1. Personal data controller who complies with the GDPR regulation (hereinafter "regulation") is ALONIAhelsinki Oy, business ID 3239155-2, at Mechelininkatu 25 lh 5B, 00100 Helsinki (hereinafter "Registrar");
2. The contact information of the registrar is: email: email@example.com, tel: +358 400 406 885
3. Personal data is all information related to an identified or identifiable natural person.
Source of personal data
1. The registrar processes the personal data received with the customer's consent, which has been collected by contract in order to obtain and fulfill the electronic order of the online store;
User-provided or personally identifiable information.
Identifying information such as name
Contact information, such as address, phone number and email address
Payment information, such as invoicing information and payment method information
Marketing communication permissions
Information observed about the use of the services
Delivery information, such as delivery address and selected payment method
Purchase history, such as previous orders, ordered products and returns
Online shopping session transaction information, such as shopping bag additions
General identification information of the terminal
Browsing and usage data of the online store
Data derived through analytics
Product recommendations inferred from purchase and browsing data
Interests derived from purchase data
The main source of information is the customer himself. We may receive more information from our partners, for example from a credit service provider if the selected payment method requires this.
2. The controller only processes the customer's identification and contact information, which are necessary to fulfill the purchase contract;
3. The registrar processes personal data for sending and accounting purposes, as well as for the time required by law to transmit the information needed by the parties to the contract. Personal data will not be made public or transferred to other countries.
Purpose of data processing
The controller processes the Customer's personal data for the following purposes:
1. Registration of the website aloniaecohair.com in accordance with Chapter 4 Section 2 of the GDPR;
2. Electronic order created by the customer (name, address, e-mail, phone number);
3. Comply with the law and regulations resulting from the contractual relationship between the Customer and the Data Controller;
4. Personal information is necessary to fulfill the purchase contract. A contract cannot be concluded without personal information.
Duration of personal data storage
1. The Controller stores personal data as long as necessary to fulfill the rights and obligations arising from the contractual relationship between the Controller and the Customer and for three years after the termination of the contractual relationship;
2. The controller must delete all personal data after the time required to store personal data.
Recipients and processors of personal data
The third parties that process the customer's personal data are subcontractors of the Controller. The services of these subcontractors are necessary so that the agreement on the acquisition and processing of the electronic order in the contract between the Controller and the Customer can be implemented.
The subcontractors of the controller are:
- Webnode AG (online shopping system);
- Cargo company; PostNord
- Google Analytics (home page analytics);
- Paytrail (payment broker);
In accordance with the regulation, the Customer has the right to:
1. get to know the personal data
2. to correct personal data
3. to delete personal data
4. object to the processing of personal data
5. data portability
6. withdraws consent to the processing of personal data in writing or by e-mail to the address: firstname.lastname@example.org from the e-mail address that the Customer has used for dealing with us. We will respond to messages as soon as possible.
7. submit a complaint to the supervisory authority if a violation of the Regulation is suspected.
Security of personal data
1. The controller undertakes to implement all technical and organizational precautions necessary to protect personal data.
2. The registrar has taken technical precautions to secure the data storage facilities, in particular ensured access to the computer with a password, used anti-virus software and maintained the computers regularly.
1. By placing an electronic order on the website aloniaecohair.com, the Customer confirms that they are aware of all personal data protection terms and accepts them in full;
2. The customer accepts these rules by selecting the checkbox in the order form;
3. The registrar may update these Rules at any time. A new, updated version must be published on this website.
These rules enter into force on October 23rd, 2022