PRIVACY STATEMENT -CUSTOMER REGISTRY
Updated September 29, 2020
1. DATA CONTROLLER AND CONTACT PERSON
Solarigo group (referred to as Solarigo Group or Solarigo)
The group includes the following companies:
Solarigo Oy (2753885-5)
Solarigo Systems Oy (2702133-8)
Nurmon Aurinko Oy (2765911-2)
Address: Autokeskuksentie 16 33960 Pirkkala
Keeper of the register: Heidi Mattila, tel. 050 4343 290
2. CONTACT INFORMATION
In order to fulfil their rights, the data subject may always be in contact with Solarigo’s data protection officer Heidi Mattila:
Phone: 050 4343 290
Address: Autokeskuksentie 16, 33960 Pirkkala
The data subject should be prepared in a reliable way to prove their identity.
Solarigo will implement the customer's request no later than one month after receiving the request and identifying the requester unless there is a specific reason to extend the response time.
3. REGISTER NAME
Solarigo Group Customer Register. The data subjects include Solarigo Group customers and potential customers.
Potential customer activity typically arises after a person expressed interest in Solarigo’s services during the customer events, on digital services or in the other context of a personal encounter.
4. PURPOSE OF THE PROCESSING OF PERSONAL DATA
The data controller uses personal data of customers and potential customers in accordance with data protection laws. Personal data is used for the following purposes:
Managing and developing a relationship with a customer
Offering, delivery and production of products and services
Payment, control and collection of payments
Marketing and remote sales of the data controller's products and services
Development of the data controller's business and customer service
Segmentation and profiling for the above purposes
The processing of personal data is based in accordance with the existing data protection legislation on the criteria such as:
• Contractual relationship between the data subject and Solarigo.
• Solarigo's legitimate interest, including when Solarigo uses data from the data subject for marketing of its products and services or Solarigo Group processes data internally or with the third party involved in the production of the service
• Consent of the data subject when the data subject has given their consent to electronic marketing or other consent requested separately by Solarigo.
• In addition, Solarigo's processing of personal data is based on other compelling, legal obligations.
5. REGISTER INFORMATION CONTENT
identification number or business-ID
contact information (address, phone and email)
any contact persons or representatives
other information obtained with the consent of the customer or potential customer, which is necessary for the implementation of the agreed service
permits and marketing bans on electronic direct marketing
dependence of heating on electricity
energy consumption forecast
possible area and height information
small-scale production equipment information
electricity connection information
subject of contract
duration of contract
possible representative information
information on payments and payment behavior
Service event information:
cause of event
Information on the use of services:
downloads of data from the online service
page browsing information
browser type and operating system
type of device, such as a computer or mobile device
time and duration of the session
date, frequency and duration of the visit
Information derived from the use of services:
analytics on the perceived use of the service and/or information provided by the customer may be derived, for example, the customer's potential interests or segment the client into a specific target group.
For updating and enrichment of the above information may be used external sources of information described in more detail below in the section regular data sources.
6. REGULAR DATA SOURCES
Customer information is obtained from customers, including requests for quotes, orders, in connection with contracts and other contacts, as well as information that is stored or is saved from the use of the customer's products or services.
All customer contacts can be saved. Recordings are used for contacts in authentication, reclamation processing and customer service development.
Personal data can also be collected, stored and updated for example from the Population Registration Centre, Suomen Asiakastieto Oy and from other register offering addresses, updates and similar services.
7. REGULAR DISCLOSURES OF DATA
Data of the data subject shall not be disclosed without the approval of the data subject outside the recipients or third parties involved in the production of services who are acting on behalf of Solarigo.
Information is released to the authorities in cases required by law, such as e.g. in the investigation and prevention of abuses.
8. DATA STORAGE
The data subject’s data shall be kept only for as long as necessary to implement needs defined in paragraph 4.
The material in manual form is stored in Solarigo's premises that have are locked and monitored.
9. TRANSFER OF DATA OUTSIDE THE EU OR THE EEA
Personal data is transferred outside the European Union or the European Economic Area only in procedural ways under the data protection laws, for example using contract model clauses approved by the European Commission.
10. REGISTRY PROTECTION PRINCIPLES
Registry information is protected by personal usernames and passwords. Only the eligible and defined users have access to the data they maintain. Backups are taken at regular intervals from the register. The information of the client registry is in databases that are protected by firewall, passwords and other technical means.
11. RIGHTS OF DATA SUBJECT
11.1 Right to access and verify data
The data subject has the right to receive a copy in paper or commonly used electronic format and inspect the personal information described in this leaflet. Information can be obtained according to the provided contact details in section 2.
11.2 Right to the correction of information and restriction of processing
The data subject is entitled to the correction of the data by providing incomplete or inaccurate information with its explanations in accordance with the contact details specified in paragraph 2.
The data subject also have the right to restrict processing when requested until the information have been updated.
11.3 Right to transfer data
The data subject has the right to transfer the data they provide about themselves to another system. In the energy market, services always require the concluding of a contract in which the necessary information arises in the new system.
A transfer request may be made in accordance with the contact information specified in paragraph 2.
11.4 Right to delete data
The data subject has the right to request the deletion of their data. A deletion request may be made n accordance with the contact details specified in paragraph 2.
11.5 Right to oppose automatic decision-making including profiling
In digital service channels, it is possible that on account of the data provided by the data subject for example eligibility for contract automatically verified. When using automated processing and conforming reasoning, the data subject has the right to object if the procedure is not necessary for the conclusion of the contract or for implementation.
In such cases, the data subject will be informed of alternative ways to proceed the case through other channels.
11.6 Right to revoke consent
The data subject has the right to consent and deny the electronic marketing, at any time.
11.7 Right to appeal to the Authority
If the data subject considers that his data has been processed in the Data Protection Statement and at any time contrary to the law in force, he has the right to appeal to the competent supervisory authority.
Contact details of the Data Protection Authority
Address: Ratapihantie 9 (6th floor), 00520 Helsinki
Postal address: PL800, 00521 Helsinki
Phone: 029 566 6700