketing purposes. Any such requests should be addressed to the assigned contact person of the customer register.
The right to request the deletion of personal information does not apply to information which we are required to store due to maintenance, judicial, accounting, or information security related reasons or obligations.
13. Contact
You can contact us via email at info@paimiosanatorium.com.