Skip to content

Register Description

Register Description / Privacy Policy

This Privacy Policy has been prepared in accordance with the EU General Data Protection Regulation (GDPR) and applicable national law.

1. The controller

Mepratuote Oy
Business ID: 2735806-1
Kaviokuja 8
20380 Turku
Telephone: 02-2750111

2. Contact person responsible for the register

Maria Vira
E-mail: maria.vira(at)mepratuote.fi

3. Name of the register

Mepratuote Oy's customer register

4. Purpose and legal basis for processing personal data

Personal data is processed for the purposes of managing and developing customer relations, processing orders, delivering products, billing and collection, and providing customer service.

The data is also used for archiving and tracking orders and for handling possible complaints and warranty procedures.

The grounds for processing personal data are:

  • contract performance (e.g. order processing and delivery)
  • the legal obligations of the controller
  • the legitimate interest of the controller (maintaining and developing the customer relationship)
  • consent of the data subject (e.g. newsletter and direct marketing)

Direct marketing by e-mail will only be sent if the data subject has given his or her consent. Consent can be withdrawn at any time by telephone, email or by using the unsubscribe link in the marketing message. Subscribing does not require the creation of a customer account.

5. Data content of the register

The following data may be processed in the register:

  • the name and business ID of the business customer
  • first name and surname
  • postal address
  • phone number
  • e-mail address
  • usernames and passwords for electronic services
  • order information and purchase history
  • communication and communication related to the customer relationship (e.g. complaints and feedback)
  • information relating to guarantees
  • billing and collection data
  • marketing information and direct marketing authorisations and prohibitions
  • technical information such as IP address, browser and browser version
6. Regular sources of information

Personal data is primarily obtained from the data subject in connection with an order, contact or use of services.

Data may also be collected from the controller's POS systems, online services and, where necessary, from public authorities or personal data service providers in order to update the data.

7. Disclosure and transfer of data

Personal data will not be sold to third parties. Data may be disclosed or transferred in order to fulfil contractual obligations to:

  • logistics and transport companies to enable deliveries
  • to suppliers and manufacturers of products for support services such as maintenance and warranty handling
  • payment service providers, credit institutions and banks for the processing of payments
  • to email marketing systems for direct marketing purposes, unless the data subject has opted out of such marketing.
8. Protection of the register

Personal data is protected by appropriate technical and organisational measures, such as firewalls, encryption, access control and passwords.

Only those employees who are entitled to process the data on the basis of their job duties are allowed to do so. Each user has a personal ID.

9. Retention period

Personal data will only be kept for as long as necessary for the purposes of the processing or to fulfil legal obligations (e.g. accounting legislation).

10. Rights of the data subject

The data subject has the right to:

  • check their personal data
  • request the correction of inaccurate information
  • request the deletion of data to the extent permitted by law
  • restrict the processing of data, for example for direct marketing purposes
  • withdraw consent at any time

Requests should be sent in writing to the controller at the address/contact person indicated in points 1 and 2.

en_USEnglish
fiFinnish sv_SESwedish en_USEnglish