Data balance sheet: Medaffcon marketing register

1. Controller

  • Name: Medaffcon Oy
  • Business ID: 2273265-9
  • Address: Tietäjäntie 2, 02130 Espoo

2. Contact person for register issues

  • Name: Tuuli Tuompo
  • Address: Tietäjäntie 2, 02130 Espoo
  • Phone: +358 40,158 78 30
  • E-mail:

3. Name of register

  • Medaffcon marketing register

4. Purpose of processing personal data

Customer’s personal data can be processed for the following purposes:

  • managing and developing a customer relationship
  • realising services
  • confirming customer events
  • developing customer service and business activities
  • marketing
  • analysis and statistics
  • opinion and marketing surveys
  • other similar purposes

5. Register’s data content

Information stored on the data subject may include the following:

  • Contact details, such as name, address, phone numbers, e-mails
  • Register data, such as user ID, nickname, password and other identity code
  • age, gender, title or profession and mother tongue
  • information related to eventual customer relationship, such as invoice and payment details, product and order details, sales details, customer feedback and contacts, draw and competition tickets
  • information related to managing communication and information related to the use of services, such as browsing and search data
  • eventual profile information and areas of interest produced by the customer
  • eventual permissions and consents
  • eventual other data collected with the permission of the customer

6. Regular sources of information

Information related to the customer is received mainly from the following sources:

  • the customer him/herself via phone, response card, Internet, e-mail or other corresponding manner
  • cookies or other corresponding technologies
  • From the Population Information System, Post address system, phone companies’ contact registers and other similar private and public registers

7. Regular disclosure or transfer of personal data outside the European Union or the European Economic Area

  • Customer data will not be disclosed for other than Medaffcon Oy’s own use
  • Customer data will not be transferred or disclosed outside the EU or the European Economic Area

8. Rights of the data subject

Right to inspect and correct

The data subject has the right to inspect customer register with respect to the stored data concerning him/her. The inspection request must be made in writing with a signed document to the address provided in Section 1. In case there is an error in the registered data, the data subject may make a rectification request to the controller provided in Section 2.

Right to refuse

The data subject may prohibit the controller from processing his/her personal data for direct mail advertising, inside sales and other direct-marketing as well as marketing and opinion surveys and public registers and genealogical research. The customer can manage prohibitions and rectifications by writing to the address provided in Section 1.

9. Description of the principles in accordance with which the data file has been protected

Physical material

Manually processed files containing personal data will be destroyed duly after processing.

Digital material

Digital material can only be accessed by employees specifically entitled to process customer data in their work. Each user has a personal user ID and password to the system. The data is stored in databases, which are protected with firewalls, passwords and other technological measures. Databases and their backups are stored in a locked space where only certain preassigned people have access to.