Taloturva Group Oy, business ID 2799369-8

Contact details:

Härkähaankuja 5, 01730 Vantaa

Data Protection Officer: Juha-Matti Kemppainen

Email: juha-matti.kemppainen@taloturva.fi

Phone number: 044 0333 245

Purposes and legal grounds for processing personal data

Taloturva collects and processes personal data of customers and potential customers for the purposes of advertising products and services, distance selling or other direct marketing, responding to customer contact requests, business development, arranging and maintaining customer meetings, the submission of quotations, the preparation and execution of financial and subscription agreements, the delivery of orders, billing and collection of invoices, customer satisfaction surveys, customer relationship management, warranty handling, opinion and market research, prize draws and accounting.

The recordings of the chat on the Taloturva website can be used to ensure the quality of chat customer service and the accuracy of the answers given to customers, as well as to improve operations. The recordings can also be used for training to improve customer service and to design the content of the guidelines.

The legal grounds for the processing of customer data by Hausoturva are.

a)      The data subject’s consent to the processing of the data, e.g. to arrange customer meetings and participate in prize draws

b)     To implement agreements, e.g. financing agreement and subscription agreement

c)      To comply with legal obligations, e.g.. the Commercial Code, the Consumer Protection Act, the Accounting Act and other regulatory requirements and notifications

d)     Legitimate interest of the controller, e.g. direct marketing by telephone

Legitimate interests of the controller

The controller has a legitimate interest in carrying out direct marketing by telephone to promote the controller’s products and services, as defined in the Electronic Communications Services Act (2014/917, Chapter 24).

The controller also has a legitimate interest in processing personal data for fraud prevention purposes when drawing up financing and subscription agreements.

Personal data processed in the register / categories of personal data

Personal data provided by customers is stored in the customer register of Hausoturva. In addition to the name, this may include one or more contact details of the data subject (address, telephone number, e-mail address).

In addition, Taloturva processes on behalf of financial institutions the data required for the customer’s application for financing (in addition to contact details, personal identity number, income, marital status, etc.).

Information about users visiting Taloturva’s website is collected using cookies for Google Analytics, which can be used to develop Taloturva’s website operations and target marketing.

In addition, additional information provided by the customer or otherwise collected with the customer’s consent may be collected, as well as any changes to the information identified above.

Where was the personal data obtained?

As a rule, Taloturva collects customer data directly from the data subjects themselves, for example in the course of a customer meeting or at trade fairs and other events, or by filling in forms on the company’s website (e.g. contact request) and automated visitor tracking, or alternatively by obtaining contact data from the data subjects’ partners, as well as from authorities and companies providing services concerning personal data.

Provision of information and consequences of non-disclosure

The provision of personal data is a prerequisite for the conclusion of an offer, a financing agreement and a subscription contract, as well as for the delivery of the order to the customer. If the necessary personal data are not provided, no offer, financing agreement or subscription contract can be concluded. In other contexts, the provision of personal data is completely voluntary, but may mean, for example, that the person cannot participate in draws organised by Taloturva.

Automated decision making and profiling

Hausoturva itself does not make any automated decisions or profiling based on customer data. When processing applications for funding, financial institutions can make automated decisions based on the information provided in the application. Financial institutions use the information provided, for example, to assess the customer’s ability to pay in order to issue an automatic financing decision.

Recipients of personal data

Customer data collected and processed by Taloturva may be processed by Taloturva’s partners or system providers as follows:

–           Financial institutions (OP, Handelsbanken) for processing funding applications

–           Firasor Oy for ERP (Firasor ERP)

–           Visma Solutions Oy for invoicing and accounting (Netvisor)

–           Intrum Oy for invoice recovery

–           Google Inc. for email communications and calendar entries

–           Soluto Oy In connection with the maintenance of Taloturva’s web pages and IT services

In addition, Taloturva may disclose personal data to public authorities if necessary for legal obligations and official requirements.

Data transfers to third countries (outside the EU/EEA)

As a rule, the personal data of Taloturva’s customers is processed and stored within the EU or EEA. However, due to the technical implementation of data processing, some customer data may also be processed or stored outside the EU or EEA when processing personal data through Google cloud services. Google will take the necessary technical and organisational measures to ensure the secure processing of personal data in accordance with the GDPR. For more information about Google’s data processing and privacy practices, please visit: https://cloud.google.com/security/gdpr/.

Retention period of personal data

Personal data collected by Hausoturva will only be kept for as long as is necessary for each processing operation.

Customer experiences will not be deleted unless the data subject requests that the data be deleted.

Vendors’ calendar entries are kept for the duration of the vendor’s employment.

