This is a register and data protection declaration of Tuonetti in accordance with the Personal Data Act (Sections 10 and 24) and the EU General Data Protection Regulation (GDPR).
Controller and contact person responsible for the register
Business ID: 2930385-7
https://www.tuonetti.fi/ & https://asiakassivut.tuonetti.fi/
+358 10 3402100
What personal data do we collect and why?
The data to be recorded in the register are:
- name of contact person
- the name and registration number of the company or association
- personal identification number (only if an individual registers a .fi domain name or purchases a service that requires a credit check)
- contact information (phone number, email address, address)
- addresses of websites
- information on the services ordered and any changes to them
- billing information
- other information relating to the customer relationship and the services ordered
The information stored in the register is obtained from the customer via web forms, the service registration on the customer page, messages sent, email, telephone, social media services, contracts, customer meetings and other situations in which the customer discloses their data. We keep personal data for as long as the customer relationship is in force, or as long as required by law.
If you have an account and log in to the site, we will set a temporary cookie to determine whether or not your browser supports cookies. This cookie does not contain any personal data and is deleted when the browser window is closed.
When you sign in, we set a number of cookies that store your login and display preferences. If you select "Remember me" when you sign in, your login details will be kept for two weeks. If you log out, the cookies associated with your login will be deleted at the same time.
We use the Plausible analytics tool to collect online analytics.
Learn more about the Plausible Analytics tool
We collect analytics to improve the quality of our online services and to detect potential technical problems.
Content embedded from other sites
Articles on this site may contain embedded content (e.g. videos, images, articles, etc.). Opening embedded content from other websites is comparable to a visitor visiting a third-party website.
The contact form on this site stores the information (email, name, content) filled in by the customer. This information is used to contact you and to provide you with a better service.
The quote calculator on this website only stores the information filled in by the customer (email, name, company/association, choices and message content) if the customer submits a quote request via the form. The information is used to create an offer and for analytics to provide a better service.
Who do we share your information with?
When registering domain names, the domain name holder's and contact person's details are disclosed to the domain name registry administrator. For .fi domain names, the registry is Traficom and for other endpoints HEXONET GmbH. The data will not otherwise be disclosed to third parties. The data will not be transferred outside the EU or EEA.
What rights do you have to your own data?
We store information on the user profiles of registered users. All users have the possibility to view, edit and delete their personal data at any time. Only the username cannot be changed. Website administrators can view and edit user profile information.
If you have a user account on this site, you can request a summary file of your personal data, including all the personal data you have provided to us. You can also request the deletion of your personal data. The right to erasure does not apply to personal data that we are required to keep for maintenance, legal or security reasons.
Every person in the register has the right to check the information stored in the register and to request that any inaccurate or incomplete information be corrected or completed. If a person wishes to check the data stored about him or her or to request a correction, the request must be sent in writing to the controller. The controller may, if necessary, ask the applicant to prove his or her identity. The controller will respond to the customer within the time limit set by the EU General Data Protection Regulation (usually within one month).
Data retention period
The basic customer data related to the production of the customer contract will be destroyed no later than three months after the end of the customer relationship. For example, a customer relationship may end at the customer's own request or when the customer has no active services and three months have passed since the last paid bill. Accounting records are kept for six years in accordance with the Accounting Act.
The data is kept for three months after the end of the customer relationship, so that the customer can make a complaint after the end of the relationship if necessary. Some domains have a re-registration period of more than one month, during which the customer has the right to renew the registration of the domain they already own.
Principles for the protection of the register
The register is processed with due care and the data processed by the information systems are adequately protected. When register data is stored on Internet servers, the physical and digital security of the hardware is properly ensured. The controller shall ensure that stored data, server access rights and other information critical to the security of personal data are treated confidentially and only by employees whose job description includes this.
Comment: Updated data retention period.