PROMART OY PRIVACY POLICY

Updated May 22, 2025

DATA CONTROLLER

Promart Oy
Muuraintie 1
33960 Pirkkala

tel. 010 235 1690

CONTACT PERSON RESPONSIBLE FOR DATA PROTECTION MATTERS

Saara Seppälä
ProMart Oy
Muuraintie 1
33960 Pirkkala

tel. 010 235 1690

NAME OF THE REGISTER

Promart Oy online store customer and legitimate business relationship register

PURPOSE OF PROCESSING PERSONAL DATA

Personal data is processed for managing customer relationships and other legitimate business relationships, implementing the rights and obligations of the parties, developing and analyzing the controller’s operations, customer communications, marketing, and business planning.

The personal data contained in the register may be used, as permitted by applicable legislation and subject to consent or prohibition where required, for direct advertising, distance selling, or other direct marketing, opinion or market research, and other comparable addressed mailings by the controller, companies belonging to the same group as the controller at any given time, and the controller’s selected cooperation partners.

DATA CONTENT OF THE REGISTER

The data content of the register consists of the following information. Depending on the purpose of use, some of the information is mandatory in order for the matter or service to be processed appropriately.

  • Person’s name
  • Person’s contact details (such as address, phone numbers, email address)
  • Details of the company the person represents (company name, locality, and Business ID)
  • Additional information (additional information provided by the person, such as a free-form message or feedback)
  • Other identifying information (including the person’s public IP address)
  • Tracking data (tracking data related to electronic marketing activities)
  • Online store transactions, requests for quotation, online store purchases
  • Cookie data

Storage of data related to customer relationships

ProMart Oy Oy processes the personal data of its customers and potential customers for the purpose of managing and developing customer relationships. This includes, among other things, preparing quotations, contract negotiations, customer communications, and sales documentation.
Customer communications may be stored in the company’s customer relationship management system (CRM), including key content related to email and telephone conversations (for example, quotation content, scheduling preferences, or feedback). The records do not contain sensitive data. The data stored may include:

  • Name, email address, phone number, and job title
  • Company name and contact details
  • Contacts and summaries of discussions
  • Materials related to quotations, orders, and contracts
  • Start and end date of the customer relationship or other legitimate business relationship
  • Identification data related to the use of services (e.g. customer number, usernames and passwords, username)
  • Billing and debt collection information
  • Contact and communication related to the customer relationship and other legitimate business relationship across different channels and media (e.g. complaints and other feedback, as well as recordings of customer service calls)

Legal bases for processing:

  • Legitimate interest (customer relationship management, business development)
  • Performance of a contract or steps taken prior to entering into a contract
    Data is retained only for as long as the customer relationship or other legitimate business relationship remains in effect, unless legislation requires a longer retention period.
Electronic Direct Marketing

Promart Oy may send marketing communications to customers and business decision-makers (such as newsletters, invitations, or announcements) related to our operations and the products or services we offer.
Marketing communications may also be targeted at company decision-makers based on their job role under legitimate interest (for example, an email address in the format firstname.lastname@company.fi). Marketing is not directed at private individuals without consent.

Legal basis for processing:
- Legitimate interest (business marketing, communications, customer satisfaction, feedback management)
- Customer consent (where necessary, for example in consumer communications)

Opting out of the marketing register: Every marketing message provides a clear opportunity to unsubscribe from receiving messages.

REGULAR SOURCES OF INFORMATION

Personal data is collected from the data subject themselves and from the controller’s systems when the data subject registers for and uses the services. Personal data may be collected and updated from the registers of the controller and companies belonging to the same group from time to time, from the population information system, credit information registers, registers maintained by ASML Suomen Asiakkuusmarkkinointiliitto ry, as well as from other similar public or private registers and data sources providing information services, and from the controller’s partners.

DISCLOSURE AND TRANSFER OF DATA

Data stored in the device register used on the website and mobile application may be disclosed to ProMart’s suppliers or partners for the purpose of enabling an extended warranty granted by the manufacturer for a newly purchased device. A condition for receiving the extended warranty is that device information and device user information are disclosed to the manufacturer or partner.

Data will not be transferred outside the European Union or the European Economic Area unless necessary for the technical implementation of the service. In such cases, the controller will ensure an adequate level of data protection as required by law.

PROTECTION OF THE REGISTER

Databases in which register data is stored are protected by firewalls, passwords, and other technical means. The databases and their backups are located in locked premises. Documents containing data subjects’ information that are processed manually are stored in locked premises so that unauthorized access is prevented.

The controller ensures that only those employees of the controller and employees of companies acting on behalf of the controller who need the data to perform their job duties have access to the information.

DATA RETENTION PERIOD

The data subject’s personal data is stored only for as long as necessary to fulfill the purposes described in this notice. In addition, some data may be stored longer to the extent necessary to meet legal obligations, such as responsibilities related to accounting and consumer sales, and to demonstrate compliance.

RIGHT OF ACCESS, RIGHT TO OBJECT, AND RIGHT TO RECTIFICATION

The data subject has the right to check what data concerning them has been stored in the register. A request for access must be sent in writing and signed to the person responsible for register matters. The request for access may also be made in person at the controller’s place of business at the address mentioned above. The request for access can be made free of charge once a year. Requests for access will be answered no later than one month from the submission of the request.

Registered individuals have the right to prohibit the use of their data for direct advertising, distance selling, other direct marketing, as well as opinion and market research. Registered individuals also have the right to request the correction of inaccurate information or the deletion of all their data by contacting the person responsible for register-related matters or by notifying the data controller’s customer service at asiakaspalvelu(@)promart.fi.

PRINCIPLES OF REGISTER PROTECTION

The register is protected against external access. It may only be accessed by persons who, as part of their work, are authorized to process the data. Access is restricted by username and password. The register is stored in a database protected by a firewall and other technical security measures.

COOKIES

The website uses cookies to identify users. This is necessary for logging in and for displaying informational texts related to the website’s functions.