Personal Data Act (523/1999) Sections 10 and 24
HopLop Oy (hereafter “HopLop”), business ID: 2006043-0, address: Äyritie 12 C, FI-01510 Vantaa, Finland. HopLop is responsible for the development and maintenance of the application.
2. Person responsible for matters relating to the data file and/or contact person
Address: Äyritie 12 C, FI-01510 Vantaa, Finland.
3. Name of the data file
HopLop loyal customer data file.
4. Purpose of processing personal data (purpose of the data file)
The primary reason for processing personal data is a customer relationship between HopLop and the customer (relevant connection). The data file shall be used to maintain and develop HopLop’s loyal customer system. By joining HopLop’s loyal customer system, the customer accepts the use of his/her data in HopLop’s marketing and business development.
The data file shall be used to provide and develop services; to manage, maintain and develop customer relations; in customer communication and in advertising and marketing. Marketing may also include benefits offered by HopLop’s partners. The customer’s purchase data may be used to target marketing so that the customer will receive information about products and services that interest him/her. The data may be used in HopLop’s direct advertising and marketing as well as opinion polls and market research unless the data subject has prohibited the processing of data concerning him/her for such purposes.
5. Data contained in the data file
5.1 Customer’s basic information
Customer’s first name and surname, street address, postal code, city, phone number, e-mail address, date of birth, children’s dates of birth, data of a parallel added member.
In terms of registered customers, the username and password shall be saved. Information about whether the customer has provided consent to marketing using electronic means as referred to in the law or whether the data subject has prohibited the use of data for direct advertising and marketing and opinion polls and market research shall be stored in the data file.
5.2 Transaction data
The following data shall be stored in the data file: the customer’s transaction data concerning purchases online and during visits to HopLop parks.
6. Regular sources of data
Data provided by the customer and the customer’s purchase and transaction data in HopLop’s checkout systems, partners’ data systems and HopLop’s electronic services, including the HopLop application and HopLop’s personnel register data about the customer’s employment with the HopLop chain.
7. Regular disclosures of data and data transfer outside the EU or the European Economic Area
Data in the data file shall not be disclosed outside the HopLop chain except when legally required. In the case of suspected criminal cases, data may, however, be disclosed to the police and, in the case of damage, to an insurance company.
Personal data shall not be transferred outside the EU or the EEA, unless this is necessary for the technical realization of data processing. The data protection legislation valid at the time shall be observed when disclosing data.
8. The principles of data file protection
The data file is stored electronically. The use of the data file and changing and processing the data can only be done via an application protected with multi-level user identification. The data file may only be used by appointed individuals who have been tasked with system maintenance and administration. The data in the data file are protected from use by external parties and use of the data file is controlled.
9. Data storage
The data stored in the data file shall be removed from the data file once the customer’s loyal customership ends.
10. Rights of the customer
The customer shall have the right to inspect data relating to him/her; to demand rectification, removal or completion of incorrect data; to forbid the use of data provided by him/her in direct advertising, distance selling or other direct marketing as well as market research and opinion polling or other such purpose as referred to in the Personal Data Act and to otherwise execute his/her rights guaranteed in the Personal Data Act. Requests concerning the matter should be directed to the controller’s contact person responsible for matters relating to the data file using a letter with a personal signature. HopLop will respond to requests for inspection in writing. A reasonable fee shall be collected for a request for inspection if less than one year has passed since the previous inspection.