Based on the EU General Data Protection Regulation (GDPR)
The date of issue: 24.09.2018
The Register Holder
Saurum Oy (hereinafter ”Saurum”)
Business ID: 0298672-3
Tel: +358 40 3040 228
Name of the Register
Lumoava Lounge Membership Register
The Purpose of the Register
The register is used for the management of the memberships, communication within the membership programme, and marketing. The data in the register will be used for Saurum’s own direct marketing, unless the customer has prohibited direct marketing. The data in the customer register is used to structure the product supply as well as target and develop the supply and for statistical purposes.
Saurum may use partners to maintain the customer and service relationships. Some of the information in the register may be transferred to the servers of these partners due to technical requirements.
Personal data will be processed within the limits allowed and required by the
Personal Data Act.
Contents of the Register
The personal data register shall contain the following information:
A person’s first and last name
Information about orders processed
The order tracking information provided by the postal services
Information about marketing authorizations and prohibitions
Date of birth
Information Sources of the Register
The information that the customer has given by themselves and the orders placed on the online store.
Disclosure of the Information
Saurum may disclose the customer register information to parties that have entered into a cooperation agreement with Saurum for the purpose of delivering customer orders. The Saurum partners do not use the information for any other purpose or disclose the information to third parties. Saurum may disclose the customer information to authorities to the extent permitted and required by the applicable law.
The information will not be disclosed outside the EU or the European Economic Area.
Principles for The Protection of the Register
The personnel of Saurum Oy have a professional confidentiality with regards to all customer register information. Only identified Saurum Oy employees or those acting on behalf of Saurum Oy regards to this register have the right to process manually the stored customer data.
Due to the technical implementation of the data processing, some of the information may be physically located on the servers or facilities of external subcontractors and processed through a technical connection.
Registry Protection and Storing Data
Saurum Oy organizes the security of the registry in a generally effective, generally accepted manner and seeks to prevent unauthorized access to its information systems by appropriate technical solutions. In order to access the customer information, one must enter a username and password. Only identified employees of Saurum Oy and companies acting on its behalf are entitled to use the registry application. All persons who manage IT database have a license for the database granted by Saurum Oy.
The Right to Review, Correct and Prohibit
The customer has the right to review the information concerning him or her that is stored in the register. Once logged in, the customer can review and correct their own information.
If chosen, the request to review may also be made in writing and must be sent in writing and signed to:
PL 1512 (Hopeakatu 3)
Saurum will respond to requests to review the registry information in writing.
If there are errors in the customer’s information, the customer may make a request to the controller of the register to correct the error or correct it by themselves.
The customer has the right to deny the use of their information for direct marketing by notifying the customer service of the Saurum Oy’s Lumoava online store by letter to the person managing the register or by email to email@example.com.