This is the Register and Privacy Statement of the Personal Data Act (sections 10 and 24) and the EU’s General Data Protection Regulation (GDPR) of the Sailpix company. The document has been in force since May 25, 2018. The last change was made on 12.8.2018.
Sailpix, Katajaharjuntie 11 A 11, 00200 Helsinki
2. The contact person responsible for the register
Erik Lähteenmäki, firstname.lastname@example.org, tel. +358-400-199950
3. Registry Names
-The company’s customer register
|Legal basis and processing
|Company customer registry:
Name, address, telephone number, email
|Customer service for delivery of media or service.
|Managing Customer Relationships.
The purpose of processing personal data is to communicate with customers when delivering photos, videos, or media in various formats. Information is not used for automated decision making or profiling.
|Photo and video database of the company
|Displaying photos and videos on the companys webpage and in social media.
|Freedom of press within the scope of news and information.
Photographs and videos are published as news press documents only from competitions and events organized in public places. Persons in the picture are not marked individually without the permission of the person concerned.
4. Regular deliveries of information and transfer of data outside the EU or EEA
Information will not be disclosed to other parties on a regular basis. The information can be published as far as it has been agreed with the customer.
Data can also be transferred by the registrar from outside the EU or the EEA.
5. Principles of registry protection
Careful handling of the registry is ensured and data processed by the information systems is adequately protected. When keeping records on Internet servers, the physical and digital security of their hardware is handled appropriately. The registrar shall ensure that stored data, server access privileges and other critical data related to the security of personal data are processed confidentially and only by employees whose job description they belong to.
6. The right of inspection and the right to demand correction
Everyone in the register has the right to check his / her data stored in the register and to demand that any incorrect information be corrected or incomplete information supplemented. If a person wishes to check or request correction of his / her record, the request should be sent in writing to the registrar. The registrar may, if necessary, request the applicant to prove his identity. The registrar is responsible for the customer within the time limit set in the EU Data Protection Regulation (usually within one month).
7. Other rights related to the processing of personal data
A person in the register has the right to request the deletion of his / her personal data from the register (“the right to be forgotten”). Also, those who are registered have other rights under the EU’s general data protection regulation such as restricting the processing of personal data in certain situations. Requests should be sent in writing to the registrar. The registrar may, if necessary, request the applicant to prove his identity. The registrar is responsible for the customer within the time limit set in the EU Data Protection Regulation (usually within one month).