Register and privacy policy

REGISTER AND PRIVACY POLICY OF LEMPI­KUORO

This is the regi­stra­tion and data protec­tion policy of Lempi­kuoro ry in accor­dance with the EU General Data Protec­tion Regu­la­tion (GDPR). Last modi­fied on 8.6.2023.

1. Regi­strar

Lempi­kuoro ry
3117230–7
Mark­ki­natie 6 D 48, 00700 HELSINKI
info@lempikuoro.fi

2. Purpose of the register

The purpose of proces­sing personal data collected through the Lempi­kuoro website and the ticket shop is to process orders from custo­mers of the online shop. The data will not be used for any other purposes or passed on to third parties, with the excep­tion of the payment service provider.

3. Legal basis

Lempi­kuoro ry acts as a data cont­roller in accor­dance with the EU General Data Protec­tion Regu­la­tion. The legal basis for the proces­sing of personal data under the GDPR is a purc­hase agree­ment to which the data subject is a party.

4. Data content of the register

The data stored in the customer register of the Lempi­kuoro ticket shop:

• Name of the person
• Company/organisation (if provided when orde­ring)
• Email
• Telep­hone number
• IP address of the web service provider

Personal data will be kept for the purpose of mana­ging the customer rela­tionship and orders for up to one month after the event. After this period, the personal data will be deleted from the customer register.

The IP addresses of visi­tors to the website and cookies neces­sary for the func­tio­ning of the service are processed for legi­ti­mate inte­rests such as data secu­rity and the collec­tion of statis­tics on visi­tors to the website in cases where they can be consi­dered as personal data. Third party cookies are subject to sepa­rate consent where neces­sary.

5. Regular data sources

Personal data is collected from the data subject via the ticket order form. 

6. Proces­sing and disclo­sure of data

The personal data collected from the custo­mers of the choir are stored in the following infor­ma­tion systems:

• Woocom­merceWoocom­merce is the plat­form that allows Lempi­kuo­ro’s ticket shop to easily and quickly process orders.The data is trans­ferred from Woocom­merce to the payment service system to complete the order. The data stored in Woocom­merce is only held by the regi­strar.

• KlarnaWhen you place an order, you also provide your data sepa­ra­tely to the payment service provider Klarna. You can read Klar­na’s privacy policy: https://www.klarna.com/fi/tietosuoja/ If you wish to review the data stored with the payment service provider, please contact Klarna.

7. Regular data disclo­sures and data trans­fers outside the EU or EEA

There is no regular transfer of data to other parties. Data may only be published to the extent that this has been expressly agreed with the customer.

8. Principles of register protec­tion

The register will be processed with due care and the data processed by the computer systems will be adequa­tely protected. Where the data are stored on Internet servers, the physical and digital secu­rity of their hardware shall be adequa­tely ensured. The regi­strar shall ensure that stored data, as well as access rights to servers and other infor­ma­tion critical to the secu­rity of personal data, are treated confi­den­tially and only by those whose job it is.

9. Right of access and recti­fica­tion

Any person in the register has the right to check the data recorded in the register and to request the correc­tion of any inaccu­rate data or the comple­tion of incomplete data. If a person wishes to check or request the recti­fica­tion of data stored about him or her, the request must be sent in writing to the regi­strar at info@lempikuoro.fi. The regi­strar may, if neces­sary, ask the person making the request to prove his or her iden­tity. The regi­strar will reply to the customer within the time limits set by the EU General Data Protec­tion Regu­la­tion (as a general rule, within one month).

10. Other rights rela­ting to the proces­sing of personal data

Any person in the register has the right to request the erasure of personal data concer­ning him or her from the register (“right to be forgotten”). Data subjects also have other rights under the EU General Data Protec­tion Regu­la­tion, such as the restric­tion of proces­sing of personal data in certain circums­tances. Requests should be sent in writing to the regi­strar at info@lempikuoro.fi. The regi­strar may, if neces­sary, ask the applicant to prove his or her iden­tity. The regi­strar will respond to the customer within the time limits set by the EU GDPR (usually within one month).