LAAJIS' CUSTOMER INFORMATION REGISTER
This is § 10 and 24 of Laajis Oy's Personal Data Act (523/1999) and the EU General Data Protection Regulation
(GDPR) register and Data protection statement
Prepared on 3 October 2014. Latest change on 27 November 2023
REGISTRAR
Laajis Oy (Business ID: 2406529-8) Laajavuorentie 15, 40740 Jyväskylä
CONTACT PERSON IN MATTERS REGARDING THE REGISTER
Lasse Niivuori (+358 400 114 157, info@laajis.fi)
REGISTER NAME
Laajis Oy's customer register
PURPOSE OF USE OF THE REGISTER
Legal basis and purpose of personal data processing in accordance with the EU General Data Protection Regulation
the legal basis for processing personal data is the person's consent to receive marketing messages.
The purpose of personal data processing is marketing - communication with those in the marketing register
to persons. The information is used for automated decision-making or profiling. Laajis ticket office
user register to control the use of tickets, renewal of any lost tickets
for, the company's marketing and business development.
INFORMATION CONTENT OF THE REGISTER
The information to be saved in the register is mainly an e-mail address. In some cases, also the person
name, position, company/organization, contact information (phone number, e-mail address, address), www-
website addresses, IP address of the network connection, credentials/profiles in social media services, information
about ordered services and their changes, invoicing information, other customer relations and ordered ones
information related to services. Information is stored in the marketing register as long as consent is required
from the person is valid.
Collected personal information includes: name, address, e-mail, telephone number, other contact information, gender,
nationality
Customer-related information: – identification information related to using the services (e.g. customer number,
user IDs and passwords) – customership start date – made as an identified customer
purchase information (e.g. purchases in an online store) – use of services (e.g. ordering a newsletter,
products purchased in an online store) – benefits and campaigns targeted at the registered user and their use –
information related to invoicing and collection – points of interest and others provided by the data subject himself
information - contact and communication related to the customer and other relevant matters (eg
complaints and other feedback as well as recordings of customer service calls) – on Laajis Oy's website
information related to the procedures taking place – direct marketing permits and prohibitions
Information related to lift tickets: – photo – KeyCard number – serial number – time of purchase –
validity period
REGULAR INFORMATION SOURCES
The information to be saved in the register is obtained from the customer, e.g. from messages sent via www forms,
by e-mail, telephone, via social media services, contracts, customer meetings and
other situations in which the customer discloses their information. In addition, when buying a ticket, the customer
the information provided and the photograph to be taken of the person at that time.
REGULAR TRANSFER OF DATA AND TRANSFER OF DATA WITHIN THE EU OR EUROPE
OUTSIDE THE ECONOMIC AREA
Information is not regularly disclosed to other parties. Information may be published to the extent that this is the case
agreed with the customer. Data can also be transferred by the controller to the EU or EEA
outside in connection with the services of third parties in connection with data processing. We use
services of third parties to process and store information that may
contains personal data. Third parties, however, act purely as processors of personal data,
who have the right to process such data only to the extent required by the agreed services,
and Laajis Oy remains the sole controller of such data.
REGISTRY PROTECTION PRINCIPLES
Care is taken in the processing of the register and the information processed with the help of information systems
are properly protected. When registry data is stored on Internet servers, their hardware
physical and digital information security is taken care of appropriately. The registrar ensures that
and stored data as well as server access rights and other personal data security
critical information is handled confidentially and only by those employees who
it's part of the job description.
RIGHT OF INSPECTION AND RIGHT TO DEMAND CORRECTION OF DATA
Every person in the register has the right to check their information stored in the register and to demand
correcting possible incorrect information or supplementing incomplete information. If the person wants
to check the information stored about him or to demand correction, the person can check his own information or
remove yourself from the register by requesting a link to monitor your own data or by clicking
links included in marketing messages (email).
RIGHTS RELATED TO THE PROCESSING OF PERSONAL DATA
A person in the register has the right to request the deletion of their personal data
from the register ("right to be forgotten"). The registrants also have other EU general data protection
rights according to the regulation, such as limiting the processing of personal data in certain situations. Pleading
must be sent in writing to the controller. If necessary, the registrar can ask the requester
to prove their identity. The controller responds to the customer in the EU data protection regulation
within the stipulated time (usually within a month).
The Electronic Communications Privacy Act obliges sites that use cookies to inform users about them.
Laajis Oy uses third-party targeting cookies on its website. Such third parties
parties are e.g. facebook.com. Cookies allow us to provide you with targeted notifications
about products of interest to you when you visit other sites. You can disable cookies in your browser
settings.
Laajis online payment traffic takes place via Paytrail. Paytrail collects IP-
address, payment method and payment date.