Green Market marketing and customer register

Data Protection Statement in accordance with the Data Protection Act (1050/2018) and the EU GDPR Regulation.

Ecommerce Holding Oy stores and processes personal data in accordance with the EU GDPR and the current Personal Data Act (523/1999) in a corresponding manner. We may change this privacy statement from time to time by posting a new version online, so please check back regularly.

Registrar

Ecommerce Holding Oy
Pohjoisranta 24 A 18
00170 Helsinki


The contact person responsible for registry matters

Toni Tele
marketing@greenmarket.fi

Our operations are based on legal business, so we also comply with the EU regulation on the storage of personal data - this, in short, is the following six points:

- The information we store about the person is legal, reasonable and transparent in terms of processing. This means that you can access your information at any time.
- The information is tied to the purpose of use – for example, the information we collect about people is only tied to a specific purpose of use. We will not disclose your information to third parties unless there is an appropriate reason for doing so.
- We minimize the information we store - we only store what is necessary.
- We try to keep our information accurate.
- We limit the storage of data - the data has a defined useful life, after which it is either automatically or routinely deleted, unless there is a legal reason for the storage.
- We store intact and reliable information, for example verified through backups.

Purpose of personal data processing

The register is only used to maintain the customer relationship between Ecommerce Holding Oy and the customer. Placing an order does not require registration in the customer register.

Data content of the register

Basic customer information: customer number, last name, first name, postal address, postal code, postal office, telephone number, mobile phone number, email address, order history and delivery tracking information. In addition, IP address information, information collected through cookies and information collected from social media channels.

Permission to send marketing communications is stored in the register, if the customer has given his consent.

Information about the payment services of Paytrail Oyj (online banks), Stripe (payment cards) and Klarna. Payment intermediaries collect the IP address, payment method and payment date in connection with the payment transaction. Read more about our payment methods and terms.

Regular sources of information

Contact information is saved when the customer registers. Other information is saved when the customer makes purchases in the online store.

Regular data transfers and data transfer outside the EU or the European Economic Area

We hand over limited personal data to other parties - this practically means:

- We use email marketing tools. Only name and e-mail address are stored in these.
- We use a CRM tool to handle customer relations and manage purchase transactions, where we store minimized e.g. attached: the person's name, address information, contact information and order history.

Principles of registry protection

The data system and files of the registrar are protected by the technical protection methods that are normally used. Access to the register requires a personal username and password, which are granted only to a member of the staff of the registrar, whose position and tasks the said access right is related to. The password is not known to Ecommerce Holding Oy . Information is stored in accordance with the legislation in force at any given time.

Right of inspection

The registered person has the right to check the information stored in the register concerning him. Communications regarding the right of inspection must be made in writing and signed to the address mentioned in point 1, addressed to the Registrar.

The right to request data correction or data deletion

If there are errors in the registered data, the data subject can send a request to correct the error or delete the data to the address given in section 1.

Other rights related to the processing of personal data

Everyone has the right, regardless of confidentiality regulations, to find out what information about him or her has been stored in the personal register or that there is no information about him or her in the register after reporting the facts necessary to search for information. At the same time, the registrar must inform the registrant of the registrant's data sources as well as where the register's information is used and disclosed as registrants.