PERSONAL AND CUSTOMER DATA REGISTER EXTRACT

1. CONTROLLER

Prog-It Oy (Business ID 0968844-6) (“PG”)
Nuijamiestentie 3A
00400 Helsinki, Finland
email: support@prog-it.net

2. PERSON IN CHARGE

Privacy Register Officer
Jani Lillberg
Managing Director
c/o Prog-It Oy
Nuijamiestentie 3A, 00400 Helsinki, Finland
email: jani.lillberg@prog-it.net

3. NAME OF REGISTER

PG WEBSHOP CUSTOMER DATA REGISTER

4. PURPOSES FOR PROCESSING PERSONAL DATA

  1. To provide the customers of PG with the service the customers have decided to order from PG.
  2. Enabling the execution of obligations and rights pursuant to the agreements between PG and the customer (“Agreement/-s”).
  3. Enabling the performance by PG and PG’s corporate partners (as defined in the agreements between PG and such corporate partners (“Partners”)) of obligations imposed by applicable law or regulations.
  4. Enabling the processing of PG’s customer databases for marketing and direct marketing of PG products and services.
  5. [Enabling the processing of Partners’ customer databases for marketing and direct marketing of their products and services].
  6. Enabling the Partners to process the Personal Data for the purposes explained in the Agreement other than subsections (c) and (e) above.
  7. Enabling the development and troubleshooting of PG products and services.
  8. Enabling customers to communicate regarding the PG services with each other.
  9. Enabling exchange of information between PG, the Partners and the customer as specified in the Agreement.
  10. Enabling PG and the Partners to communicate with each other under the Agreement.

PG will only process the personal data for as long as there is an agreement in force between PG and the customer concerning PG providing services to the customer. PG has no obligation, unless mandated by obligatory Finnish laws, to store or archive any personal data.

5. CONTENT OF REGISTER

As agreed in the Agreement, some of the data is subject to customer consent and may be processed only if the customer chooses to disclose such information.

PG may process the following data:

5.1. Personal data

  • customer’s representative’s first name and last name(s)
  • customer’s representative’s password and user name
  • customer’s street address information
  • customer’s IP address information
  • customer’s email address
  • [customer’s social media addresses, such as IM address or Facebook UID]
  • customer’s representative’s mobile phone number
  • customer’s representative’s age and gender
  • [information on customer’s geographical location]
  • customer’s representative’s mobile phone make and model as well as the IMEI or other similar code
  • purpose of use of PG products and services
  • customer’s representative’s primary geographical area of use of the PG products and services
  • customer’s representative’s preferred Partners for use of the PG products and services
  • customer’s representative’s history information and activity logs for use of the PG products and services
  • information on approval of various agreements with PG such as the Agreement
  • subscription information on PG different mailing lists, subscriptions and feeds

 5.2. Customer data derived solely from the customer’s representative using the PG service

  • information on frequency of use , use period and time of use
  • information on media, third party services, and display devices used to access PG service
  • information on item and brand preferences, popularity and purchase frequency
  • information on preferred Partners
  • correction, revisions, notifications and feedback regarding 3rd party content

5.3. Location data

The customer’s representative may choose to disclose his or her location.

6. REGULAR SOURCES OF PERSONAL DATA

  1. Direct enquiry from the customer’s representative himself or herself.
  2. The information provided or generated by the customer through the use of PG products or services.
  3. Registers of the Partners concerning the following topics: technical, marketing and sales

7. REGULAR TRANSFEREES OF DATA

  1. Personal data may be transferred to PG, to a PG Group company or to the Partners as listed in here www.prog-it.net for the purposes as defined in chapter 4 above.
  2. Personal data may also be transferred to other customers of PG service whom the customer’s representative has accepted to share personal data with.
  3. Types of personal data to be transferred are those as defined in chapter 5 above.
  4. Personal data may be transferred by the virtue of the provision of applicable law.

8. TRASFER OF DATA TO COUNTRIES OUTSIDE EEA

Personal data may be transferred to countries outside the EEA for the purposes described above only if the customer is using the PG service in a country outside the EEA.

9. THE PRINCIPLES HOW REGISTER IS SECURED

The following methods are used to safeguard the personal data.

  1. Only named, restricted amount of persons within PG can access the register.
  2. Mechanical and electrical locks and other anti-break-in devices and systems at PG’ premises.
  3. Electrical security systems at PG and service providers’ premises and hardware.
  4. The firewall, anti-malware and spam filtering systems on PG’s communication networks and other software and hardware that protect the security of communication networks.
  5. The professional knowledge and methods of PG personnel to carry on business in a manner guaranteeing information security.
  6. The occasional third party security audits within PG.
  7. The data transferred within the PG service is in an encrypted form.

10.  RIGHTS OF DATA SUBJECT

In order to use the following rights the customers representatives are kindly asked to contact the person in charge:

The customer has the legal right to access the personal data of him/her and to request PG, if necessary, to rectify, erase or supplement the personal data.

The customer shall also have right to withdraw his/her consent for direct marketing at any time as of which moment the customer may not longer use PG services.