PRIVACY POLICY
Jazmine (unregistered trade name, business ID: 1943569-6) is committed to protecting the privacy of its customers in accordance with this privacy policy.
DATA CONTROLLER AND CONTACT INFORMATION
Private Entrepreneur (Business ID: 1943569-6)
Retkeilijänkatu 4 D 95, 00980 Helsinki
Phone number: +358-(0)415023651
Email address: studio@jazmine.fi
REGISTER
Customer register of the private entrepreneur
PURPOSE OF DATA PROCESSING
We process personal data to provide our services, manage customer relationships, and communicate with our customers. Contact information may also be used for marketing purposes, if the customer has given their consent.
LEGAL BASIS FOR DATA PROCESSING
The processing of personal data is based on the performance of a contract, legitimate interest, or the customer's consent.
TYPES OF DATA COLLECTED
We collect the following customer information, such as Name, Phone number, Email address, Address, and additional details to enhance the customer's experience during the service relationship.
The company collects information about customer bookings and the services they have used.
Customer consent for email and text message marketing.
The company may also collect information provided by the customer regarding their health. The company acknowledges the special protection needed for health information, so this data is always stored in a separate register. The data is pseudonymized to prevent it from being linked to personal data.
SOURCES OF INFORMATION
Personal data is obtained from the customer themselves during the use of the service, when making an appointment, from our website, or through other means with the customer's consent.
STORAGE AND DISCLOSURE OF DATA
The company uses Apple's iCloud service for data storage. Apple is committed to maintaining strong privacy practices: "Apple is committed to ensuring the security of our hardware, software, and services by regularly collaborating with third-party organizations to verify and validate the security of Apple's hardware, software, and services." – https://support.apple.com/en-us/guide/certifications/apc3cea61877b/1/web/1.0
Personal data is also processed and stored in the Timma service provided by our cooperation partner. Data stored in the Timma service does not include customer health-related information. Employees of Timma Oy and other data processors of the Timma service may have a legitimate basis to manually process the personal data in the register to provide the Timma service to the Studio Valo and its customers appropriately. Employees of Timma Oy and other data processors of the Timma service are committed to confidentiality obligations to protect customer personal data in accordance with the law.
Personal data may be transferred to a third country outside the European Union and the European Economic Area, provided that all aspects of data transfer comply with EU data protection requirements.
Customer information may be disclosed to a third party if the business operator becomes subject to another business. In the event of a possible transfer, the customer will be informed in advance, and the customer has the right to request the removal of their information.
DATA PROTECTION
The company uses technical and organizational measures to protect personal data against unauthorized access, disclosure, deletion, or other processing. Passwords used in encryption are changed multiple times a year, and two-factor authentication is used whenever possible.
DATA RETENTION PERIOD
We retain data for as long as necessary to provide our company's services or comply with legal, tax, or accounting requirements. Customers can request access to their stored data, request corrections or deletions of their data, and limit or oppose the processing of their data.
CHANGES TO THE PRIVACY POLICY
The company reserves the right to update this privacy policy from time to time, for example, due to changes in legislation. Changes come into effect when we have published the updated privacy policy. If the changes are significant, we may inform the customer personally.
DATA PROTECTION SUPERVISION
Customers have the right to make a complaint to the supervisory authority regarding the processing of personal data.
The company is committed to rectifying, erasing, or completing data in the register on its own initiative or at the customer's request if the data is incorrect, unnecessary, incomplete, or outdated for the purposes of processing. Customers also have the right to restrict the processing of their personal data in certain situations, such as when they are awaiting a response from the company regarding a request for correction or deletion of their data.
The company may charge a reasonable fee for actions taken to exercise the customer's above-mentioned rights if the requests are clearly unfounded or excessive, particularly due to their repetitive nature.
This privacy policy was prepared by entrepreneur Susa Tyrniluoto on July 17, 2023.