Privacy Statement

Frontpage
Privacy Statement

1. Registrar

Finn-Rent Ltd

Business ID: 0691098—8

Address: Telakkakatu 2, 00150 Helsinki

2. Data protection officer

Name: Niko Rytkönen

Phone: 0401305630

E-mail: niko.rytkonen@finnrent.fi

3. Purpose of processing personal data

• Customer relationship management and maintenance

• Provision and development of services

• Invoicing and collection

• Marketing and Communication

4. Information content of the register

The data to be stored in the register include:

• name, address, telephone number, email address

• Customer relationship information: customer number, contracts, order history

• Billing details: billing address, payment information

• IP address of the network connection

• Information about ordered services and their changes

• other information related to the customer relationship and the services ordered

5. Retention period of personal data

Customer data will be automatically deleted within (3) years if no rental transaction or invoice has been recorded for the customer during this period.

6. Regular sources of information

The information to be stored in the register is obtained:

• From the registered self

7. Regular transfers of data and transfer of data outside the EU or EEA

The information is not regularly disclosed to other parties. Data may be used/published to the extent agreed with the customer. The data will not be transferred or disclosed outside the European Union.

8. Principles of registry protection

Access to electronically stored data requires a username and two-step authentication. Only designated persons have access to the register.

9. Rights of the data subject

The data subject has the right to inspect his or her data stored in the personal register, to influence their use to ask the controller to correct their incorrect data.

The requests of data subjects are addressed centrally in writing by e-mail or by letter to the data protection officer. The applicant must be able to prove his or her identity. The information is available as a printout and as a PDF file.

The controller shall, without undue delay, on its own initiative or at the personal request of the data subject, correct, delete or supplement the personal data in the register which is incorrect, unnecessary, incomplete or outdated for the purpose of processing.

The data subject has the right to be forgotten, that is, to have his personal data erased, provided that one of the following criteria is met:

• personal data are no longer required for the purposes for which they were collected or otherwise processed

• the data subject withdraws the consent on which the processing was based and there is no other legal basis for the processing,

• personal data have been processed unlawfully. The data subject may request the registrar to transfer the data concerned to another controller, if technically feasible.