Registry description in accordance with sections 10 and 24 of the Personal Data Act (523/1999). Under the EU Data Protection Regulation, the controller has an obligation to inform data subjects in a clear manner. This Register Description pursuant to Sections 10 and 24 of the Personal Data Act (523/1999) fulfills this information obligation.
In this leaflet, we tell you what kind of personal information we may collect about you when ordering our services or contacting Reittitiimi Oy’s customer service.
Business ID 1747694-5
Purpose of the processing of personal data
b. Customer management
e. Financial management
Information collected in the register
• Address information
• Phone number
• Ordering information
• Purchase history
• Delivery information
• Billing information
The processing of our personal information is based on
Consent to the person himself, to the contract with the person or to a legal / legal obligation
Retention of personal information
Accounting personal information is kept for 10 years. The information provided through the form on our website will be retained for five years
since the last update
If a person denies the processing of their personal data
1) The contractual relationship does not arise or is terminated.
2) Marketing or news information cannot be sent
Contacts regarding the register:
Please contact us in writing at the email address below.
Contact: Ville Schoultz,
Transfer of data outside the EU or the EEA
Personal data will not be transferred to third countries or international organizations.
• Accountor Finago Oy / Procountor.com – Connections are secured in a similar way to online banking.
• Int2000 Oy e-mail server with an address book collected from e-mails. Protected with a username and password.
Outside the EU:
• MailChimp email address book,
• Dropbox cloud service
→ All of the above are protected by a username and password
Risks of processing personal data
We estimate that the processing of the Company’s personal information does not pose significant risks to the individual.
Registry security principles
• Access to data requires a password
• Monitoring of registry users
Rights of the data subject
Right of inspection
The data subject can check the personal data we have stored.
Right to rectify data
The data subject may request the correction of incorrect or incomplete information concerning him.
Right of objection
The data subject may object to the processing of personal data if he or she feels that the personal data has been processed unlawfully.
Prohibition of direct marketing
The data subject has the right to prohibit the use of the data for direct marketing.
Right of removal
The data subject has the right to request the deletion of the data if the processing of the data is not necessary. We will process the deletion request, after which we will either delete the data or provide a valid reason why the data cannot be deleted. It should be noted that the controller may have
statutory or other right not to delete the requested information. The registrar is obliged to keep the accounting material in accordance with the period (10 years) specified in the Accounting Act (Chapter 2, Section 10). Therefore, the accounting material cannot be deleted before the deadline.
Withdrawal of consent
If the processing of personal data concerning the data subject is based only on consent and not e.g. membership, the data subject may withdraw consent.
The data subject may appeal against the decision to the Data Protection Officer
The data subject has the right to demand that we therefore limit the processing of the disputed data until the matter is resolved.
Right of appeal
The data subject has the right to lodge a complaint with the Data Protection Officer if he or she feels that we are in breach of the applicable data protection legislation when processing personal data.
The registry description was updated on March 11, 2022 by Ville Schoultz