Privacy Policy

Pentik’s stakeholder privacy policy

This is Pentik’s privacy policy applying to the personal data about our stakeholders (corporate customers, potential customers and other stakeholders) and tells you how we collect and process personal data. The policy was updated on 7 March 2019 to bring it into line with the requirements of the EU General Data Protection Regulation (GDPR). Please address any queries about data protection to tietosuoja@pentik.com.

Terms used in this privacy policy

By “customer” we mean the contact persons of registered companies or other organisations (hereinafter “company”) with whom Pentik has a customer relationship. You can find the privacy policy for consumer customers here.
By “potential customer” we mean the contact persons of registered companies with whom Pentik is seeking to establish a customer relationship. 
By “stakeholders” we mean the contact persons (of companies) with whom Pentik has a relationship of cooperation (i.e. representatives of companies providing services to Pentik) or some other connection (i.e. media representatives and individuals acting as parties to communication activities providing influencer marketing) as well as societal decision-makers relating to social public relations.

Data controller 

Pentik Oy (Business ID: 0210532-4)
Maaninkavaarantie 4 A
97900 POSIO
Tel. 016 3722 272
Fax. 0207 220 201

Name of data register

Pentik Oy’s corporate customer and stakeholder register.

Purpose and use of register

The personal data contained in the register is mainly based on the customer or stakeholder relationship between Pentik Oy and Pentik Oy’s customer. Personal data are processed for the purpose of managing, advertising and marketing based on customer and stakeholder relationships and relationships based on some other relevant connection.

The personal data contained in the register may be used in the manner permitted by the applicable legislation for the purposes of direct advertising, distance selling or other direct marketing, opinion polls, market research or other comparable personalised mailing of Pentik Oy, companies belonging to the same group at any given time, companies in the Pentik franchising chain and selected partners of Pentik Oy. Data can be shared with third parties to carry out services (i.e. the arrangement of home delivery or sewing service through a partner or joint venture) required by the customer.

Personal data are used for the following purposes:

  • to develop, provide and monitor Pentik Oy’s services as well as to implement customer service
  • to develop and manage customer and stakeholder relationships
  • to implement communications and marketing
  • to analyse and classify the customer base and buying data
  • to implement security and responsibility in the customer’s stakeholder’s and Pentik Oy’s relationships.

 

Data content of register

Basic customer data, including name, date of birth, gender, language.
Title and/or description of role in current and earlier duties related to Pentik’s activities.
Contact information, including telephone number, email and postal addresses
Payment data, including billing information
Direct marketing consents and bans
Customer service messages
Identification data related to use of services
Date of commencement of customer relationship
Use of services (i.e. newsletter subscription) and information concerning the use of digital services
Information about cookies and similar functions sent to terminals (including computers or mobile devices) and about the data collected through the use of these, where the individual is identifiable on the basis of this information
Contacts and other communication related to the customer relationship and any other relevant connection
Notes from customer calls as well as email and online discussions such as in social media channels
Information and actions related to offers and purchases
Returns and complaints, correspondence and action associated with these

Regular data sources (own activities, the data subject, transfers from partners)

Personal data is collected from data subjects themselves and from information received from the systems arising in conjunction with the use of and registration for services.

Personal data may also be collected from and updated on the basis of registers of Pentik Oy and companies belonging to the same group, the Population Information System, credit information registers, registers maintained by the Data & Marketing Association of Finland (DMA Finland/ASML) and other similar public or private registers and information sources providing information services.

Recipients

Pentik Oy may disclose information within the limits permitted and required by valid legislation. Data from the register may also be disclosed to Pentik Oy’s selected partners for marketing purposes where the data subject has not prohibited the disclosure of such data. Data recipients may not disclose information to third parties.

Data transfers within or to outside of the EU or EEA

In addition, we may use companies outside of the EEA that are important with regard to our activities and serving our customers. These companies can also see your customer data where this is necessary to provide a service. We ensure that any data shared with these companies is in compliance with the requirements of personal data legislation. The European Union Standard Contract II is in use for this purpose. This standard contract includes sample contractual clauses created by the European commission to ensure adequate data protection when passing on personal data information to third countries.

Register protection principles

The databases in which data in the register is stored are protected by fire walls, passwords and other technical means. The databases and their backups are located in locked premises. Manually processed documents containing information on the data subjects are also stored in locked premises to which unauthorised access is prevented.

Pentik Oy ensures that access to the data is given only to the company’s employees or to the employees of companies working on behalf of Pentik Oy who need access in order to carry out their duties.

Data storage time

We store personal data only for as long as is necessary for the use of personal data processing as described above. We store data related to customer relationships in accordance with the applicable legislation such as the Accounting Act. We regularly evaluate the need to store data. When the data are no longer required as defined above, they are deleted within reasonable time.
What is the process with regard to potential customers? Is this mandatory? We consider that this is included in the text above.
Stakeholder data is processed for as long as you represent Pentik’s partner or the media and until the end of the calendar year in which the relationship ends.

General rights of the data subject

You have the right to see what personal data Pentik Oy has stored about you. If you have any queries about data protection or security, please contact us using the contact form behind this link (B2B-yhteydenottolomakke)

Company’s data protection

Pentik Oy undertakes to comply with the Data Protection Act (1050/2018) and employs a data protection officer.

Updated 21 March 2019

Please wait...

We use cookies to give you the best experience on our website. If you continue to use our website, you accept the use of cookies. Read more from here