Hoylatools Online Store Customer Register Privacy Statement

We use Klarna as the provider of our checkout. This means that we might transfer your personal data in the form of contact and order details to Klarna when the checkout is
loaded, in order for Klarna to manage your purchase. Your personal data transferred is processed in line with Klarna’s own privacy notice.

Registrar

Planemill Finland Ltd Oy / Hoylatools
Business ID 1965562-1
Postal address Villintie 166, 16300 Orimattila

Contact person

Jani Höylä
info@hoylatools.fi

Name of the register

Hoylatools customer register

Grounds for keeping the register

Personal data is collected on the basis of a contractual customer relationship or other material connection or with the consent of the data subject. If the processing is based on consent, it can be canceled at any time.

Purpose of the processing of personal data

Personal information is used

  • To maintain, maintain, manage, manage and develop customer relationships
  • For registrar marketing and marketing targeting
  • For delivery, processing and archiving of orders
  • To develop the operations and services of the Hoylatools online store
  • To improve the customer experience
  • For analytical and statistical purposes
  • To produce more personalized targeted content and marketing
  • To prevent abuse
  • To provide better customer service

Description of registered groups

The person has or has had a customer relationship or the person has registered in the online store or subscribed to the online store newsletter or other marketing content.

Information content of the register

The customer register can process information belonging to the following groups:

Information provided by the user or personally identifiable

  • Identification information, such as name
  • Contact information such as address, email address and phone number
  • Payment information and other billing information
  • With the consent of the customer, location information used to estimate delivery time

Information observed and analytically derived from the use of the Services

  • Purchase history, e.g. ordered products and their price information
  • Delivery information, such as the selected delivery method and delivery address
  • E-commerce usage and browsing information as well as terminal identification information

Providing identification, contact and payment information is mandatory when purchasing from the Hoylatools online store.

Regular sources of information

Personal information is collected from the registrant himself at different stages of the customer relationship life cycle.

Regular disclosures

Personal data may be used by the Hoylatools online store or its partners for actions determined by the purpose of the register. Only Hoylatools’ own employees have access to customer data. Our staff is trained to use information safely and ethically. Each of our staff sees customer information only insofar as it is necessary to perform work tasks.

We use trusted contractors to transfer information to a third party. Agreements with all partners have taken into account the requirements of the EU Data Protection Regulation and other legislation.

Data transfer outside the EU or the European Economic Area

Personal data will not be transferred outside the EU or the European Economic Area.

Retention period or retention criteria for personal data

Personal data shall be kept only for as long as is necessary for the purpose for which the personal data are processed. Deletion times and policies are defined and outdated and unnecessary personal information is deleted. The obligation to retain personal data may also be determined by law.

Order information, such as billing history, is retained even if the contact’s personal information is deleted. Legislation imposes obligations on some personal data for longer-term storage, e.g. for the following purposes:

  • The Accounting Act defines longer retention periods for information, regardless of whether the material contains personal data or not.
  • Fulfilling consumer trade responsibilities
  • System log information is collected and stored as required by law to provide us with a legal and secure online store for our customers.
  • Adequate backups of trade databases and systems to secure data, correct errors and ensure data security and continuity

Personal data entered in the register is regularly reviewed and deleted when there is no legal basis for processing.

Principles of customer registry protection

The data stored and processed digitally is in databases that are protected by a firewall, passwords and other technical means. Paper files are stored in a locked state with electronic access control.

In the processing of personal data and technical solutions, we follow good data protection practices, e.g. data consolidation, minimization, pseudonymization, anonymization, and encryption. The requirements of the EU Data Protection Regulation applicable as of 25 May 2018 have been taken into account in the processing of personal data.

All access to personal data is controlled in accordance with good practice.

Rights of the data subject

The data subject has the right to check his or her personal data stored in the register. The request for inspection must be sent in writing and signed  to the above-mentioned registry contact person. A request for verification may also be made to the controller at the above address.

The data subject has the right to request the correction of incorrect data concerning him.

The data subject also has the right in certain situations to delete personal data concerning him from the register and to request their transfer to another data controller.

The data subject has the right to prohibit the use of the data for direct mail, distance selling or other direct marketing, as well as opinion and market research.

The registrant may be assigned electronic direct marketing provided that the registrant has not prohibited direct marketing. The data subject has the right to prohibit direct marketing at any time.

Any disagreements will be resolved primarily in consultation with the data subject. The data subject also has the right to refer a matter concerning the processing of personal data to the data protection authority.

Changes to this Privacy Statement

This privacy statement may be updated from time to time, for example as legislation changes. This Privacy Statement was last updated on 9/15/2021