The Personal Data Act (523/1999), combined with Section 10 and Section 24, is combined with Privacy Policy and Information Document.

Our customer service is responsible for questions and feedback on the register within a week.

1. Registrar

Soprano Plc (Oyj) (hereinafter referred to as “Soprano” or “Soprano’s”)
Business ID 0548170-4
Tammasaarenkatu 5, 4th floor, 00180 Helsinki

2. Contact person in matters relating to registers

Contact
Esa Lahtela, Chief Information Officer

3. The name search for the registry

The Customer Register of Soprano and its Finnish and Swedish Group companies

4. Purpose of the register

The primary reason for handling personal data is the customer relationship between the customer and the Soprano customer, the customer’s consent, the customer’s assignment or any other relevant connection.

Personal data can be processed for the following purposes:

Management, implementation, development and follow-up of customer relationship, customer service and related communications and marketing.
Analysis, grouping and reporting of client relationships, implementation of a client program, and other purposes related to overall customer and business development of Soprano.
Collection and processing of customer feedback and customer satisfaction data.
Implementation of market surveys and opinion surveys.
Recording calls from the Customer Service Center to verify service events, ensure legal security and security, and train customer service personnel and improve customer service quality.
The profiling purposes described in section 10 of this Privacy Policy.

Processing tasks can be outsourced to Soprano’s Group companies and / or third party service providers in accordance with and within the limits set by the data protection laws.

5. Information content of the register

The following may be stored, for example:

Name, nickname, customer number, gender, language, address, telephone number, email address and other necessary contact information.
Service usage and purchasing information, the level and validity period of the current loyalty program in force, as well as marketing and communication implementation information in different transaction channels, such as online services and automated services, including storing customer service calls.
Content provided by a registered user, such as customer feedback and self-giving information such as customer relationship hopes, satisfaction, interest, or other similar information.
Services that are registered and used by the customer with payment information.
About the persons who have served to register. Other wishes or notes about professionals, services, business units, and other things.
Bans, restrictions, consents and other choices.
Other customer-related information, such as customer-related information about the use of web pages, such as user IP address, time of visit, visited pages, used browser type (eg Internet Explorer, Firefox), web address from which the user has accessed the web page, , from which the user has accessed the web page.
The necessary information regarding the use of identification and certification tools and services.
Data processing information, such as a record date and a data source.

6. Retention of personal data

The company retains personal data in the customer register until the customer relationship between the registered and Soprano can be considered terminated. The termination time is determined by the last registered contact or contact information of the data subject, plus 8 years.

Some of the information may, for reasons of law, be kept longer. The information can be deleted from the customer’s request or after the end of the customer relationship.

7. Regular sources of information

The customer’s basic information is regularly recorded on the customer’s training registration, telephone call or other correspondence during a customer relationship with the registrar. Updates for name, address, and death information are based on the activity of customers and their communities. The direct marketing ban and the ban on the purchase are stored in separate notifications made by the customer to the controller.
Personal data may also be collected and updated from publicly available sources such as corporate websites and service providers (eg Suomen Asiakastieto Oy), public and private registers.

8. Ordinary transfers of data and transfer of data outside the EU or the European Economic Area

Soprano may disclose customer information within the limits and within the legal limits permitted by law. Soprano can use subcontractors to process data. Data shall not be transferred outside the European Union or the European Economic Area unless it is necessary for the implementation of the service. At this time, Soprano will also provide a sufficient level of data protection, as required by law, for example. making use of EU template clauses for the transfer of data to third countries. Soprano may disclose the contact information of the clients according to the valid legislation for research purposes (eg, graduate studies).

9. Protection of the registry

Soprano adheres to strictly regulated confidentiality. Information about a single customer is only reported due to a statutory duty to notify, for example, a customer’s own or a law-based request.

Manual material is kept in a locked state where only people with privileged access can access it.

Access to digital material is limited to the personal username and password of a legitimate employee or partner. There are different levels of user privileges, and each user is given sufficient, but limited access to the task. The system is protected by a firewall and other technical means to protect the system from outside the SOP.

10. Profiling

As part of the processing of personal data stored in the customer register, Soprano can also use data for profiling purposes. The profiling is carried out by creating a registered customer identifier, which can be used to combine various information about sign-up generated when a service is used. A profile created as described above can then be compared, for example, with other registered profiles.

The purpose of the profiling is to find out the demand for services and customer behavior.

