1. DESCRIPTION OF FILE
Description
of file as referred to EU GDPR and local data protection law
2. CONTROLLER
Semel Oy
Business ID 0113821-2
Valimotie 21, 00380 Helsinki
Tel. +358 20 7429 400
3. NAME OF PERSONAL DATA FILE
Customer database of bookataxi service.
4. PURPOSE OF PROCESSING
PERSONAL DATA
Processing of personal data related to bookataxi services by the consent of the
data subject or based on customer relationship.
5. PURPOSE OF USE OF THE
PERSONAL DATA FILE
The personal data of the data subject are processed to maintain, manage, develop,
analyze, and compile statistics of the customer relationships related to the
provided service, and to provide, offer, and develop the service, and to carry
out the marketing campaigns, market surveys and marketing competitions for
Semel and its partners.
6. DATA CONTAINED IN THE
PERSONAL DATA FILE
The personal data file contains information within the scope of the following
categories:
-
Basic information on the data subject, such as name,
address, e-mail address and language
-
Information concerning service registration
-
Information concerning invoicing and debt collection
-
Information concerning the customer relationship and
contractual relationship such as products and services, their activation and
cancellation dates, details of the salesperson who sold the service, and
information concerning means of communication
-
Payment card information
-
Order history
-
User IDs and other identification information
-
Authorization information and prohibitions, such as
direct marketing consents and prohibitions
-
Event and user analysis information
-
Personal identity code for reliable identification in
premium services or services requiring a high level of information security
-
Information about mobile device gps location and other
information regarding the service
7. REGULAR SOURCES OF PERSONAL
DATA
Personal data is collected in connection with registration, when a service is
used by permission, or otherwise directly from the data subject. Personal
details can additionally be gathered and updated from the Population Register,
the prohibition registers maintained by the Finnish Direct Marketing
Association, and similar registers.
8. DISCLOSURE OF INFORMATION
Semel may disclose customer details within
the limits allowed and required by the legislation in force.
Due to the technical manner in which the processing of the data is implemented,
some of the information may be located in the systems of subcontractors to
Semel or otherwise processed with the aid of a technical interface. Semel may
also use subcontractors for the processing of data. The data will not be
transferred outside the European Union or the European Economic Area, unless
the implementation of the service so requires. Even in such a case, Semel will
guarantee an adequate level of information security, as required by
legislation.
Semel has the right to publish the e-mail address details of the data subjects by their consent either in a
written or electronic catalogue. The information can also be used in a national
or international directory service.
9. PROTECTION OF DATA FILE
As
a general rule, right of access to the data file requires a user ID granted by
the administrator of the customer database. The administrator in such a case
also defines the level of access rights granted to the users. A personal
password is required for logging in to the application. The use of the data
file as well as the logins are controlled.
The data is collected to the shared databases of the service. These databases
are protected by firewalls, passwords, and other technical means. The databases
are located on locked and guarded premises. Only predefined persons have access
to the information.
Everyone on Semel premises is required to have an ID card visible and entry is
forbidden without an appropriate access control card.
10. RIGHT OF INSPECTION AND
ERASURE
In accordance with Eu GDPR, the users have the right to check what information
has been stored on them in the personal data file. You also have the right to
request that inaccurate or incomplete personal data be corrected. The customer
can check this free of charge once a year. The request for checking the data
must be submitted in a personally signed document or a similarly certified
document. You may also request that your personal data be erased.
The request must be sent in writing and signed to the address:
Semel Oy
Customer Feedback /GDPR
P.O. Box 1000, FIN-00380 Helsinki
The inspection request can also be presented at the address Valimotie 21,
Helsinki.