PRIVACY POLICY STATEMENT
1. DATA CONTROLLER
Name: Shamanic Path Oy (Business ID: 3204038-1), henceforth called "Shamanic Path".
Address: Louhoksentie 63, 01860 Perttula, FINLAND
Telephone: +358 40 44 590 78
Email address:contact@shamanicpath.fi
2. DATA PROTECTION OFFICER
Name: Ilyashenko Margarita
Address: Louhoksentie 63, 01860 Perttula, FINLAND
Telephone: +358 40 44 590 78
Email address:contact@shamanicpath.fi
3. NAME OF REGISTER
Customer-, partnership and marketing register.
4. PURPOSE OF PROCESSING PERSONAL DATA
The grounds for processing personal data are based on contractual customer or partner relationship, or explicit consent of the customer. The main purpose for the register is to manage personal data required for cooperation between Shamanic Path and its customers and partners and to ensure smoothness of customer service and purchased services and goods.
Personal data are handled for the following purposes:
· Products purchases and their implementation and verification
· Products purchased through web shop, their implementation and verification
· business planning and product development
· marketing communication, newsletters, targeting advertising and other advertising
· improvement of website user experience
· market research and other researches and analysis
As the data controller Shamanic Path takes care, that data subject’s benefits and rights are carefully assessed. Personal data is collected according to the privacy policy and they are not handled, changed or moved in a different way than mentioned in this privacy policy.
5. CONTENT OF REGISTER
The register may include the following details:
· Contact details incl. name, phone number, email address
· Information of the services and goods customer has purchased and their delivery and invoicing
· Data subject’s inquiries, comments or other reactions in network
· Material sent by the data subject (for example a photo)
· Customer feedback, permits, agreements and prohibitions
· Business ID, contact person’s position in the company and invoicing details (in the case of corporate customers)
Technically collected information of the use of network can be IP-address and country or city of location, use and timing of network, information of used device, type of operating system and software version, browser type and language settings, interaction of customer service in different service channels and external sites from where the user has arrived and where the user transfers from Shamanic Path network. Shamanic Path may collect information of the use of services with cookies.
6. REGULAR DESTINATIONS OF DISCLOSED DATA
Personal data is disclosed to suppliers and partners of Shamanic Path only when the owner of personal data (data subject) is participating in a purchased or offered service which is organised partially or wholly by supplier or partner of Shamanic Path. In isolated cases, Shamanic Path discloses customer’s or stakeholder’s date to the addressed party, if the data subject requests Shamanic Path to do so or if the competent authority demands Shamanic Path to disclose separately identified information from the register of Shamanic Path based on current legislation.
7. TRANSFER OF PERSONAL DATA TO THIRD COUNTRIES OR INTERNATIONAL ORGANISATIONS
The data are not transferred to third countries or international organisations. In isolated cases, Shamanic Path discloses data to third parties or international organisations, if a customer or stakeholder has given a mandate for this purpose and Shamanic Path together with the Data Protection Officer and Finnish Data Protection Authority has concluded an assessment of risks and quality system of the third country’s actual security level.
8. PRINCIPLES OF SECURING REGISTER
Shamanic Path protects personal data carefully through their whole life cycle by using proper means of privacy policy and data security. Data controller collects and processes personal data that is necessary for its operations.
Access to digital material has been restricted with personal usernames and passwords, and in addition, restricted according to each employees’ job description and its demands. Documents are stored in locked facilities, access to personal data has been restricted and personnel has a duty of secrecy. System suppliers process personal data in data secure server facilities. Data are disposed of according to data security guidelines.
9. RIGHT TO ACCESS
The data subject has the right to know what personal data is saved in the register. In addition, after an accurate enough inspection request, the data subject has the right to know the information of himself and information of possible recordings. Inspection request should be assigned in written and signed form to Data Protector Officer (paragraph 2).
10. RIGHT TO RECTIFICATION AND ERASURE
As a data controller, Shamanic Path is entitled to fix incorrect data in the register pointed out by the data subject. Data controller has an obligation to check the relevance and timeliness of the data by self-acting. The data subject may demand to remove all data concerning himself from the register. Data Protection Officer leads the processing operation.
11. OTHER RIGHTS PERTAINING TO PERSONAL DATA PROCESSING
The data subject has the right to demand to restrict the process of personal data. Data subject also has the right to receive personal data of himself that he has originally sent to Shamanic Path, in organized, commonly used and machine-readable form and has the right to transfer that data to other data controller. In addition, the data subject has the right to resist data processing, automatic decision making, and profiling.
12. ERASURE OF DATA AND TIME OF STORAGE
Personal data are stored in the register at least one year after the contractual obligations have finished unless otherwise agreed or required by law. Shamanic Path removes customer personal data also when requested separately except in cases when the law says differently, or the competent authority has initiated a process which requires Shamanic Path to retain data or another party has applied from Finnish court a safety protection decision for the data.
13. CHANGES TO PRIVACY POLICY
Shamanic Path may make changes to this privacy policy. To ensure that the users are aware of how their personal data is processed, the updated privacy policy is available on our website.