Data protection statement in accordance with the EU General Data Protection Regulation (GDPR, 2016/679). The data protection report also contains the information in the register report pursuant to section 10 of the Personal Data Act (523/1999).
Wallark Oy is committed to protecting the privacy of its customers and adhering to good data protection practices in all its operations. In this privacy statement, we describe what kind of personal information we may collect about you when you order our products or contact us through our website, and for what purposes we may use such information. The customer must accept the terms of this privacy statement before ordering from the online store.
1. The controller
Wallark Oy (“ Wallark ”)
Business ID: 2891294-1
Ruoholahdenkatu 10 A 23
Tel. +358 40 169 2442
2. Body responsible for registration matters
You can ask more about data protection and the processing of personal data by e-mail:
3. Name of the register
Wallark - e-commerce customer register
4. Purpose of the register
The register is used for the following purposes:
- Customer maintenance, such as order processing, delivery, warranty issues and invoicing
- Development, management and user experience of e-commerce
- Customer communication, marketing and marketing targeting
The processing of personal data complies with the requirements of the EU General Data Protection Regulation and personal data is processed only on the basis of the customer relationship between the customer and Wallark, the contract, the use of the website, the customer's express consent or legal obligations.
5. Information contained in the register
Wallark's e-commerce customer register contains the following information provided by users:
- First and last name
- Phone number
- Delivery information
- Payment / billing information
- Information on possible marketing authorizations and prohibitions
- Product reviews
In addition, the register shall contain the following information on the use of the service observed or derived from analytics:
- Purchase history, e.g. ordered products and their price information
- Terminal identification (IP addresses)
- E-commerce usage and browsing information
- Information collected through cookies (for example, through which the customer entered the online store)
6. Regular sources of information
The information in the register mainly consists of the information provided by the customer on our websites. It is also possible to collect personal data separately using forms on the registrar's website, at events and campaigns, and by telephone during customer service calls.
7. Transfer of data to third parties
Wallark discloses information to third parties, for example, in payment transactions, deliveries and for certain marketing purposes in order to provide the service. Such third parties include:
- Carriers such as the Post Office
- Payment intermediaries when paying by debit card
- Credit intermediaries when paying by invoice or installment
- Email marketing partners like Klaviyo
- A recording application used to optimize sales and conversion , such as Lucky Orange
Under no circumstances may these third parties use the information provided for their own purposes and will only be provided with information that is relevant to the implementation of the service. We do not disclose, sell or rent your information to third parties.
In addition, the Wall Everyday life has has the right / obligation to disclose personal data to the authorities to comply with requests for information from them.
8. Data transfer outside the EU or the European Economic Area
Wallark's e-commerce partner uses servers located outside the EU (Canada / United States) to store registry information. In other respects, Wallark will not transfer the information in the register outside the European Union or the European Economic Area unless it is necessary for the performance of the service. If data is transferred outside the EU / EEA, an adequate level of protection of personal data will be ensured in accordance with the applicable legislation.
9. Registry Security Principles
The databases associated with the registry are protected against external intrusions by firewalls, passwords, and other technical means. Databases and their backups are located in locked spaces. Only identified employees of the controller and of companies acting on its behalf and for its account shall have access to the information contained in the register with a personal right of access granted by the controller.
10. Rights of the data subject
Registrants have the following rights:
- The right to verify personal data concerning oneself
- Right to rectification
- Right to restrict processing (eg right to prohibit marketing)
- Right to object to proceedings
- Right to withdraw consent (eg right to withdraw consent for marketing)
- The right to appeal to the supervisory authority
In order to exercise the data subject's rights, a request for inspection, prohibition, etc. must be sent by e-mail to the party responsible for registration matters and must be in writing and signed. In the case of inspection requests, the controller may charge a reasonable fee for providing the information if the data subject exercises his / her inspection right more than once a year.
In addition, it should be noted that in certain cases, the exercise of the data subject's rights may be limited by government regulation / legislation that imposes requirements, for example, on the retention of accounting documents.
11. Data Retention
We will only retain your personal information for the time necessary to fulfill the purposes described in this Privacy Statement. The Finnish Accounting Act imposes obligations for the longer-term storage of information.
A cookie (Cookie) is a small text file that a browser saves the user's terminal. Cookies contain a unique identifier that can be used to identify users. Our online service utilizes cookies so that we can offer our service as user-friendly and high-quality as possible, and further develop it. The user cannot be identified by cookies alone.
There are two types of cookies, permanent and temporary (session cookies). Persistent cookies are stored as a file on your computer or mobile device, but never for more than 12 months. Session cookies are temporarily stored and disappear when you end your browsing session. You can easily delete cookies from your computer or mobile device using your browser. Instructions on how to use and delete cookies can be found in the "Help" section of your browser. You can turn off cookies or choose to receive information whenever a new cookie is sent to your computer or mobile device. NOTE! If you turn off cookies, you will not be able to take advantage of all the features of the website.
13. Changes to the Privacy Statement
Due to the development of the services and changes in legislation, we reserve the right to change the privacy statement. Significant changes to the privacy statement will be notified to registered customers when the terms are updated.