This is Medimo Oy’s registry and data protection statement in accordance with the EU’s General Data Protection Regulation (GDPR). Prepared on November 1, 2021. Last modified November 1, 2021.
Näsilinnankatu 27 B, 33200 Tampere, Finland
Contact person responsible for the register
tel +358 400 278172
Name of the register
Customer and Website User Register of Medimo Oy
Purpose of the customer register
The purpose is to manage the customer relationship, to implement the rights and obligations of the customer and the data controller, and to process personal data in accordance with the Personal Data Act for purposes related to on-line services. In addition, personal data is processed for the controller’s marketing, including direct marketing. Direct marketing can also be implemented electronically.
Information content of the register
• Basic information such as name, address, email address
• Invoicing, collection and financial information
• Event information
• Customer and contractual information
• Information provided by the registrant himself
Website user register
Regular sources of information
Information provided by the customer as well as publicly available information. Customers’ personal data is generally collected on the basis of the information provided by the customer in connection with work inquiries and orders, and on the basis of changes in the information provided by the customer. Customer information may be supplemented from public sources about the customer (e.g., the customer’s website). Contact information for companies and other organizations can also be collected from public sources such as websites, directory services, and other companies.
Disclosure of information
Medimo Oy discloses customer data within the limits required by applicable legislation. The data will not be transferred outside the European Economic Area or the European Union.
The register is used only by Medimo Oy’s employees. The information is collected in electronic databases that require a username and password. Medimo Oy’s information system, network service administrator’s information network and equipment where the register is located, is protected by a firewall and other technical measures. The data is protected by access rights defined on the basis of the employee’s duties, with the data transfer encryption programs.
Right of inspection pursuant to Chapter 6, Section 26 of the Personal Data Act
The data subject has the right to inspect the information entered in the register about him or her, the right to demand the correction of incorrect information and otherwise to exercise his or her rights protected by the Personal Data Act. A written request for verification and correction of the data must be addressed to the person responsible for the register (see section Contact person responsible for the register).
Other rights related to the processing of personal data
The data subject has the right to refuse to process personal data for the purposes of direct mail, distance selling and other direct marketing, as well as market and opinion research. The ban shall be entered in the register.