Register- and dataprotection statement
This is Blushing Beetle's EU's general dataprotection regulation (GDPR) register- and dataprotection statement. Created 01.05.2021 Latest edits done 02.10.2021.
1. Register holder
BLUSHING BEETLE, 310097-5, 21100 Naantali, Finland
2. Register name
Blushing Beetle webstore's clientregister.
3. Legal basis and the purpose of handling personal information
EU's general dataprotection regulation's legal basis for handling personal information is:
- person's consent (dokumented, voluntarily, conscious and unambiguous)
- contract, which the registered is a part of
- law (personal data law 10 ja 24§ )
- performance of a public task or
- the lawful right of the register holder (e.g custom, employment relationship, membership).
Personal information may be handled for communication, client relationship upkeeping or adverticement purposes. Information won't be used for automatic decision-making or profiling.
4. Register's information content
Information that get saved to the register are: person's name, position, company/organization, contact information (phonenumer, emailaddress, address), www-site addresses, network's IP-address, profiles on socialmedia services, information of ordered services and their changes, billing information, other client relationship and service related information.
Website visitor's IP-address and necessary cookies are handled with legitimate reasoning such as to ensure security and to collect site visitor's statistics on those instances when they can be seen as personal information. Consent for 3rd party cookies are asked separately.
5. Regular sources of information
Information saved to the register is obtained from the client from messages send through www-forms, email, phonenumber, socialmedia platforms, contracts, client meetings and other situations where clients is giving out their information.
6. Information disclosure and transmitting outside EU and ETA
Information is not handed over to any other parties.
7. Register's principles of protection
Register is handled with care and information handled by the system is protected accordingly. When registerinformation is being stored in Online-servers, their hardware's physical and digital security is being protected accordingly. Register holder takes care that any saved information, server rights and other critical personal information is being handled confidentially and only by those workers whose job description it includes.
8. Right of inspection and correction of information
Every registered person has the right to inspect information stored to the register, and to demand correction on any faulty or incomplete information. If a person wishes to inspect the saved information and demand correction, request must be filed and send to the register holder. Register holder may ask for ID confirmation of the person sending the request. Register holder will reply to the client within the timeframe regulated by the EU's data protection ordinance (usually within a month).
9. Other personal information handling rights
Person in the register has the right to ask for their information to be deleted from the register (''the right to be forgotten''). The so called registered people have all the other rights set by the EU's general data protection regulation like restriction of handling in certain situations. Any requests must be filed and send in writing to the register holder. Register holder may as for ID confirmations. Register holder will reply to the client within the timeframe regulated by the EU's data protection ordinance (usually within a month).