Privacy Notice of Koho Sales Oy Client Register
(Policy updated 19.03.2020)
1. Data Controller
Koho Sales Oy (later “Koho”)
Business ID 0872238-2
Vanha Talvitie 11 C, 00580 Helsinki
Tel. +358 10 526 2600
2. Person managing the register
c/o Koho Sales Oy
Tel. 010 536 2600
3. Name of Register
Client register based on client and other appropriate connection (“Koho client register”)
4. Purpose of Processing Personal Data
Personal data is processed to manage clients and other appropriate activities regarding client management and analysis, providing of services and customization, business development, planning and marketing, sales, polling and client communication, which can be accomplished digitally and targeted.
Personal data may be processed for marketing activities within the limitations of the law. This includes direct marketing, distance selling and polling.
The general prerequisite for Personal Data Processing: Personal Data Act 8 § 1 moment 1, 2, 5, 6 and 7.
5. Content of the register
The following data subjects’ data may be processed in this register:
- Name and contact details (the company’s address, phone number and email address)
- The beginning and end date of the client relationship and way of connection
- Direct marketing permissions/prohibitions
- Data regarding the utilization of digital services and digital content (e.g. subscription to our newsletter), The technical data sent by the data subject’s browser to the Data Controller’s server (e.g. IP-address, browser information, browser version, the page from which the data subject has arrived to our web-page) and the cookies sent to the data subjects browser and data related to them.
- Data related to the advancement of marketing and sales such as marketing measures targeted to the data subject and the data subject’s participation in marketing measures (e.g. raffle, competition and event participation)
- Data related to the service and caretaking of the client (e.g. purchase, order cancellation data, delivery and order information regarding free products and services, feedback, claims and recordings of customer services events such as phone calls, emails, chat- and text messages)
- Data regarding the browsing behaviour in the Koho website and services (e.g. clicking of links, browsed web pages, arrival and departure pages)
- Data derived by analytics regarding the use of the service or data the client has rendered (e.g. possible objects of interest or the belonging to a certain user group)
6. Data Transfer and hand over
In certain cases, data may be handed over to third parties. Data may be transferred the Data Controller’s partners of choice who process data on behalf of the Data Controller according to an agreement made between parties. In this case, the data processor does not reserve the right to process the data on its own behalf in its own Data Registers.
As a rule, the data is not transferred outside of the EU or European Economic Area unless it is necessary for the processing of personal data purposes or for the technical implementation. In this case, all requirements stated by the Data Regulation are abided by.
Koho may transfer data to its own direct marketing registers after the termination of contract or other appropriate connection. Data may be handed over to the acquirer in the connection of m&a situations if Koho sells or otherwise newly organizes its company.
7. Protection of the Register
All digitally processed data in the register is protected by firewalls, passwords and other generally accepted technical measures in the data security industry. Only the employees and commissioned companies acting on behalf of the company have been granted access to the data held by the register.
8. Right to Access, Rectify and Object
According to the Data Regulation Data Subjects have the right to inspect what data has been stored of the individual. We will make any necessary rectifications, addendums to the data of the Data Subject by the request of the Data Subject. Additionally, we will remove data which is erroneous regarding the purpose of processing or unnecessary, out of date or defective. The inspection and updating of data can be requested by contacting our customer service. The request must be in written form and signed.
The Data Subject has the right to object to the processing of his/her personal data and to withdraw consent to distance selling, direct marketing or other direct marketing and polling by contacting our customer support.
9. Cookies and other related technical measures
A cookie is a small text file, which the browser saves to the user’s device. Cookies contain a unique identifier with which the user can be identified.
Koho utilizes cookies on its web page. The purpose is to improve user experience (for example: to make it possible that the client does not necessarily have to input user info every time they are logging in.) The user cannot be identified with cookies alone. Data collected with cookies are also used to
analyze the usability and use of the web service, to improve security, track usage and develop the page.
The data collected with cookies may be utilized in targeted communication, marketing and content development in the web page and to measure and optimize marketing activities.
The cookies of Koho’s marketing partners enable targeted marketing and measuring in other companies’ sites who participate in the same marketing cooperation.
The use of client data for the purpose of targeting Facebook ads can be restricted from here.
10. The Storing of Personal Data
Koho uses USA-based Mailchimp and HubSpot services for email announcements and newsletter management. In order to assure sufficient privacy Mailchimp and HubSpot service providers have committed to follow the Privacy Shield frameworks accepted by the U.S department of commerce and
11. Koho is Committed to Protect its Clients Data
Client data is protected by training the company’s employees to follow data protection and data security protocols and by auditing data protection and data security protocols regularly.
The phones of the employees are password protected. Old phones are wiped when decommissioned. The computers and emails of the employees are password protected.
The access to the Koho Office is arranged by unique identifiable access cards. Access to the office is monitored. Guests visiting the Koho Office are always under supervision and only invited guests can access the office. No documents are stored in paper form in the office.
12. Questions regarding Data Protection
If you require more specific information regarding Koho’s data protection policies or if you want to make a request or rectification regarding your personal data, please contact our customer support. We will respond as soon as possible.
Koho develops its business activities constantly and therefore reserves the right to alter this Privacy notice. The alteration of this document may also be caused by the changes in laws or regulations. Koho advises Data Subjects to familiarize themselves with the content of the privacy notice regularly.