Data Protection Policy
Last modified 13.04.2022
We handle all personal data with confidentiality and in compliance with the new European Union data protection regulation.
This data protection statement explains what kind of information we collect about our service-users, how we use this information and how the user can influence this.
1. What personal data do we collect?
1.1. Data provided by the user, e.g.
- name, email address, address, phone number
- approval for direct marketing via email, SMS and other automated systems, for instance newsletter subscription
- feedback and contacts from the clients
- replies on draws and competitions
- data provided for questionnaires and studies
- product and order data
- other data collected with user’s approval
1.2. Data received from the use of web services
- the web service’s browser data
- the web service’s user data (for instance user’s method of entry to the service, browser and device data, cookie identifier, time spent on service, geographical location)
2. How is this personal data used?
We use personal data only for predefined purposes:
With the users’ consent we collect their email addresses, enabling us to send news and information on our services and products.
We collect information on how our website is used, enabling us to improve and develop our services.
If a user has joined our mailing list or in another manner given their approval for direct marketing, we may send them direct marketing material in electronic form.
With users’ approval we collect personal data, enabling the users to reply to draws and competitions and participate in them.
We collect data on website users, which enables us to show them targeted advertisement on products, services and offers that might interest them, using various communication channels.
We collect information on our website’s users, which enables us to improve our customer service.
With users’ approval we collect data needed in order to offer or provide them Tivoli Sariola Oy’s services.
3. Third parties
We use some third-party services. We select these parties carefully to ensure their compliance with the EU data protection law. These parties are located in the US and are in compliance with an EU data protection law -abiding EU-U.S Privacy Shield.
3.1. WP Engine
This website’s hosting services are offered by WP Engine. WP Engine is committed to observing the EU data protection law. The website is secured in the following ways, among others: 24 h surveillance, HTTPS protection, regular updates, and storing collected information in databases protected by fire-walls, encryption techniques and limited access control and network access.
More information on WP Engine’s terms can be found here.
3.2. Google Analytics
We use Google Analytics to measure the use of our web services. Google Analytics may place cookies on the user’s device to collect data for example on website’s visitor numbers. This data can also be used for showing visitors advertisement that is likely to interest them. Cookie is a small text file the browser downloads to the user’s device. Cookies usually have an unnamed, user-specific identifier, that allows us to recognise and count the browsers visiting our website.
More information on Google Analytics’ terms are found here.
3.3. Community plug-ins
4. How long is my data stored for?
The data collected is only stored for as long as necessary.
5. How is my personal data protected?
We take all the necessary technical privacy measures to secure our users’ personal data. These measures are for instance the use of fire-walls, encryption techniques and safe physical collocations, appropriate access control, controlled access rights and access supervising, and guidance for the personnel involved in handling the personal data. We also take measures to ensure that all our subcontractors observe the EU data protection law.
6. Links to other websites
We do not account for the privacy policies or contents of sites that are linked to our website and administered by external parties, nor do we account for their legitimacy or administration. In case you notice illegal or offensive content on websites linked by us, we appreciate any feedback
7. How can I influence?
We are committed to offering our users choices and administrative options when it comes to privacy.
7.1. Direct marketing restriction
The user has the right to forbid the use of their data for direct advertising, distance sales and other direct marketing by contacting us via email at email@example.com.
7.2. Data checking
The user has the right to check any personal data collected on them. From the user’s request we can delete or complete any personal data that is inaccurate or outdated with respect to the aim of handling the personal data. The user can update and/or check their personal data by contacting us.
7.3. Blocking cookies
The register is controlled by Tivoli Sariola Oy. The user can at any time contact the controller. Contact information: firstname.lastname@example.org.