PRIVACY AND REGISTRATION STATEMENT

PAYMENTS
Payments with Visa, Visa Electron or MasterCard

Paytrail Oyj (2122839-7) acts as a payment broker and payment service provider in cooperation with Finnish banks and credit institutions. Payments made with Visa, Visa Electron, or MasterCard will be displayed as a payee on the card invoice and forwarded to the merchant. Paytrail plc is licensed as a payment institution.

Paytrail Oyj, Business ID: 2122839-7 ,Innova 2 Lutakonaukio 7 40100 Jyväskylä tel: 0207 181830

Online banks

Paytrail plc (2122839-7) is a payment brokerage service for online banking, in cooperation with Finnish banks and credit institutions. For the user, the service works just like traditional online payment.

Klarna 

By using the Klarna Checkout service you agree to the terms and conditions of Klarna AB (556737-0431, Sveavägen 46, 11134 Stockholm), which you will find at checkout. If you have any payment questions, please contact Klarna Customer Service directly on 09-425 99 771 (Mon-Fri 8: 00-18: 00) customer [email protected].

REGISTRATION STATEMENT

1. Registrar

Vimmacompany Oy
Y: 2567714-9
Hiidenkivenpolku 5
01690 Vantaa

[email protected]
+358 (0) 44 984 7986
www.vimmacompany.com

2. Contact person in matters concerning the register

Marjut Rahkola
Fredrikinkatu 18
00120 Helsinki

[email protected]

3. Register name

Vimmacompany Oy's customer register

4. Purpose and legal basis of personal data processing

The purpose of the processing of personal data stored in the customer register is to create and maintain a customer relationship, customer service and enabling contacts required by customer service, processing orders placed by the customer, delivery of ordered products and marketing. As well as for the development of Vimma's services.

According to the EU's General Data Protection Regulation (2016/679), the legal basis for processing personal data is the data subject's consent, agreement or legitimate interest.

5. Data content of the register

The customer register can contain the following information about the registrants:

  • name
  • email address
  • phone number
  • delivery address
  • language
  • information about the customer's purchases, deliveries and discounts (=order information)
  • usernames and passwords
  • name of the company

6. Statutory data sources of the register

The register's regular data source is the data collected from customers on the online store's checkout form and registration page. Personal data is collected and processed by Vimma's online store, which provides personal data in connection with ordering or registering in the online store and other websites and on social media.
 
Personal data can be collected via Vimma's websites and forms in electronic or non-electronic form (for example, feedback and order forms) as well as by telephone and e-mail in customer service and physical stores.

7. Regular transfers of information 

Personal data may be disclosed to third parties in the European Union, such as suppliers, partners, and service providers of Vimma's online store. This information can be disclosed for the purpose of delivering goods or services or for the execution of the contract between Vimma and the customer. Personal data will not be disclosed to third parties without the express consent of the party, except for the aforementioned purpose, unless otherwise provided by law.

8. Deletion of data

The data can be deleted at the Customer's request. Data deletion requests should be sent to [email protected], which will then be deleted manually.

9. Register protection principles

The data system and files of the registrar are protected by the technical protection methods normally used in business operations. All paper printouts or other similar documents in paper form that contain data collected from data subjects will be destroyed immediately and appropriately. The right to use the customer and newsletter register requires a personal username and password, which are granted only to a member of the staff of the registrar, whose position and duties the said access right is related to. The handlers of the customer and newsletter register have a duty of confidentiality for all information. In terms of accounting material, the company's accountant has access to the information in question, such as the company's invoices. The accounting material is in electronic software and is protected with appropriate technical security measures.

The controller reports a possible data security breach in accordance with the applicable legislation.

10. The right to deny

The customer can access information about him. The data controller can charge a reasonable direct fee for providing the information, if the customer has received the information for the first time in less than a year.
 
The customer has the right to check his data in accordance with the Personal Data Act. In addition, the customer has the right to prohibit the processing and disclosure of his personal data related to direct marketing and distance sales. Requests regarding the ban should be sent by email to [email protected]
 

11. Information about automatic decision-making incl. about the existence of profiling

Personal data is not used for automatic decision-making or profiling.