Register statement
Use of customer data in Master Yhtiöt Oy in accordance with Section 10 of the Personnel Act (523/1999)
Date of preparation 17.7.2017, update 23.1.2019
Registrar
Master Yhtiöt Oy
Masterintie 1 B 6
80710 Cow
0400 368 500
Contact person handling registry matters
Master Yhtiöt Oy
Finance Manager Jonne Ihalainen
Masterintie 1 B 6, 80710 Lehmo
Phone: 0400 368 500
Register names:
Customer register
Supplier register
Personal register
Customer register
The following information about the customer can be processed in the register: contact information, social security number and credit information. In addition, additional information provided by the customer can also be stored. The provided personal data can be used for managing customer relationships, maintaining customer information, and conducting market and opinion surveys.
Supplier register
The registry keeper is entitled to transfer the necessary information from his supplier to the extent necessary to fulfill contractual obligations.
Personal register
Information about the employees of the registrar is stored in the register: address, social security number, telephone number, e-mail address, tax number and bank connection. This information is processed on the basis of statutory grounds in order to fulfill social obligations.
Regular sources of information
The information stored in the registers is primarily collected from the customer himself. The customer's personal data can be checked for possible changes from companies that provide services related to personal data, such as credit data from Suomen Asiakastieto Oy's credit data register.
The controller receives sufficient contact information from the suppliers in order to fulfill the obligation under the delivery contract.
Data processing outsourcing
The processing of the controller's personal data is partially outsourced to fulfill statutory obligations (IT support, system supplier). The processing of personal data complies with the requirements of the Data Protection Regulation and other valid regulations.
Regular transfers of information
Personal data is disclosed to the authorities in order to fulfill statutory obligations.
As a general rule, personal data is not transferred outside the European Union (EU) or the European Economic Area (EEA). Personal data can be stored on foreign cloud servers, in which case the requirements of the data protection regulation are complied with.
Principles of registry protection
The manual material is reliably archived and the digital material is located on the system supplier's server, which is protected. These materials can only be processed by those who are entitled to do so.
Rights of registrants
The registered person has the right to check what information about him has been stored in the register and the right to demand the correction of incorrect information by contacting the controller in writing.
The registered person has the right to request the removal of his/her personal data from the register (the right to be forgotten) by contacting the controller in writing.
The controller responds to the request within the time frame stipulated in the data protection regulation, which is basically one month from the submission of the request for action.
Personal data retention periods
The personal data of the customer register is stored to fulfill statutory obligations. If there are no longer legal grounds for storing personal data, the personal data will be deleted from the register as unnecessary.
The personal data of the employee register is kept for the statutory periods.
The personal data of the supplier register is kept throughout the completion of the contractual obligation.