Privacy policy
Register and Privacy Policy
This is Luvby Oy:s Personal Data Act (10 ja 24 §) and the EU General Data Protection Regulation (GDPR) registration and data protection statement. Prepared 2.5.2022. Latest change 2.5.2022.
1. Registrar
Luvby Oy
3258683-5
Tampere, Finland
info@luvbylovesyou.com
2. Contact person responsible for the register
Katariina Aho
kata@luvbylovesyou.com
3. Registry name
Luvby Oy client register.
4. Legal basis and purpose of processing personal data
By using Luvby Oy's online services and registering in our customer register, you accept our register and data protection statement and our terms of use. Customer data is collected primarily for the purpose of managing the customer relationship. Customer data may also be used for service and business development, marketing, analysis and statistical purposes. All customer and personal data collected by Luvby Oy is always treated confidentially.
5. Data content of the register
The data stored in the register are:
-Personal and contact information: name, billing and delivery address, email address, telephone number
-Payment information: your credit or debit card information, account number in return transactions, credit agreements concluded with a third party (Paytrail) and other possible billing information
-Company information: company name, business ID, billing information and the company's postal and delivery address (if you are a company)
-Purchase information: purchases made (including total amount, place of purchase, product group, product)
-Behavior on the site: incomplete shopping carts, loading times and errors, arrival
-Device information: main device, operating system, screen resolution, IP address, language settings
-Location information: your geographical location
-Product recommendation information and other information and identifiers used for targeted content
6. Regular data sources
The information stored in the register is obtained from the customer, for example, from messages sent via www forms, by email, by telephone, through social media services, from contracts, customer meetings and other situations in which the customer discloses their information.
Information about contact persons of companies and other organizations can also be collected from public sources such as websites, directory services and other companies.
7. Regular disclosures of data and transfers of data outside the EU or EEA
Data may be disclosed within the limits permitted and required by the applicable legislation, including for marketing purposes of the carefully selected partners of the data controller, where such purposes support the intended use of the register and/or the production of targeted content.
Data may be transferred to the following third parties:
-
Analytics and statistics partners
-
Product recommendation and personalisation partners
-
Partners maintaining the customer register
-
Partners developing and maintaining the online store
-
Email marketing partner, if the customer has consented to email marketing
-
Printing houses and the postal service for marketing communications sent by mail, if the customer has consented to postal marketing communications
-
Marketing partners managing and implementing marketing in digital channels (Facebook, Google)
-
Payment service providers when payments are made by payment card
-
Credit providers, if the customer chooses invoicing as the payment method
-
Transport and logistics companies
-
Suppliers in possible complaint cases or in connection with the delivery of competition or prize draw prizes
Agreements are concluded with all partners governing their responsibilities in the processing of customer data. These agreements also take into account the requirements set by the EU General Data Protection Regulation and other applicable legislation. If data is transferred outside the EU, the transfer is carried out securely, and partners are obligated to comply with the EU General Data Protection Regulation.
Partners do not have the right to disclose the data they receive to third parties.
All personal data is stored only for as long as necessary for the purpose for which the data was collected or to verify compliance with statutory obligations. Data may also be deleted if the customer misuses the services or engages in inappropriate or unlawful activities. Where necessary, data may be disclosed to authorities at their request.
In the event of a personal data breach, as required by the regulation, we will notify the data protection authority within 72 hours and will always also inform the customer.
8. Principles of register protection
All personal and customer data collected by Luvby Oy is stored appropriately and securely.
The register is handled with care and the information systems are controlled so that the data is constantly protected. When register data is stored on Internet servers, the physical and digital security of their equipment is appropriately taken care of. The registrar changes that the registrar keeps information about server access rights and critical modifications to personal security confidentially and only by their employees, it is part of the job description.
9. Right of inspection and right to demand correction of information
Every person in the register has the right to inspect their data stored in the register and demand correction of any incorrect information or completion of incomplete information. If a person wishes to check the data stored about them or demand correction, the request must be sent in writing to the controller. The controller may, if necessary, ask the person making the request to prove their identity. The controller will respond to the customer within the time period stipulated in the EU Data Protection Regulation (generally within one month).
10. Other rights related to the processing of personal data
A person included in the register has the right to request the deletion of personal data concerning them from the register (“the right to be forgotten”). Data subjects also have other rights under the EU General Data Protection Regulation, such as the right to restrict the processing of personal data in certain situations. Requests must be submitted in writing to the data controller. The data controller may, where necessary, request the person making the request to verify their identity. The data controller will respond to the customer within the time limit laid down in the EU General Data Protection Regulation (generally within one month).
_____________________________________________________________
Luvby Oy reserves the right to change the privacy policy. Before placing an order, the customer must familiarize themselves with the current terms and conditions - the updated policy can always be found on our website.
Cookies
We may use "cookies" to collect information about your visits to our website and to improve your user experience. Cookies are small text files that are stored on your computer's hard drive and that luvbylovesyou.com uses to improve your shopping experience by speeding up your browsing experience and website performance. Cookies are also used to personalize your user experience when using our website and to remember your information when you return to the site. You can disable all cookies if you do not want to receive them. You can also set your computer to warn you each time a cookie is used. In both cases, you will need to adjust your browser settings. Please note that when you have set your computer to reject cookies, it may limit the functionality of the website you are visiting and you may not be able to access some of the website's features.