PRIVACY POLICY

Clewer Technology Oy (hereinafter “Clewer”) collects and processes the personal data of customers, potential customers or their representatives (hereinafter “Customer”) for the purpose of managing customer relationships and providing services as well as for marketing. Personal data is any kind of data that can be used to identify the Customer, such as their name and telephone number.

 

  1. Name of the register

Clewer customer and marketing register (hereinafter also “Register”)

  1. Controller

Joint controllers: Clewer Technology Oy, Clewer Oy, Clewer Markkinointi Oy and Clewer Logistics OÜ. 

The Controllers may also be contacted by letter or email:

Clewer Technology Oy

Business ID: 2372046-5

Linnankatu 34

20100 Turku 

info@clewer.com

 

  1. Why are we processing your personal data?

The basis for processing personal data may be consent given by the Customer, an agreement made with Clewer, a statutory obligation incumbent upon us or a legitimate interest related to our operations. We only process personal data to the extent that it is necessary for the following purposes:

 

  • Establishing and maintaining Customer contacts and processing Customer feedback
  • Administering contests and campaigns and awarding prizes
  • Providing services to the Customer (e.g. equipment maintenance and remote monitoring)
  • Targeting direct marketing at customers or potential customers
  • Delivery and processing of webshop orders
  • Website technical maintenance and data analysis

 

 

As a processing principle, legitimate interest is based on law and its application requires that the interests and rights of the data subject are taken into particularly careful consideration. A legitimate interest involves the processing of data which is essential to the Controller’s operations and which the Customer can reasonably assume to be part of the Controller’s operations.

Personal data may only be processed for the prescribed purposes. Based on the personal data provided by the Customer, the Customer will not be sent, for example, direct marketing without the express consent of the Customer, and the Customer’s data will not otherwise be processed in violation of this Privacy Policy. 

 

  1. What kind of data about me will be collected and what are the sources of data?

Clewer only processes data that is necessary for the intended purpose of the register. Data is primarily collected directly from the Customer themselves, when the Customer contacts Clewer, for example, to provide feedback or enter a contest or visit the Clewer webshop. This type of data includes the Customer’s name, address, email address and telephone number.

Data is also collected in connection with use of the service. When the Customer is making a transaction on the Clewer webshop, the Customer’s purchase data, such as order time and payment information, are saved in the register. User data, such as IP address, browser information and time of visit, is also collected when using the Clewer website. 

We may purchase personal data for non-recurring marketing use also from registers outside Clewer. We may also collect personal data from public sources. In the above-mentioned cases, we will provide information on the source of the contact data in connection with the marketing. Furthermore, we also take into account the fact that direct marketing, such as email or text message marketing, requires the express, prior consent of the recipient. 

We conduct statistics-based customer profiling and analyses, for which we use your demographic data (e.g. place of residence) and your transaction data. We also use data for direct marketing. We process your data for this purpose because we genuinely want to develop and grow our business. We make every effort to provide you with marketing that is as interesting and useful to you as possible.

 

  1. Who processes personal data?

At Clewer, personal data is processed by personnel whose work involves the maintenance and administration of the services in question. 

Data is disclosed to the following parties outside Clewer:

  • Companies that provide marketing services, for example, to organise direct marketing campaigns targeted at potential customers or to handle telephone sales on our behalf.
  • Companies that are responsible for the maintenance and development of Clewer’s IT services.
  • Law enforcement authorities and other authorities based on requests for information made in accordance with local legislation.
  • Insurance companies for the purpose of processing damage compensation claims.

 

  1. Transferring data outside the EU or EEA

Personal data is not transferred outside the EU or EEA. Google Analytics, which we use for our online service, may also save data outside the EU/EEA. If desired, you may prohibit the use of Google Analytics by only accepting the use of essential cookies in the cookies settings.

 

  1. How long is data stored?

Data is stored on the following timetable:

  • Customer feedback: Data will be erased within one (1) year of the date on which the Customer provided their feedback. However, if necessary, data may be stored for a longer period if there is a compelling reason to do so, such as a customer credit paid based on Customer feedback, compensation for damages or another reason based on applicable law.
  • Participant data for drawings and contests: Data will be erased when the winner has been notified and the prize has been awarded.
  • Webshop personal and transaction data: Data will be stored for as long as necessary in compliance with laws on accounting and consumer protection.
  • Other Customer data: Data will be stored for as long as necessary in order to process it for one of the purposes mentioned above.

 

  1. Principles of register protection

Databases in which the data is stored are technically and physically protected in such a manner that prevents outside personnel from accessing it. Access to the data is restricted only to personnel for whom the data is necessary to perform their duties.

 

  1. Joint controllership with Facebook

As Clewer maintains community pages on Facebook, Clewer and Facebook Ireland Limited are joint controllers of the Clewer pages where visitor data is concerned. Facebook processes the personal data of its users in accordance with its own data protection principles: www.facebook.com/privacy/. Facebook bears primary responsibility for compliance with data protection legislation with regard to ensuring both the privacy and rights of data subjects in their service. Clewer processes data on the basis of legitimate interest. 

 

Facebook provides Clewer with data on individual data subjects that is deemed public information on Facebook, such as username and profile image data. We process data only for our own purposes, such as to provide information on our new products and services, marketing, receiving customer feedback, purchasing advertising from Facebook and measuring the reach of advertisements.  

 

  1. Customer rights

The Customer is entitled to exercise the rights mentioned below by contacting Clewer by letter or email.

Right of access

The Customer has the right to inspect their own data in the Clewer customer and marketing register. 

Right to rectification

The Customer has the right to request rectification of any inaccurate or incorrect data. 

Right to erasure

The Customer has the right to request that their personal data be erased from the Clewer customer and marketing register (“right to be forgotten”). Not all data can necessarily be erased, if the Customer wants to continue using Clewer’s services, such as the remote monitoring service. Upon the request of the Customer, Clewer will make every effort to erase data without any undue delay, unless there are legal grounds for denying erasure.

Right to restrict processing

The Customer has the right to restrict the processing of their personal data. Once the Customer has submitted a request to restrict processing, Clewer may no longer process the Customer’s personal data unless there are legal grounds to do so. Restricting the processing of data may limit the Customer’s ability to use Clewer’s services or prevent it altogether. 

The Customer has the right to deny, at any time, all direct marketing related to Clewer as well as any profiling carried out for direct marketing purposes.

 

  1. Right to lodge a complaint with a supervisory authority

The Customer may lodge a complaint concerning the processing of their person data with the competent supervisory authority in the EU member state where they reside. More detailed information on national supervisory authorities can be found on the website below: http://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=612080

 

  1. Who should you contact?

You can contact the controller of your personal data. Their contact details are specified in Section 2 above. 

 

UPDATED VERSION 18.03.2022