The address of our websites are: ramandaandersson.fi/en and voimavarasi.fi

In this privacy statement, we describe how Voimavarasi Oy processes the personal data of its customers and those who contacted us via the form www.voimavarasi.fi to comply with the EU Data Protection Regulation “GDPR”. the person who has contacted the company through the website.

Voimavarasi Oy may update this data protection statement from time to time, for example when legislation changes. Voimavarasi Oy informs its customers about material changes to this privacy statement.

1. Registrar

Voimavarasi Oy (Business ID 3154606-5) Friskinpolku 7 F 70, 20360 Turku

2. Contact person

Privacy Officer: Ramanda Andersson, ramanda.andersson@gmail.com, tel. 040-5872200. The customer and the contact person may contact the data protection officer in all matters related to the processing of personal data and in situations related to the exercise of the data subject’s rights.

3. Purpose and basis of processing of personal data

Voimavarasi Oy processes the personal data of the registered persons for the following purposes:

• To manage the customer relationship between Voimavarasi Oy and the customer

• To contact the contact person of Voimavarasi Oy

• To inform Voimavarasi Oy’s customers and contacts about new services and offers, for marketing.

4. Personal information processed

When a client comes to Coaching, the following information will be taken from them:

first and last name, phone number, date of birth (minimum syn. year) email address, street address, post office, zip code. As well, the training measures taken are recorded with the date. This is because the Patient Act and a trained masseur are obliged by law to protect the client and the service provider if, for example, there are major changes in the client’s health in the future after treatment. When the statutory retention period expires, the data is shredded in the shredder.

When you come up with the coaching service, you will get: first and last name, phone number, e-mail address. Both, if necessary, note down briefly on a separate piece of paper what was done and what was discussed for the next visits. The paper is kept separate from the customer’s contact information so that the information cannot be easily linked to the customer himself.

5. Voimavarasi Oy collects personal information from the contact person or customer when he or she contacts Voimavarasi Oy himself. Contact information (name, e-mail, telephone) is also collected from events and raffles, in which case the customer himself consents to the provision of information and accepts the processing and possession of the information. Voimavarasi Oy does not collect personal information from third parties, such as Facebook.

6. Upon receipt of personal data, the data will remain in the possession of Voimavarasi Oy and will not be passed on to any third party. The information of former Massage customers (05/2018 – & gt; no new ones) is currently stored behind a locked room in a locker box, not in a named folder. The contact details of the coaching clients are kept in the same locked room, in a different box. Emails from both Contacts and customers (if this communication has been used) will be kept in ramanda@voimavarasi.fi until they are no longer needed. Voimavarasi Oy may also store the e-mail, name and telephone number in an Excel or Mailchimp file stored on the machine behind the password. Emails are behind the email password. Both phone numbers (if used to communicate with the customer) are stored on the phone behind the fingerprint / password.

7. Transfer of personal data outside the European Union or the European Economic Area. Voimavarasi Oy does not transfer the data subject’s personal data outside the European Union or the European Economic Area

8. Retention period of personal information

Voimavarasi Oy processes the personal data of registrants as long as the customer uses the services relatively regularly, and has not asked Voimavarasi Oy to delete its contact information. If the customer or contact person has not used Voimavarasi Oy’s service during the last two years, Voimavarasi Oy will delete the customer’s data and contact information in its entirety automatically.

9. Protection of personal data and data security Voimavarasi Oy takes care of the data security of personal data with appropriate administrative and technical security measures. For devices and emails, or an Excel or Mailchimp file that can contain contacts (mailing list, name, and phone), there is at least one password behind the combination. Only Ramanda Andersson, personal usernames and passwords have access to systems containing customer and contact personal information.

10. Customer and Contact Rights. In accordance with applicable data protection laws, the customer and the contact have the right at any time to:

• gain access to their personal data (right of inspection);

• require the correction or supplementation of inaccurate and incorrect personal data;

• request the deletion of your personal information;

• receive the personal data provided to Voimavarasi Oy in electronic form, assuming that Voimavarasi Oy processes personal data electronically;

• request a restriction on the processing of their personal data (for example, while the data subject is awaiting a response to a request for rectification of his or her personal data).

The customer and the contact person must submit a request for the exercise of their rights to the contact person mentioned in point 2. Voimavarasi Oy may ask the customer / contact person to verify their identity or specify their request before executing the request. Voimavarasi Oy may also refuse to execute the registered request on the grounds provided for in the data protection legislation, in which case Voimavarasi Oy notifies the data subject of this reason.

11. Right to appeal to the supervisory authority. The customer and the contact person have the right to make a complaint to the relevant supervisory authority if he or she considers that Voimavarasi Oy has not processed personal data in accordance with the applicable data protection legislation. The customer / contact person may lodge a complaint with the supervisory authority of the Member State in which the complainant has his or her habitual residence or place of employment or where the alleged breach of data protection law has taken place.