TitleTitle
 
 

Evästeet/Privacy Policy


Updated on 4/05/2024
1 Registrar
PopUppari Oy
Museotie 9
29600 Normarkku
Finland
Company ID: Y-Tunnus- 3115813-4
Contact person
Minna Sorell
minna@popuppari.fi
2 Why we collect data
Customer re­la­tions­hip ma­na­ge­ment and main­te­nance
News­let­ters and press releases
Marketing
Analysis and sta­tis­tics of site usage
3 What data we collect
Basic data
Name
Email
Regular sources of data
In­for­ma­tion provided by the customer him/herself via forms and/or cookies on this site
4 About cookies
What are cookies?
This website uses cookies, like most of the websites nowadays. Cookies are small files that your browser stores on to your device to improve the browsing ex­pe­rience.  You can find more in­for­ma­tion about cookies for example on Wikipedia.
Usage
Cookies on this site are used in the ways described below. Un­for­tu­na­te­ly, in most cases it is not possible to disable the use of cookies comple­te­ly without also blocking the func­tio­na­li­ties they enable. The use of cookies is therefore recom­men­ded if you are not comple­te­ly sure whether you need them.
Cookies on this site:
Necessary cookies These cookies are used to take care of the operation of the basic functions of the website, such as na­vi­ga­tion.
Form-Related Cookies When you send a message from a contact or comment form, cookies can be set to remember your in­for­ma­tion so you don't have to re-enter it each time.
Third-party cookies List here the third-party cookies used on the site (eg visitor tracking like Google Analytics) that you may have added from your settings and describe their purpose.
Disable cookies
You can disable the use of cookies entirely from your browser settings (for more in­for­ma­tion, see your browser's help menu). Please note that blocking cookies from your browser settings will affect the func­tio­na­li­ties of this and other websites you visit.
5 Data proces­sing and proces­sors
The data will not be regularly disclosed to parties other than the registrar and employees of registrar.
The data will not be disclosed outside the EU or the EEA.
Data is processed with care and it is properly protected. The registrar ensures that the in­for­ma­tion is processed con­fi­den­tial­ly and only by the employees whose job desc­rip­tion it belongs to.
6 Retention of data
Personal data is kept for as long as is necessary for, among other things, customer re­la­tions­hip main­te­nance and accoun­ting. The data will be deleted when it is no longer necessary to keep it, within 5 years.
7 Camera Registry
1. Repre­sent­rar of the Camera cont­rol­ler
PopUppari Oy
Company ID: Y-Tunnus- 3115813-4
Contact person-  Minna Sorell
Email: minna@popuppari.fi
Phone: +358 (0)45 266 4445
3. The name of the registry
Camera sur­veil­lance register
4. Basis of treatment
Le­gi­ti­ma­te interest of the cont­rol­ler
5. What are the purpose and legal basis for the proces­sing of personal data?
The use of a video sur­veil­lance system is necessary for the ma­na­ge­ment and operation of Popuppari.
Ensuring the personal safety of workers and / or others on the employer's premises
pro­tec­tion of property
harm pre­ven­tion
mo­ni­to­ring the proper func­tio­ning of sales process
as well as the pre­ven­tion or in­ves­ti­ga­tion of si­tua­tions en­dan­ge­ring the above.
6. Desc­rip­tion of the group of re­gi­strants
Persons who have moved within the premises of store or in the immediate vicinity of the premises.
7. Desc­rip­tion of personal data groups
Data group
Video recording
Shelf life
ap­proxi­ma­te­ly 1 month
the retention period of material trans­mit­ted to public aut­ho­ri­ties is de­ter­mi­ned by the authority's data pro­tec­tion policy
8. Regular sources of in­for­ma­tion
Camera sur­veil­lance equipment (includes relevant software).
9. Access to and disclo­su­re of in­for­ma­tion
Owners and other de­sig­na­ted people from the or­ga­ni­sa­tion.
10. Groups of reci­pients of personal data
Police aut­ho­ri­ties, for pre - trial in­ves­ti­ga­tion.
11. Data transfer outside the EU or the EEA
Data will not be trans­fer­red outside the EU or the EEA.
12. Registry Security Principles
Several technical and or­ga­niza­tio­nal measures have been taken to protect the video sur­veil­lance system and personal data.
Among other things, the following measures have been taken:
Servers for storing stored images are located in secure faci­li­ties equipped with physical security measures; network firewalls protect the logical domain; the main in­for­ma­tion systems con­tai­ning the data are burglar-proof.
The recording devices are located in the premises of the property, which are not acces­sible to personnel other than the repre­sen­ta­ti­ves of PopUppari.
Camera sur­veil­lance is performed only by aut­ho­rized persons
Users will only be granted access to the in­for­ma­tion they need to perform their tasks.
The cont­rol­ler shall designate the persons to whom access to the camera sur­veil­lance recor­dings shall be granted.
Only the system ad­mi­ni­stra­tor speci­fical­ly de­sig­na­ted for this purpose by the cont­rol­ler may grant, modify or revoke access rights.
13. Releases
Press releases at the entrances of PopUppari.
Labels tell the public about video sur­veil­lance. There are stickers at the entrances of PopUppari.
The privacy notice of the Camera Sur­veil­lance is published on the PopUppari website.
14. Rights of the data subject
7 Camera Registry Pro­tec­tion Rights
1. LEGAL BASIS AND PURPOSE OF THE PROCES­SING OF PERSONAL DATA
Personal data is processed on the basis of a cont­rac­tual customer re­la­tions­hip, the customer's consent and agreement, other material con­nec­tion or the data subject's consent.
The data subject's personal data is processed for the ma­na­ge­ment, main­te­nance, de­ve­lop­ment, analysis and sta­tis­tics PopUppari Oy's customer re­la­tions­hips, as well as for the pro­duc­tion, provision and de­ve­lop­ment of the company's services.
