Privacy statement

Finnish Personal Data Act (523/99) section 10
EU General Data Protection Regulation 2016/679, drawn up on 8 February, 2018

1. Controller
Clewer Marketing Ltd. Biolinja 12
FI-20750 Turku Finland

2. Name of the registry
Clewer: customer and marketing registry

3. Person in charge of registry-related matters
Contact person:
Tommi Leppälehto
Clewer Marketing Ltd. Biolinja 12
FI-20750 Turku Finland

4. Use of the registry

  • Customer contacts
  • Delivering news letters
  • Managing competitions and campaigns and delivering prizes
  • Implementation of marketing prohibitions referred to in legislation
  • Processing feedback and maintaining contacts
  • User analysis of websites

Processing is based on maintaining a customer relationship, the consent of the data subject or the implementation of the controller’s legitimate rights

5. Data content of the registry
Data processed according to the use of the registry includes information:

  • Contact details: name, address, email, telephone number
  • Customership information
  • Demographic data: gender
  • Interests in the controller’s website and services
  • Other data provided by the customer
  • Data concerning the device used by the data subject: for example, terminal, IP address, operating system and browser

6. Data sources
Data is collected from the data subject in relation to managing the customership, campaigns, feedback and news letter subscriptions. Furthermore, cookies are used to collect website usage data.

7. Data disclosure and transfer
The data is not disclosed without the consent of the data subject, except when enforced and allowed by legislation or when required by official regulations.
Subcontractors can be used to perform tasks related to the use of the registry, and the data can be transferred outside the EU/EEA if it is necessary in the terms of providing the service. In these circumstances, the controller must ensure a sufficient level of data protection with contracts according to the legislation.

8. Data retention period
The controller shall retain the data only for the necessary duration regarding the use of the registry.

9. Registry protection
The databases where the data is stored are protected technologically and physically so that external parties do not have access to them. Only those parties that need the data to perform their tasks have access to it.

10. Right to inspection and correction and information deletion
The data subject has the right to cancel their newsletter subscription at any time.
The data subject has the right to inspect the data stored about the data subject in the registry, the right to demand the correction of false personal information, and the right to have information about the data subject deleted from the registry.
Inspection, correction and deletion requests must be sent in writing and signed to the person in charge of registry-related matters.

11. Right to data transfer and prohibition
The data subject has the right to retrieve personal data supplied to the controller in a structured, generally used and machine-readable format if the processing is based on consent or an agreement, and the processing is performed automatically.
The data subject has the right, according to article 18 of EU’s General Data Protection Regulation, to limit the processing of the data.
The right to data transfer and prohibition are valid from 25 May 2018.

12. Changing the privacy statement
The controller reserves the right to update and change the privacy statement. The data subject is informed of these changes whenever required by the legislation.