11. The right of the data subject to oppose processing of personal data and direct marketing (right of denial)

The Register is entitled, in connection with his / her particular personal situation, to object to the profiling and other processing operations that Soprano exerts on the personal data of the data subject in so far as the processing is based on the relationship between Soprano and the data subject.

The Registrar may submit his or her claim for objection to the processing of his or her data in accordance with section 13 of this Privacy Statement. A registrant must specify, in connection with the claim, the specific situation on which he or she objected to the processing. Soprano may refuse to file a request for objection under the law.

The Registrar may provide Soprano with direct marketing consent or bans on a channel basis, including direct marketing profiling.

12. Other rights of access to the processing of personal data

12.1

Registered Right to Access Information (Right of Inspection)
The Register has the right to check what information about him has been deposited in the Soprano Customer Register. The request for verification must be made in accordance with section 13 of this Privacy Statement. The right of inspection may be refused in accordance with the law. Access to the right of access is, in principle, free of charge.

12.2

The right of the data subject to request rectification, deletion or restriction of information
Insofar as the data subject or the user can act on his own, he shall without undue delay, after having been informed of the error or, by mistake himself or herself, to rectify, delete or supplement the incorrect, unnecessary, incomplete or obsolete information in the register.

The registrant may require correction, removal or limitation of incorrect, unnecessary, incomplete or outdated information. A correction request must be made in accordance with section 13 of this Privacy Statement.

The registrar also has the right to require the controller to limit the processing of his / her personal data, for example, when a subscriber waits for Soprano’s response to a request for correction or deletion of his / her data.

12.3

Registered right to transfer data from one system to another
Insofar as a data subject has himself provided information in the customer register that is processed by the data subject’s consent or assignment, the data subject has the right to obtain such information for himself as a rule in a form that can be used in a machine-readable manner and the right to transfer this information to another registrar.

12.4

The right of the data subject to appeal to the supervisory authority
The data subject has the right to file a complaint with the competent supervisory authority if the controller fails to comply with applicable data protection rules.

12.5 Other Rights

If personal data are processed based on the consent of the data subject, the data subject has the right to withdraw his consent by informing Soprano in accordance with section 13 of this Privacy Statement.

13. Contact

In all matters relating to the processing of personal data and in situations involving the exercise of your rights, the data subject must contact Sopraano.

By email: security@soprano.fi
By mail to: Soprano Oyj / Asiakastietokanta / Tammasaarenkatu 5, 4th floor, 00180 Helsinki
By entering the company’s office at Tammasaarenkatu 5, 4th floor, 00180 Helsinki

Soprano may, if necessary, ask the registrar to specify its request in writing and the identity of the registered person may, if necessary, be verified before any other measure.

——–

Soprano’s temporary marketing record

Registry name
Temporary Marketing Register of Soprano and its Finnish Group companies.

Use of personal data
Personal information is used for communications by the Soprano and its group companies and for B2B B2B direct marketing – based on the recipient’s responsibility in the company.

Registry data fields
The name of the person
The person’s email address
Person’s title / responsibility
The person’s phone number
Name of the company
Contact details of a business
The business sector
Company turnover
The company’s staff category
Registry information sources
Suomen Asiakastieto Oy

Workshop 10 A
PL 16, 00581 Helsinki

p. 010 270 7200 (companies)
p. 010 270 7300 (consumers)

customer service@asiakastieto.fi (companies)
omatieto@asiakastieto.fi (consumers)

 

Disclosure

Information will not normally be disclosed to a third party unless the disclosure is in accordance with legal requirements or regulatory requirements.

Registry protection and data retention time

The register has been stored in a password-protected Suomen Asiakastieto Oy system, accessible only to authorized persons within Soprano. Access to the registry requires a user ID issued by the database administrator. The administrator also determines the user access level. To start the application requires a personal password. The use and logging of the register is monitored. Data is stored in common databases that are protected by firewalls, passwords or other technical means. Personal data will be kept as long as it is necessary for the purpose for which the personal data is used.

The right of denial and the right to demand correction

The Recipient has the right at any time to prohibit the processing of its data for direct marketing and other marketing purposes. In every direct mail sent by Soprano and its group companies, there is a legally required link from which the recipient can block direct mail in the future. The recipient may also impose a direct marketing prohibition by contacting Soprano at the address below:

Soprano Plc (Oyj)
Interim Marketing Register
Esa Lahtela
Tammasaarenkatu 5, 4th floor
00180 Helsinki
info@mif.fi

Information on errors and corrected information must be communicated to Soprano (info@mif.fi), which informs Suomen Asiakastieto Oy for the registry administrator.

Updated: April 4th, 2018