Register and Privacy Statement
​
Voimavarasi Oy - Customer and user register and Privacy statement
In this privacy policy, we describe how Voimavarasi Oy processes the personal data of its customers and those who contact us through the form on the website www.voimavarasi.fi, in accordance with the EU's "GDPR". has personally contacted the company via the website.
​
Voimavarasi Oy can update this privacy policy from time to time, for example when legislation changes. Voimavarasi Oy informs its customers about essential changes to this privacy statement.
​
1. Registrar
Voimavarasi Oy (3154606-5)
Puukirkontie 24, 02880, Veikkola
​
2. Contact person
Data protection officer: Ramanda Andersson, ramanda.andersson@gmail.com, tel. 040-5872200. The customer and contact person can contact the data protection officer in all questions related to the processing of personal data and in situations related to the exercise of the data subject's rights.
​
3. Purpose and basis of processing personal data
Voimavarasi Oy processes personal data of registered users for the following purposes:
• To manage the customer relationship between Voimavarasi Oy and the customer
• Voimavarasi Oy contact person to answer
• To inform customers and contacts of Voimavarasi Oy about new services and offers, for marketing.
​
4. Personal data to be processed
When a customer comes to Coaching, the following information is taken from them:
first and last name, telephone number, date of birth (minimum year of birth) e-mail address, street address, post office, postal code. Also, the training procedures performed are recorded with the date. This is because the Patient Act and a trained massage therapist is obliged by law to protect the client and the service provider if, for example, there are major changes in the client's health in the future after the treatment. When the storage period required by law expires, the data is shredded in a shredder.
​
When entering the coaching service, the following are taken: first and last name, phone number, email address. And, if necessary, briefly note down on a separate piece of paper what was done and what was discussed for the next visits. The paper is kept separate from the customer's contact information so that the information cannot be easily linked to the customer himself.
​
5. Voimavarasi Oy collects personal data from the contact person or customer when he or she contacts Voimavarasi Oy. Contact information (name, email, phone) is also collected from events and raffles, in which case the customer himself agrees to provide the information and accepts the processing and possession of the information. Voimavarasi Oy does not collect personal data from third parties, such as Facebook.
​
6. Upon receipt of personal data, the data will remain in the possession of Voimavarasi Oy, and will not be forwarded to any third party. The information of former Massage customers (05/2018--> there will be no new ones) is currently stored behind a locked room in a cabinet drawer, not in a designated folder. The contact information of coaching clients is kept in the same locked room, in a different box. Both Contactors' and customers' e-mails (if this communication has been used) are stored in the ramanda.andersson@gmail.com e-mail until they are no longer needed. Voimavarasi Oy may also collect the e-mail, name and phone number in an Excel or Mailchimp file, which is saved on the computer behind the password. The e-mails are behind the e-mail password. And phone numbers (if used to communicate with the customer) are stored in the phone behind the fingerprint/password.
​
7. Transfer of personal data outside the European Union or the European Economic Area. Voimavarasi Oy does not transfer the registered person's personal data outside the European Union or the European Economic Area.
​
8. Personal data retention period
Voimavarasi Oy processes the personal data of registered users as long as the customer uses the services relatively regularly, and has not asked Voimavarasi Oy to delete their contact information. If the customer or contact person has not used Voimavarasi Oy's service in the last two years, Voimavarasi Oy deletes the customer's information and contact information in their entirety automatically.
​
9. Personal data protection and data security Voimavarasi Oy ensures the data security of personal data with appropriate administrative and technical security measures. There is at least one password behind the combination for devices and e-mails or an Excel or Mailchimp file that may contain contact information (mailing list, name and phone number). Only Ramanda Andersson has access to the systems containing the customer's and contact person's personal information, with personal usernames and passwords.
​
10. Rights of the customer and contact person. In accordance with the applicable data protection legislation, the customer and contact person have the right at any time to:
• get access to their personal data (right of inspection);
• demand the correction of inaccurate and incorrect personal data or the completion of personal data;
• demand the deletion of their personal data;
• receive the personal data they have provided to Voimavarasi Oy in electronic form, assuming that Voimavarasi Oy processes personal data electronically;
• demand the restriction of the processing of their personal data (for example, while the data subject is waiting for a response to the request for the correction of their personal data).
​
The customer and contact person must make a request regarding the exercise of their rights to the contact person mentioned in section 2. Voimavarasi Oy can ask the customer/contact person to verify their identity or to specify their request before implementing the request. Voimavarasi Oy can also refuse to implement the registered request on the basis stipulated in the data protection legislation, in which case Voimavarasi Oy will inform the registered person of that reason.
​
11. The right to file a complaint with the supervisory authority. The customer and contact person have the right to file a complaint with the relevant supervisory authority if they consider that Voimavarasi Oy has not processed personal data in accordance with the applicable data protection legislation. The customer/contact person can file a complaint with the supervisory authority of the member state where the complainant's permanent residence or workplace is located, or where the alleged violation of data protection legislation has occurred.