Customers and stakeholders
Blastman Robotics Ltd
FI-90530 Oulu, FINLAND
Tel. +358 20 7418 140
2. Contact for register matters
Blastman Robotics Ltd
FI-90530 Oulu, FINLAND
Tel. +358 20 7418 140
3. Name of register
Blastman’s customer, stakeholder and marketing register.
4. The legal grounds and purpose of personal data processing
The grounds for personal data processing are the company’s justified benefit based on a customer relationship or another relevant connection, the execution of an agreement or separate consent for the processing of personal data.
The purpose of personal data processing is:
- the delivery and development of our products and services,
- the fulfilment of our contractual promises and other promises and obligations,
- managing our customer relationships and communication,
- organising events,
- the collection of data on feedback, deviations and satisfaction and another similar measurement of the customer experience,
- the analysis and profiling of the behaviour of the customer or another data subject,
- electronic direct marketing and
- targeting advertising in our own online services and those of other parties.
We use automatic decision-making (including profiling) to identify the personal profiles, online behaviour, age and consumption habits of data subjects, for example. We use such data in the targeting of marketing and the development of services, among other things.
5. Data content of the register
In connection with the customer register, we process the following personal data of customers or other data subjects such as trainees:
- the basic data of the data subject such as name, date of birth, customer number, user ID and/or another identifier, password, title, mother tongue and, if necessary, copy of passport.
- the contact information of the data subject such as e-mail address, telephone number, physical address.
- data concerning a company and its contact persons such as business ID, names and roles of contact persons and contact information.
- data concerning the customer relationship and agreement such as past and present agreements and orders and other business information such as user profiles formed based on the customer relationship, correspondence and other communication entered into with the customer/data subject, cookies and information concerning their use, information on payment services and accounts, and information voluntarily entered into the company’s system by the customer.
- any refusals of and consents to direct marketing.
- information on participants in events and possible information concerning events such as dietary requirements, accessibility needs.
6. Data sources of the register
The main source of personal data is the data subject him/herself or a company or an organisation that he/she represents by telephone, online, in meetings or in another similar fashion.
Personal data can also be collected and updated from the Population Information System, authorities, credit rating companies, providers of contact information services and other similar reliable parties and, for the purposes described in this privacy statement, also based on information received from publicly available sources and authorities or other third parties within the limits of the applicable legislation. Such updating of data is carried out manually or by automatic means.
7. Data disclosure
Data concerning a data subject may be disclosed to Blastman´s subsidiaries or distributors for the above-mentioned purpose. Data may be disclosed to authorities by virtue of peremptory regulation.
In the processing of personal data, we utilise subcontractors working on our behalf such as companies carrying out customer satisfaction surveys. We have outsourced IT management to an external service provider, and we store personal data on a server administered and protected by that provider.
We may transfer personal data outside the EU/EEA area to Blastman’s subsidiaries and distributors if the above-mentioned purpose of the personal data so requires. We take care of the appropriate protective measures concerning the transfer and we use standard contractual clauses approved by the EU.
8. Data protection and storage
Only employees who have the right to process customer data as part of their job are entitled to use the system containing customer data. Each user has his/her own user ID and password to the system. Only our employees who have the right to process customer data as part of their job are entitled to use the system containing personal data.
Data is collected in databases that are protected by firewalls, passwords, and other technical means. The databases and their backup copies are in locked facilities and only certain pre-appointed persons can access the data.
We keep personal data for as long as is necessary for the purpose of the data. We regularly evaluate the need to keep the data considering applicable legislation. In addition to this, we also take reasonable steps to ensure that no personal data about data subjects that is incongruous, obsolete, or incorrect in terms of the purposes of processing it is kept in the register. We rectify or destroy such data immediately.
9. Other rights of a data subject concerning personal data processing.
As a data subject, you have the right to check data about you stored in a person register and to demand the rectification or deletion of incorrect data. You also have the right to cancel your consent or to change it.
As a data subject, you have the right to object to or request the restriction of the processing of your data, and to lodge a complaint to the supervisory authorities about the processing of personal data.
For special personal reasons, you also have the right to object to profiling targeted at you and to other processing measures if the criterion for processing the data is the customer relationship between us. In your demand, you must specify the situation based on which you are objecting to the processing. We may refuse to implement a request concerning objection only on grounds prescribed in law.
As a data subject, you also have the right at any time and without charge to object to processing, including profiling, insofar as it concerns direct marketing.
All communication and requests concerning this statement must be presented in writing or in-person to the contact person named in Section 2.
11. Amendments to the privacy statement
If we amend this statement, we will make the changes visible in the statement and date them. If the changes are significant, we may also announce them in other ways, such as by e-mail or by putting a notice about them on our website. We recommend that you regularly visit our website to check possible changes to the statement.