Register and Privacy Statement

This is New Organics Oy's register and data protection statement in accordance with the Personal Data Act (Sections 10 and 24) and the EU's General Data Protection Regulation (GDPR).

1. Registrar

New Organics Oy
Äyritie 8 A

01510 Vantaa

Social security number: 2521920-1

2. The person responsible for the register

New Organics Oy,

Piritta Vaarna, tel. 010 322 3681

3. Register name

New Organics Oy's customer register.

4. Processing of personal data purpose

Personal data is processed for managing, managing, developing and analyzing the relationship based on the customer and other factual connection comparable to the customer, including customer communication, which can also be carried out electronically.

The information is not used for automated decision-making or profiling.

5. Data content of the register

The information to be recorded in the register is:

  1. The customer's contact information and information that enables ordering: first and last name, street address, zip code, post office, country, phone number, email address.
  2. Possible consent to send direct marketing.
  3. Information about customer orders and deliveries.
  4. Identifiers required to log into the service.

6. Regular sources of information

The information to be saved in the register is obtained from the customer, e.g. From messages sent via web forms, by e-mail, by phone, via social media services, contracts, customer meetings and other situations where the customer discloses their information, such as when ordering an online store.

7. Regular transfers of data and transfer of data outside the EU or EEA

The information in the register is not disclosed outside of New Organics Oy or for the own use of its partners, except in matters related to invoicing or collection and when required by legislation.

Data will not be transferred outside the territory of the member states of the European Union or the European Economic Area, unless it is necessary for the purposes of processing the personal data mentioned above or for the technical implementation of the data processing, in which case the requirements of the personal data legislation are complied with.

8. Principles of registry protection

Care is taken when processing the register and the information processed with the help of information systems is properly protected. When registry data is stored on Internet servers, the physical and digital data security of their hardware is taken care of accordingly. The registrar ensures that stored data as well as server access rights and other data critical to the security of personal data are handled confidentially and only by those employees whose job description it is.

9. Right of inspection and the right to demand correction of information

According to the Personal Data Act, the registered person has the right to check what information about him has been stored in the register. The inspection request must be sent to the person in charge of registry affairs and must be in writing and signed. The inspection request can also be made in person at the registrar's office. If necessary, the registrar can ask the requester to prove his identity.

The registered person has the right to prohibit the processing and disclosure of information about him for direct advertising, distance sales and other direct marketing as well as market and opinion surveys by contacting the controller.

At the end of the customer relationship, the customer's data will be removed from the register as soon as their processing is no longer necessary, but at the latest after the deadline required by law.

The registered person has the right to demand the correction of incorrect information by contacting the controller.