Wisestein
Supply chain management at its best.

Privacy Policy

This privacy policy also serves as a register description in accordance with Section 10 of the Personal Data Act (523/1999).

1 Data Controller
SCM Best Oy (hereinafter “the operator”), Viikinkaari 6, 00790 Helsinki
Business ID: 2294678-8
Phone: +358 50 462 6195
Email: jan.tammisto@scmbest.fi

2 Register Matters
Inquiries and feedback regarding the register will be responded to as quickly as possible. The statutory maximum response time is 30 days.

2.1 Our Register Contact Person
Jan Tammisto
Phone: +358 50 462 6195
Email: jan.tammisto@scmbest.fi

3 Name of the Register
The operator’s customer and marketing register (hereinafter “the register”)

4 Purpose of Processing Personal Data
The purpose of processing is to manage customer relationships, fulfill the rights and obligations of the customer and the data controller, and to process personal data in accordance with the Personal Data Act for purposes related to online services, research activities, and targeting advertising and/or direct marketing by the data controller and/or its partners based on customer data through the data controller’s media and services, without disclosing personal data to external parties.

5 Data Content of the Register
The register may contain the following information about customers: name, email address, mobile and/or other phone number, organization and position, organization’s address details, contact log, information about newsletter or other content subscriptions, and information about data collection prohibitions on a customer-by-customer basis.

6 Regular Sources of Data
The register is compiled from the data controller’s customer information system, publicly available public and private internet sources, and other possible public sources. As a rule, data sources are specified if they are other than the first mentioned.

6.1 Amount of Data Collection and Data Retention Period
The service provider commits to collecting only the data that is relevant to the customer’s interest at any given time. Data is likewise retained either for the minimum period required by law (for example, receipts) or for the minimum time required by the customer relationship in each case. To send materials other than those related to primary customer relationship management, the service provider commits to obtaining separate consent from each customer.

7 Regular Data Disclosures
Register data is not regularly disclosed to external parties. An exception to this is cases where a person who has entered into an agreement on data processing between a third party, the operator, and the customer becomes a customer of the operator.

8 Data Transfer Outside the EU or EEA
The operator does not, as a rule, disclose identified data to external parties. Non-identified data, such as clustered, anonymous visitor data, may be transmitted through Google Analytics, Tag Manager, Search Console, and Facebook tracking pixel. This data does not contain any information that can be linked to the user’s identity, but it may contain information related to cookies set in the user’s web browser for marketing targeting purposes.

9 Principles of Register Protection
Access to the register is only available through personal access rights granted by the data controller. Only designated persons who need the data to perform their work duties have access to customer data. A court of law may grant authorities access to the register if the court so decides.

10 Right of Access
As a rule, everyone has the right to check the data stored about them in the personal data register. The request must be made in writing to the service provider at jan.tammisto@scmbest.fi

11 Right to Demand Correction or Deletion of Data
Everyone has the right to demand correction of incorrect data in the personal register or deletion of data. The request must be made in writing by email to jan.tammisto@scmbest.fi

12 Other Rights Related to Personal Data Processing
In accordance with Section 30 of the Personal Data Act, the registered person has the right to prohibit the data controller from processing data concerning them for direct advertising, distance selling, and other direct marketing, as well as for market and opinion research, personal directories, and genealogical research.