Privacy policy

1. Data controller

Name: Suomen Biljardimyynti Oy (Business ID 1770973-7)
Contact details: Sähkötie 8 (Tammisto Shopping Center)
01510 Vantaa, Finland

2. Person responsible for register matters and/or contact person

Heikki Lehto, 09 5882494 or 040 5244859

3. Name of the register

Suomen Biljardimyynti, customer register – Finland. The register consists of several sub-registers.

4. Purpose of processing personal data (intended use of the register)

The register is used for managing customer relationships, customer communications, and marketing. The register data is used for Suomen Biljardimyynti’s own direct marketing unless the customer has opted out of direct marketing. The register’s name and address details may be disclosed for direct marketing purposes unless the customer has prohibited such disclosure. However, customer data is not disclosed to external parties. Suomen Biljardimyynti uses this and other data generated during the customer relationship to plan its product and service offering and to target that offering. The aim is to operate in a customer-oriented way and also take into account the customer’s different purchasing-channel habits.

5. Contents of the register

The customer register consists of several separate registers compiled according to their main purpose of use. Together, the customer data in these registers forms the stored data sets for each customer as follows:

1. Billing customer contact details and information required to place orders: The customer’s contact details (last name, first names, street address, postal code, city) and other customer-specific information. Any prohibition by the customer on disclosing their address or other data to other companies for direct marketing. Any prohibition by the customer on sending them any promotional mail.
Information required for processing and delivering billing customers’ orders: The phone number provided by the customer for contact purposes, personal identity code, and credit terms.

2. Contact details and information required to place orders for customers of Suomen Biljardimyynti Oy’s online store:

a) Online store customer details: The customer register stores the information the customer has entered on the registration form when registering. Mandatory registration details are first name, last name, street address, postal code, city, username, and password. Optional details include other contact information and other information provided by the customer.

b) Customer data collected from online store orders: Information required for processing and delivering online store orders at the time of ordering: contact details, phone number, as well as date of birth and other information required for credit purchases.

3. Information required to maintain credit purchases: Information required for credit monitoring and maintaining credit entitlement.

4. Information required for processing, delivering, and returning orders: Information on billing customers’ and online store customers’ orders, deliveries, and returns.

6. Regular sources of data

The register’s contact and customer relationship data is obtained from notifications made by the customer to the data controller when the customer relationship is created and during it.

A customer relationship is created
1) when the customer requests a catalogue,
2) registers in the online store, or
3) orders goods.

The name and address details of mail-order customers are updated from the Population Information System. A direct marketing opt-out and a prohibition on disclosing address details to other companies are recorded based on the customer’s separate notification. Separate consent is requested from the customer for electronic direct marketing (such as email, text messages) in accordance with the Personal Data Act. Information on creditworthiness at the time of ordering is obtained from Asiakastieto Oy’s system.

7. Regular disclosures of data and transfer of data outside the EU or the European Economic Area

Name and address details may be disclosed from the customer register for direct marketing purposes. The data disclosed from the register may then include name and address details.
The customer has the right to prohibit disclosure of data. Online store customer data is not disclosed to parties outside the group. Data is not transferred outside the EU or the European Economic Area.

8. Principles of register protection

Manual material is stored in a locked area and access is limited to authorized persons only. Electronic material: Only specifically designated employees are authorized to use the system containing customer data and to modify customer data. Each user has their own username and password for the system. Through personal database access rights and different user levels, access is restricted only to the data necessary for performing the person’s work tasks. The customer register and the IT system hardware used to process it are located in locked and guarded premises. To prepare for disruptions, data is backed up regularly by copying. The system is protected by a firewall against external connections. Employees handling customer register data are bound by confidentiality. Data is only shared with or disclosed to external parties due to a statutory duty to report, such as at the customer’s own request or at the request of an authority based on law.