Data related to financing and supply contracts are kept within the legal retention period, e.g. in accounting records for up to 10 years.

For the purpose of warranty handling of the products, the address data of the installation sites are kept in accordance with the requirements of the Consumer Protection Act for the warranty periods of the products. Other personal data will be anonymised or appropriately destroyed for the purposes of the safeguard procedure.

In prize draws, personal data is stored until the draw and then destroyed in an appropriate manner, taking into account data protection.

How we protect personal data

Information systems containing personal data are protected against external and unauthorised access, for example by defining access rights and job roles. The technical and administrative measures necessary to ensure a level of security equivalent to the risks to the rights and freedoms of data subjects, assessed through a risk assessment, which vary in terms of likelihood and severity, are implemented.

The employees of Hausoturva are bound by confidentiality and have signed a written confidentiality agreement. The personnel of Taloturva have been trained in the changes brought by the GDPR and Taloturva’s internal practices on data protection and information security in the processing of personal data, and are obliged to comply with the legislation and guidelines.

Manual data (e.g. papers in files) are protected against physical access and are not accessible except by persons authorised by the controller with the controller’s permission. The internal guidelines also pay attention to the minimisation of manual data, secure handling and storage, and proper disposal.

The information technology material on is protected by generally accepted and reasonable methods, such as firewalls, security systems and strong passwords. Protected email is used in particular for the transmission of sensitive personal data by email.

Rights of the data subject

The data subject has the following rights in relation to his or her personal data contained in this register.

1. The data subject has the right of access to personal data concerning him or her, i.e. information about what personal data about him or her is contained in the customer register of Taloturva, , provided that the person requesting the rights can be reliably identified as the data subject. The request for information must be made in writing. At the request of a data subject exercising this right, the controller shall provide the data subject with an extract of the personal data contained in the register within one month of the request for information. A free response to a request for information will be provided once a year, otherwise a management fee will be charged.
2. Data subjects have the right to request the rectification of their personal data if they contain incorrect, inaccurate or outdated information.
3. Data subjects have the right to object to the processing of their personal data for direct marketing purposes.
4. Data subjects have the right to withdraw their consent to the processing of their personal data if consent was requested from the data subject at the time of collection.
5. Rekisteröidyllä on oikeus saada henkilötietonsa poistettua (”oikeus tulla unohdetuksi”). Henkilötiedot poistetaan asiakasrekisteristä mm., kun
   • a.        There is no longer a need for the processing of personal data, taking into account the requirements of other legislation
   • b.        Data subject withdraws consent (if consent has been requested)
   • c.        Unlawful processing of personal data
   • d.        The data subject objects to the processing of their personal data for direct marketing purposes
6. Rekisteröidyllä on oikeus henkilötietojensa käsittelyn rajoittamiseen, mikäli
   • a.        the data subject contests the accuracy of the personal data, in which case the processing will be limited to a period of time during which the controller can verify the accuracy of the data.
   • b.        processing is unlawful and the data subject objects to the erasure of the personal data and requests instead the restriction of their use
   • c.        the controller no longer needs the personal data concerned for the purposes of the processing, but the data subject needs them for the establishment, exercise or defence of legal claims.
7. The data subject has the right to receive personal data concerning him or her which he or she has provided to the controller in a structured, commonly used and machine-readable format and the right to transmit such data to another controller.
8. The data subject has the right to lodge a complaint with a supervisory authority. Every data subject has the right to lodge a complaint with a supervisory authority, in particular in the Member State where he or she has his or her habitual residence or place of work or where the alleged breach of the GDPR has taken place.

The data subject can exercise the above rights by contacting the controller, if necessary, see. contact details of the controller.

Cookie policy

We use cookies (including Google Analytics) to improve content and user experience. If you wish, you can block cookies in your browser settings.

Cookies are small text files that are stored on your device to collect and remember information, for example to improve the functionality and usability of our website. We may also use cookies and similar technologies for statistical purposes, such as to better understand how users use the website and to improve the user experience.

You can prevent cookies from being stored on your device, restrict the use of cookies or delete cookies from your browser settings. Restricting the use of cookies may affect the usability of the website.

Tube-Bot contacting

The Plumbing Bot chatbot on our website collects information intended to help a person with a plumbing challenge. The data collected will be used to contact the person for this purpose and will be kept for a maximum of 24 months.

Lotteries and counters

Personal and other information collected from sweepstakes and calculators on the Site may be used for direct marketing purposes. The data will not be disclosed to third parties. The user can always object to the use of personal data by informing the Data Protection Officer in writing.

Job applications

We collect and process the following information about you: name, phone number, email address, job application, CV. We will only use your data for recruitment purposes and keep it for 12 months.