Privacy Policy
1. Data Controller
R&M Taika ay / Taika Helsinki
Nuottalahdentie 21-23
02230 Espoo
Business ID: 2280482-7
2. Contact person responsible for the register
Riikka Vermas
info@taika-korut.fi
+358-400-499845
3. The name of the register, legal basis, and purpose of personal data processing
3a. Online store customer register
We collect personal data for managing customer relationships. The legal basis for the processing of personal data is the contract between us and the statutory obligations arising from it. Providing personal information is a prerequisite for the formation of a contract. In other words, you cannot order items from our online store if you do not provide your personal information.
Your personal data will be received by:
- our company and its employees
- payment intermediary that receives payment from you
- a transportation company that delivers goods to you
We will keep your personal data
- in our online store (Shopify) for five years
- in our email archive (Klaviyo) for seven years
3b. Customer register for sales events
We collect email addresses from customers who have made purchases at our sales events and wish to be invited to similar events in the future (approximately 1-2 times a year). The legal basis for processing personal data (in this case, the email address) is consent. Information is collected for managing customer relationships.
Your personal information (=email address) will be received by
- our company and its employees
- our service provider Klaviyo
We will retain your personal data (i.e., email address) as long as you respond to our messages. We will automatically remove your email address from the registry if you have not responded to email messages (e.g., opened them) four times.
3c. Marketing register
We use personal data (in this case, email address) for marketing purposes. The legal basis for the processing of personal data is consent. You have actively expressed your desire to receive our newsletter.
Your personal information (=email address) will be received by
- our company and its employees
- our service provider Klaviyo (email program)
We will retain your personal data (your email address) for as long as you respond to our messages. We will automatically remove your email address from the registry if you have not responded to email messages (e.g., opened them) for two years.
4. Cookies - do we use cookies?
We use cookies on our website. Cookies, or "biscuits", are small text files that a website saves to your computer or mobile device when you visit our site. Cookies store information about your device's usage and usage patterns. There are different types of cookies. We use technical cookies for customer identification, maintaining login sessions, and enabling shopping cart functionalities. The use of cookies and acceptance of their use is mandatory for these functions. The cookies set by the server will remain in the browser for one (1) month unless they are removed separately from the browser settings. Visiting the site resets cookies in the browser if allowed.
Cookies are also used to personalize the user experience. If you allow personalization, we can offer more products that interest you and better-targeted advertising. To personalize your experience, a third-party cookie (Google, Facebook) will be set in your browser.
We also utilize other techniques, such as statistical tools (including. Google Analytics) and trackers. These techniques help us better understand our customers' behavior and tell us which pages of our website are interesting to our customers and which information and services are useless to them.
You can choose to have your computer alert you whenever a cookie is sent, or you can disable all cookies. This happens through your browser (such as Safari, Chrome, or Internet Explorer). Each browser is slightly different, so check the browser's Help menu to learn the correct ways to modify cookies. If you disable cookies, you will not be able to use many features that make your visit to the site more efficient. Some of our services do not function properly without cookies.
5. Regular data disclosures
Information will not be disclosed to other parties.
6. Principles of Register Protection
In processing the register, we adhere to diligence, and the data processed through information systems is properly protected. When registration data is stored on internet servers, appropriate measures are taken to ensure the physical and digital security of the hardware. The data controller ensures that the stored information, as well as access rights to the servers and other data critical to the security of personal information, are handled confidentially and only by those employees whose job description includes it.
7. Right to inspect and the right to request correction of information
Every person registered has the following rights:
- The right to access your personal data
- Right to rectify information
- The right to restrict processing (for example, you can prohibit marketing)
- Right to withdraw consent
If a person wishes to check the information stored about them or request corrections to it, the request must be sent in writing to the data controller. The data controller may request the requester to verify their identity if necessary. The data controller responds to the customer within the timeframe set by the EU General Data Protection Regulation (generally within one month).
8. Other rights related to the processing of personal data
A person registered in the system has the right to request the deletion of their personal data from the register ("the right to be forgotten"). Similarly, registered users have other rights under the EU General Data Protection Regulation, such as the restriction of personal data processing in certain situations.
Please note that you have the "right to be forgotten" only if we do not have legal obligations to continue processing your personal data.
Taika Helsinki ensures the privacy of its customers and users of its online services by managing and combining the information described above with special care, so that the privacy of customers or users of online services is not compromised.