DATABASE DESCRIPTION AND DATA PROTECTION POLICY

DATABASE DESCRIPTION AND DATA PROTECTION POLICY

Data controller

Katepal Oy

Business ID: 0150703-0

Katepalintie 15

37500 LEMPÄÄLÄ

Tel. 03 375 9111 

Contact person

Reijo Suutari 

Name of the database

Katepal Oy’s offer request database.

Purpose of handling personal data

Katepal Oy saves and handles their client’s personal data according to the EU’s General Data Protection Regulation (GDPR 2016/679) and the current Finnish Personal Data Act (523/1999).

The database description and policy is about the handling of personal data from individuals who have given their contact information to the data controller through Katepal’s “Request an offer” form so they can be contacted. You can leave an offer request concerning a roof renovation or roof materials with the form.

The data controller will handle the client’s personal data for the following purposes: contacting the client to offer services and to handle and improve the client relationship.

When handling and planning how we handle the personal data, we use proper data privacy policies, such as minimisation, pseudonymisation and anonymisation of data if at all possible.

The data contained in the database

The data that is gathered from clients and saved includes the following: location address, locality, site name, attachment, name, phone number and email address.

We retain your personal data only for the time needed to complete the uses described in this data protection policy.

Sources of data

The customer sends us their data with the “Request an offer” form and is thus responsible for the validity of their data. 

Regular disclosure of data

The offer request will be kept for further handling and the data the request contains can be disclosed to a third party (contractors and retailers chosen by Katepal) in order to offer the services requested with the form. All partners abide by the requirements of the EU General Data Protection Regulation (GDPR) and other legislation.

Transferral of data in the database outside the EU or EEA

The data in the database is not transferred outside the EU or EEA.

Principles of protection for the database

Katepal Oy stores its client data in Finland. The data security of the data hall and the systems, as well as the processes, is high-class. Servers are protected against intrusion attacks and denial-of-service attacks.

The data can only be accessed by the data controller and people who are specifically appointed for it. Only people who have been appointed have the right to handle and maintain the database. The data is backed up safely and can be restored if needed. The data security of the database and the confidentiality of the personal data are ensured using the proper technical and administrative procedures.

Rights of the data subject

The data subject can ask to see their personal data and to request the correction, deletion or partial handling of the data. They also have the right to object to the handling of the data and transfer of the data into another system. The request must be made to the data controller in writing and it must be signed. The data subject’s identity must be identifiable. The data controller will deliver the data to the data subject in writing within 30 days of receiving the review request.

The data subject has the right to be forgotten on request (this means the data will be deleted). The right to be forgotten cannot be applied to the data when the customer relationship is active or during a contract. In practise, this means a period of seven years from the last interaction.

The data subject can ask for the data saved into the system by contacting our customer service: myynti@katepal.fi.

Cookie policy

Cookies are small data files that are saved on the client’s hard drive. They make navigating our pages easier and make the website more user-friendly. Our web pages use cookies to store your preferences. Cookies can also be used to determine if your computer has been previously in contact with our pages. In this case, only the cookies on your computer are identified. Cookies can gather different types of data, for example: from what page you transferred to the web address, which of our web pages you have browsed and when, what browser you are using, the resolution of your screen and your operating system, your IP address (what address the sent data comes from and where you receive data). The data does not reveal the user’s name or other personal data and the user cannot be identified solely based on cookies.

If you use our web pages, you agree to the use of cookies and that they are saved to your computer. Most browsers automatically accept cookies. As a visitor, you can block the use of cookies by adjusting your browser settings so that the browser won’t allow saving cookies. In this case, you accept that changing your browser settings in this way may affect the functionality of the service.