Last Updated: 24.10.2024
We respect your privacy and are committed to protecting your personal data. This Privacy Policy explains how Ateljee Temppeli Oy (3467849-3) (“we,” “our,” “us”) collects, uses, and shares information about you when you visit or use our website ateliertemppeli.com (the “Site”). This policy also explains your rights regarding your personal data and how the law protects you under the General Data Protection Regulation (GDPR).
1. Information We Collect
We may collect and process the following categories of personal data:
- Personal Identification Information: Name, email address, phone number, and any other information you provide by filling in forms on our Site.
- Technical Data: IP address, browser type and version, time zone setting, browser plug-in types, operating system, and platform.
- Usage Data: Information about how you use our Site, products, and services.
- Marketing and Communications Data: Preferences in receiving marketing from us and your communication preferences.
2. How We Use Your Personal Data
We will only use your personal data when the law allows us to. Most commonly, we use your data in the following situations:
- Performance of a Contract: To fulfill the terms of a contract with you (e.g., if you purchase a service or product).
- Legal Obligation: To comply with legal or regulatory requirements.
- Consent: When you have provided your explicit consent for us to use your personal data.
- Legitimate Interests: Where necessary for our legitimate interests (or those of a third party), provided your interests and fundamental rights do not override those interests.
Purposes for using your personal data may include:
- To provide and improve our services.
- To manage our relationship with you.
- To administer and protect our business and the Site.
- To deliver relevant content and advertisements to you.
- To comply with our legal obligations, including GDPR.
3. How We Share Your Personal Data
We will not share your personal data with third parties unless it is necessary for the performance of services, as described in this policy, or to comply with legal obligations. Third parties with whom we may share your data include:
- Service Providers: We use third-party vendors to perform services on our behalf, such as website hosting, payment processing, and data analytics.
- Legal Authorities: We may disclose your personal data if required by law or in response to valid legal requests.
4. International Data Transfers
Some of our third-party service providers are located outside the European Economic Area (EEA), so their processing of your personal data will involve a transfer of data outside the EEA. When transferring your data outside the EEA, we will ensure that it is protected by ensuring at least one of the following safeguards:
- The country has been deemed to provide an adequate level of protection by the European Commission.
- We have implemented standard contractual clauses approved by the European Commission which give your personal data the same protection as in the EEA.
If none of these safeguards is available, we will seek your explicit consent for the transfer or rely on another lawful transfer mechanism.
5. Your GDPR Rights
Under the GDPR, you have specific rights regarding your personal data, including:
- Right to Access: You have the right to request a copy of the personal data we hold about you.
- Right to Rectification: You have the right to correct any inaccurate or incomplete personal data.
- Right to Erasure: You have the right to request that we delete your personal data in certain circumstances.
- Right to Restrict Processing: You have the right to request that we restrict the processing of your personal data.
- Right to Data Portability: You have the right to request that we transfer your personal data to another controller.
- Right to Object: You have the right to object to our processing of your personal data based on legitimate interests or for direct marketing purposes.
- Right to Withdraw Consent: If we rely on your consent to process your personal data, you have the right to withdraw that consent at any time.
To exercise these rights, please contact us using the details provided in our contact page.
6. Data Retention
We will only retain your personal data for as long as necessary to fulfill the purposes for which it was collected, including for legal, accounting, or reporting purposes. When determining the appropriate retention period, we consider the amount, nature, and sensitivity of the data, the potential risk of harm from unauthorized use or disclosure, and the legal requirements.
7. Security
We have implemented appropriate security measures to prevent your personal data from being accidentally lost, used, accessed in an unauthorized way, altered, or disclosed. However, no system is entirely secure, and we cannot guarantee the complete security of your information.
8. Cookies and Tracking Technologies
We use cookies and other tracking technologies to collect information about your use of the Site. You can set your browser to refuse all or some browser cookies or to alert you when websites set or access cookies.
For more information, please refer to our Cookie Policy.
9. Third-Party Links
Our Site may contain links to third-party websites, plug-ins, and applications. Clicking on those links may allow third parties to collect or share data about you. We are not responsible for their privacy policies and encourage you to read their privacy notices.
10. Changes to this Privacy Policy
We may update this Privacy Policy from time to time. Any updates will be posted on this page, and significant changes will be notified to you via email or a prominent notice on the Site.
11. Contact Us
If you have any questions or concerns about this Privacy Policy or our data practices, or if you wish to exercise your GDPR rights, please contact us.
If you are not satisfied with our response, you have the right to make a complaint to a data protection authority, particularly in the EU country where you live or work.