Personal data is also processed in order to fulfill the storage, reporting and inquiry obli­ga­tions required by law and in accor­dance with the re­gu­la­tions and in­struc­tions of the aut­ho­ri­ties.
The data is not used for automated decision making or profiling.
PopUppari has the capacity for recording security video 24 hours a day.
2. IN­FOR­MA­TION CONTENT OF THE REGISTER
The in­for­ma­tion to be stored in the register is:
person's name, position, company / or­ga­niza­tion, contact in­for­ma­tion (phone number, email address, address), website addresses, IP address of the network con­nec­tion, IDs / profiles on social media services, in­for­ma­tion about subsc­ri­bed services and their changes, billing in­for­ma­tion, other related to customer re­la­tions­hip and subsc­ri­bed services in­for­ma­tion.
3. REGULAR SOURCES OF IN­FOR­MA­TION
The in­for­ma­tion stored in the register is obtained from the customer e.g. Messages sent via web forms, e-mail, telephone, via social media services, contracts, customer meetings and other si­tua­tions in which the customer discloses their in­for­ma­tion. Personal in­for­ma­tion may also be collected for marketing purposes from public sources.
4. REGULAR TRANSFERS AND TRANSFERS OF DATA WITHIN THE EU
The in­for­ma­tion is NOT disclosed from the register to third parties acting on behalf PopUppari Oy or par­tici­pa­ting in the provision of services. Such third parties include, for example, the accoun­ting firm, the subcont­rac­tors of our team involved in the provision of the service, the service providers, the content providers and the system used to send the news­let­ter. The in­for­ma­tion may be published to the extent agreed with the customer.
Data will not be trans­fer­red outside the EU or the EEA We have ensured that all our service providers comply with data pro­tec­tion le­gis­la­tion.
5. REGISTRY SECURITY PRINCIPLES
The register shall be handled with due care and the data processed by the in­for­ma­tion systems shall be adequa­te­ly protected. When registry data is stored on Internet servers, the physical and digital security of their hardware is adequa­te­ly addressed. The cont­rol­ler shall ensure that the data stored, as well as the access rights to the servers and other in­for­ma­tion critical to the security of personal data, are treated con­fi­den­tial­ly and only by the employees whose job desc­rip­tion it belongs to.
Physical records are kept in locked rooms. The cont­rol­ler shall ensure that the data stored, as well as the access rights to the servers and other in­for­ma­tion critical to the security of personal data, are treated con­fi­den­tial­ly and only by the employees whose job desc­rip­tion it belongs to.
6. RIGHT OF INS­PEC­TION AND RIGHT TO REQUEST REC­TI­FICA­TION OF IN­FOR­MA­TION
Every person in the register has the right to check the in­for­ma­tion stored in the register and to request the cor­rec­tion of any incorrect in­for­ma­tion or the comple­tion of incomple­te in­for­ma­tion. If a person wishes to check or request the rec­ti­fica­tion of data stored about him or her, the request must be sent in writing to the data cont­rol­ler. If necessary, the cont­rol­ler may ask the applicant to prove his or her identity. The cont­rol­ler will respond to the customer within the time limit set by the EU Data Pro­tec­tion Re­gu­la­tion (generally within one month).
The data subject has the following rights, requests for the use of which must be made to
minna@popuppari.fi
7.Right of removal
The data subject has the right to request the deletion of the data if the proces­sing of the data is not necessary. We will process the deletion request, after which we will either delete the data or provide a valid reason why the data cannot be deleted.
It should be noted that the cont­rol­ler may have a statutory or other right not to delete the requested in­for­ma­tion. The registrar is obliged to keep the accoun­ting material in accor­dance with the period (10 years) specified in the Accoun­ting Act (Chapter 2, Section 10). Therefore, the accoun­ting material cannot be deleted before the deadline.
8..With­drawal of consent
If the proces­sing of personal data concer­ning the data subject is based only on consent and not on the basis of, for example, customer relations or mem­bers­hip, the data subject may withdraw consent.
The data subject may appeal against the decision to the Data Pro­tec­tion Officer
The data subject has the right to demand that we therefore limit the proces­sing of the disputed data until the matter is resolved.
9.Right of appeal
The data subject has the right to lodge a complaint with the Data Pro­tec­tion Officer if he or she feels that we are in breach of the applicable data pro­tec­tion le­gis­la­tion when proces­sing personal data.
Contact in­for­ma­tion of the Data Pro­tec­tion Su­per­vi­sor: www.tie­to­suo­ja.fi/fi/index/yh­teo­duc­tion.html
10. OTHER RIGHTS RELATED TO THE PROCES­SING OF PERSONAL DATA
A person in the register has the right to request the removal of his or her personal data from the register (“right to be forgotten”). Data subjects also have other rights under the EU's general data pro­tec­tion re­gu­la­tion, such as re­stric­tions on the proces­sing of personal data in certain si­tua­tions. Requests must be sent in writing to the cont­rol­ler. If necessary, the cont­rol­ler may ask the applicant to prove his or her identity. The cont­rol­ler will respond to the customer within the time limit set by the EU Data Pro­tec­tion Re­gu­la­tion (generally within one month).
11. MO­DI­FICA­TION OF THE PRIVACY STATEMENT
Due to the de­ve­lop­ment of the services and changes in le­gis­la­tion, we reserve the right to change the privacy statement. Sig­ni­ficant changes to the privacy statement will be notified to re­gis­te­red customers when the terms are updated.