Skip to content
Privacy Notice
This is Ehta Group Oy's Register and Privacy Statement, in accordance with sections 10 and 24 of the Personal Data Act and the EU's General Data Protection Regulation (GDPR). Prepared on 13.3.2021. Latest amendment 13.3.2021
1. Controller
Ehta Group Oy, Teollisuustie 16, 69950 Perho
2. Contact person responsible for the register
Ville Laitila, 045 6786785
3. Register Name
Ehta Group Oy Marketing and Customer Register
4. Purpose of personal data processing
The purpose of processing personal data is to provide and develop services to better meet customer needs, fulfil contractual obligations and customer promises, manage customer relationships, and for electronic marketing.
5. Register data content
The data to be recorded in the register shall include: the person's name, contact details (phone number, email address, postal address), information on ordered services and their changes, billing information, and other information related to the customer relationship and ordered services.
Information is retained for as long as is necessary for the purpose of use. Personal data in the customer and marketing register will be deleted when the data used is identified as outdated or unreachable.
6. Regular sources of information
The data to be stored in the register is obtained from the customer via, for example, messages sent via web forms, by email, by telephone, through social media services, via contracts, customer meetings, and other situations where the customer provides their information.
7. Regular disclosures of information and transfer of data outside the EU or EEA
Information is not regularly disclosed to other parties. Information may be published to the extent agreed upon with the customer. Information may be transferred or disclosed to third parties for marketing or opinion research purposes related to Ehta Group Oy.
Information is not transferred outside the EU or EEA.
8. Principles of Registration Security
In processing the register, care shall be taken, and data processed using information systems shall be adequately protected. When register data is stored on Internet servers, the physical and digital security of their hardware shall be appropriately ensured. The controller shall ensure that stored data, as well as server access rights and other information critical to the security of personal data, are handled confidentially and only by employees whose job description includes such tasks.
9. Right of inspection and right to request correction of information
Every person registered has the right to check their data stored in the register and to request the correction of any incorrect data or the supplementation of any incomplete data. If a person wishes to check the data stored about them or request its correction, the request must be sent in writing to the data controller. The data controller may, if necessary, ask the requester to prove their identity. The data controller shall respond to the customer within the time limit stipulated by the EU's General Data Protection Regulation (generally within one month).
10. Other rights related to the processing of personal data
A registered individual has the right to request the deletion of their personal data from the register (“right to be forgotten”). Similarly, registered individuals have other rights under the EU General Data Protection Regulation, such as the right to restrict the processing of personal data in certain situations. Requests must be sent in writing to the data controller. The data controller may, if necessary, ask the requester to prove their identity. The data controller shall respond to the client within the time limit set out in the EU Data Protection Regulation (as a general rule, within one month).
