1. Data Controller and Contact Person
Data Controller: Veka-Line Oy
Address: Kuninkaanmäentie 85 B, 01260 Vantaa
Phone: +358 40 5000504
Email:
Contact Person and Data Protection Officer: Juha Nyberg

2. Name of the Register and Registered Individuals
Customer register. The register contains the company’s customer information.

3. Purpose of Processing Personal Data
The purpose of the register is the up-to-date management and maintenance of customer companies.
The register is used for the company’s invoicing and sending important customer communications.
Information is not disclosed to third parties.

4. Contents of the Register
The register contains contact information of the company’s customers and other necessary information related to membership. These include:

Name and business ID of the registered company

Address and domicile of the registered company

First and last name of the registered contact person

Billing address of the registered company

Email address of the registered company and/or contact person

Phone number of the registered company and contact person

5. Regular Sources of Data
Contact details are collected from the registered individual themselves.

6. Protection and Security of Personal Data
Customer contact details are stored in Veka-Line Oy’s invoicing software customer register. The register is stored only in the invoicing section of the Osuuspankki online banking system. Access to personal data is restricted, and information is not shared with other parties. Personal data is retained in the register as long as the individual is a customer of the company. After the customer relationship ends, data is usually kept for 12 months. All manual material is stored in a locked location. The information in the register is not classified as confidential by law.

The register data is protected against unauthorized access and use of customer data is monitored. The company’s computer and workstation are secured.

The company’s email program stores email addresses of incoming and outgoing messages. Data sent through the website’s contact forms is transmitted to the company’s email via an HTTPS-secured connection. The security of the email server is maintained by a reliable domestic service provider.

7. Regular Disclosure and Transfer of Personal Data
Personal data is stored only in the company’s internal system, which is not accessible via the internet. Personal data is not disclosed to other parties.

8. Transfers of Personal Data Outside the EU or EEA
The company does not use services located outside the European Union or European Economic Area for processing or transferring contact information, nor is access granted beyond what is necessary to provide the services.

9. Retention Period of Personal Data
Personal data is stored in the register as long as the individual is a customer of the company. After the end of the customer relationship, personal data is usually kept for 12 months.

10. Rights of the Registered Individual
The registered individual generally has the right to access their personal data in the register at any time:

To receive information about the processing of their personal data;

To inspect the personal data concerning themselves held by the company;

To request correction of inaccurate or incomplete personal data;

To request deletion of their personal data;

To withdraw consent and object to the processing of their personal data to the extent the processing is based on consent;

To object to processing based on legitimate interests related to their particular situation;

To receive their personal data in electronic format and transfer it to another controller, provided they supplied the data themselves and processing is based on their consent and is automated;

To request restriction of processing of their personal data.

Requests to exercise these rights must be submitted according to the contact details in Section 1. The company may ask the requester to clarify their request in writing and verify their identity before processing the request. The company may refuse to comply with the request on grounds permitted by applicable law.

11. Right to Complain to a Supervisory Authority
Every registered individual has the right to lodge a complaint with the relevant supervisory authority in their country of residence or workplace if they believe their personal data has not been processed in compliance with applicable data protection laws.

12. Contact Information
Requests to exercise rights, questions about this privacy policy, and other communications should be sent to:
Email:

You can also contact us by mail or in person at:
Veka-Line Oy
Juha Nyberg
Kuninkaanmäentie 85 B
01260 Vantaa

13. Changes to this Privacy Policy
This privacy policy may be updated as needed.