Oy Duell Bike-Center Ab (2464132-0)
Kauppatie 19
65610 Mustasaari
Sami Ilvonen sami.ilvonen (at) duell.eu
Legitimate interest
The purpose of the register is to ensure the security of the company's website. The information obtained (IP address) is only used in the event of a fault or in the event of a data breach. The basis for processing is legitimate interest and, in the case of cookies and similar tracking technologies, consent.
The controller needs to process personal data in order to carry out its business tasks. The processing of personal data in this context cannot necessarily be justified by a legal obligation or a contract with an individual. In the balancing test, the controller has identified legitimate interest as the most appropriate ground for processing in view of the nature and scope of the processing and the exercise of the rights and freedoms of data subjects. The controller has assessed that the legitimate interest will not cause serious harm to the rights and freedoms of the individuals concerned (data subjects).
IP address, time and pages visited.
Limited, authorised personnel of the website administration server provider.
Consent is given via the banner on the website and revoked via the "cookie settings" section.
Personal data filing system contains the following information: - IP address - time of visit to website - pages visited by the visitor
Data are obtained from the customer when they visit the organisation’s website.
The data are never separately removed from the webserver.
The data contained in the filing system is only available to the company, except when an external service provider is used, in which case the service provider in question is given access to the data. Data are not disclosed outside the company or its partners, except in the case of investigations related to data breaches or other similar events.
The data in the register will be transferred outside the EU or EEA to the UK. It is also possible that service providers outside the EU/EEA are used for processing or that the clouds of service providers are located outside the EU/EEA, in which case SCC standard clauses are used as the basis for data transfer and additional safeguards are implemented for data transfers, such as internal guidelines (on pseudonymisation of personal data and the like) and possibly TIA analysis where appropriate.
Only designated employees of the organisation and companies acting on its behalf are entitled to access the website maintenance server. Each designated user has his/her own personal username and password. Each user has signed a confidentiality agreement. The system is protected by a firewall to prevent access to the system from outside. The data in the register are protected and processed in accordance with the provisions and principles of the Data Protection Act, the regulations of the authorities and good data processing practice.
We use cookies ("cookies") on our website. A cookie is a small text file that is sent to and stored on your computer. Cookies do not harm users' computers or files. The primary purpose of using cookies is to improve and personalise the visitor's experience on the site and to analyse and improve the functionality and content of the site. The information collected through cookies can also be used to target communications and marketing and to optimise marketing activities. Cookies alone do not allow visitors to be identified. However, information obtained through cookies may be linked to information that may be obtained from the user in other contexts, such as when the user fills in a form on our site. Cookies are used to collect the following types of information: - the visitor's IP address - the time of the visit - the pages browsed and the time spent on those pages - Visitor's browser Your rights A user visiting our website has the possibility to block the use of cookies at any time by changing their settings in the cookie banner. Some browser software also allows you to disable the cookie function and delete cookies already stored. Blocking the use of cookies may affect the functionality of the site.
The data subject has the right to check what data has been stored about them in the filing system. Request for access must be made in writing by contacting the company’s customer service or the contact person of the filing system in Finnish or English. The request for data access must be signed. The data subject has the right to prohibit the processing of their data and its disclosure for the purposes of direct marketing, distance marketing or opinion polls by contacting the company’s customer service. The data controller has the right to issue an invoice if costs are incurred by carrying out the request.
Where a legitimate interest is used as a ground for processing, the data subject does not have the right to transfer his or her data from one system to another.
Taking into account the purposes of processing, any data stored in the filing system that is inaccurate, unnecessary, incomplete, or outdated must be erased or rectified. The written and signed request for rectification should be sent to the company’s customer service or the personal data filing system’s administrator. The request should specify what information should be rectified and on what grounds. Rectification shall be carried out without delay. Notification of rectification will be sent to the party who provided the inaccurate data or to whom the data were disclosed. If a request for rectification is denied, the responsible person of the filing system will provide a written document stating the grounds for the denial of the request for rectification. The data subject concerned may then pass the matter along to the Data Protection Ombudsman.
The data subject has the right to request restriction of processing, for example if the personal data in the register are inaccurate. Contact the person responsible for the register.
The data subject has the right to request personal data concerning him or her and the right to request the rectification or erasure of personal data. Such requests may be addressed to the contact person of the register. If you are the contact person of a company or organisation, your data cannot be deleted during this period.
If you consider that an infringement of the General Data Protection Regulation has occurred in the processing of your personal data, you have the right to lodge a complaint with a supervisory authority. The complaint can also be lodged in a member state where you are a permanent resident or where you are employed. Contact information for the Finnish national supervisory authority: Office of the Data Protection Ombudsman PL 800, Lintulahdenkuja 4, 00530 Helsinki tel. +358 29 566 6700 tietosuoja@om.fi www.tietosuoja.fi/en/
Data subjects have the right to object to the disclosure and processing of their data for direct marketing and other marketing purposes, to request that their data be made anonymous where applicable, and to be completely forgotten.