1. Controller Emmy Clothing Company Ltd Hemmolankatu 19 08150 Lohja FINLAND
(hereafter ”we” or ”Emmy”)
2. Contact person for register matters Timo Huhtamäki, firstname.lastname@example.org
4. What is the legal basis for and purpose of the processing of personal data? The legalbasis for processing personal data isthe legitimate interest of the company based on a customer relationship and/or the performance of a contract and/or consent.We will process your data because we have a contract with you through either (i) delivering your purchases from Emmy’s webstore or (ii) by picking up & processing your secondhand items for sale, or (iii) providing you with some other service you have requested. We will also use your personal data to send you sales and marketing communications that we believe may be of interest to you if we have your explicit consent for this activity, or if you are an existing customer where we have a legitimate interest in communicating with you. You can opt out of sales and marketing communications from us at any time.
We use your personal data:
We use automated decision-making (inc. profiling) to identify yourprofile, online behavior, age, consumer habits and topersonalize your visit to the website and ensure that content from our site is presented in the most effective manner for you. We want to find out what you and other customers like andto develop our services.
5. What data do we process?
We collect the following personal data:
Providing the information marked with a star is a prerequisite for our contractual relationship and/or customer relationship. We cannot deliver the product and/or service without the necessary information.
If you register for an Emmy account, we collect your name, email address, password, country, day and month of birth and additional information regarding your favourite designers and your marketing preferences.
If you provide us with someone else’s data – for example, if you purchase a product to be delivered to a friend or as a gift – we will collect and process the personal data required to enable the transaction such as the name, delivery address and other contact details that you have given to us and we process this data on behalf of you. If you are receiving an item as a gift, we will process your data only to complete the gift request and our contractual obligations.
6. From where do we receive information? We collect your personal data from you when you place an order, send in items for sale, call our Customer Service, sign up for our marketing communications, order seller information, browse our website or use any other services offered by our website www.emmy.fi.
We use "cookies" to collect information. Cookies are files with small amount of data, which may include an anonymous unique identifier. Cookies are sent to your browser from the service and stored on your computer's hard drive. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our service.
For the purposes described in this privacy notice, personal data may also be collected and updated from publicly available sources and based on information received from authorities or other third parties within the limits of the applicable laws and regulations. Data updating of this kind is performed manually or by automated means.
7. To whom do we disclose data and do we transfer data outside of EU or EEA? We do not sell, trade, or otherwise disclose to outside parties your personally identifiable information. However we use subcontractors that process personal data on behalf of and for us such as service hostingpartners and other parties who assist us in operating our service, conducting our business, or servicing you, such as:
Some of our subcontractors may be based in non-EU countries. Where this is the case, we protect your privacy and your rights through the use of the European Commission’s standard data protection clauses.
8. How do we protect the data and how long do we retain them? The security of your personal information is important to us, but remember that no method of transmission over the Internet, or method of electronic storage, is 100% secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security. Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential. In addition, all sensitive/credit information you supply is encrypted via Transport Layer Security (TLS) security protocol. Likewise, the entire browsing experience on our webstore is protected by the same security protocol (as indicated by the url beginning with https://). Only those of our employees, who on behalf of their work are entitled to process customer data, are entitled to use a system containing personal data. We will not retain your personal data for longer than is necessary to fulfil the purposes for which you provided that personal data, unless the law permits or requires that we retain it for longer. The retention period varies depending on the purpose of the processing.
We regularly assess the need for data retention in light of the applicable legislation. In addition, we take reasonable measures to ensure that the personal data we have is not incompatible, obsolete or inaccurate considering the purpose of the processing. We rectify or delete such information without delay.
9. What are your rights as a data subject? As a data subject you have the right to:
10. Who can you be in contact with? All contacts and requests concerning this privacy notice must be submitted in writing or in person to the contact mentioned in section two (2).