REGISTRY AND PRIVACY POLICY

Combined registry and privacy policy and document of informing according to Personal Data Act 10 § and 24 § and GDPR Articles 12 and 13, for Lumon’s customers, potential customers, web shop customers and website users.

1. Registrant
   Lumon Oy
   Address: Kaitilankatu 11, 45130 Kouvola, Finland
   Business ID: FI22544498
   tel.:+358 (0) 20 7403 200
   email: [email protected]
2. Data protection officer
   Name: Kimmo Hilliaho
   Email: [email protected]
3. Register’s name
   Lumon Oy customer registry (and any other register with legal purpose)
4. Purpose of handling personal data
   LUMON uses information given by you in handling orders, invoicing, debt collection, contacting customer, transactions, customer surveys, developing services, handling feedback and reporting, marketing and other customer-related functions.
5. Groups of registered
   a) Person and/or company has/has had customer relationship or other personal contact to registrants, such as personalised offer request, offer, request for contacting, asking for more information about Lumon products which is related to e.g. deals, offers, or
   b) Person and/or company has/has had an involvement, an obligation or any other right according to a deal, service or an assignment related to customer relationship with the registrant, or
   c) Registering person’s and/or company’s information is based to legal requirement
6. Register’s contents
   The following data may be handled in the register if required by the purpose, basic information:

Information given voluntarily by you
First- and last name, address, phone number(s), e-mail address, date-of-birth, employer/company, role/title, IP-address
Date of beginning of customership
Lumon products owned by you or interested by you
Permissions or prohibition for direct marketing
Information about purchases and usage of services:

Made purchases: place and date of purchase, purchased products with pricing, final sum of purchases, way of payment, delivery address

7. Regular sources of data
   Sources of data contained in the register are registered him-/herself, via phone, via internet, via website visit, via email, information given in events and while visiting Lumon Oy. Also other reliable sources and registers may be used with the permission of registered.
8. Data extradition and transferring outside EU or EEA
   No personal data is transferred outside EU or EEA unless it is necessary for the technical execution of data handling. Data may be selectively given to a third-party assigned by registrant for directional marketing campaign. Ownership of the data doesn’t not transfer to the third-party and neither the third-party has right to use the data to any other than assigned function. We have ensured that all our service providers follow privacy laws.

Whenever possible, we have chosen safe European datacentre to store your data.
Some of the above-mentioned service providers may backup data outside EU/EEA to United States. Data is back upped to keep your data safe and accessible if the primary servers should fail.

Privacy Shield
We have ensured that our service providers have joined the Privacy Shield program between United States and EU (https://www.privacyshield.gov/list), which ensures safe processing of Europeans’ data in United States.

9. Principles of register protection
   All your personal data is always protected with necessary technical and administrative methods. LUMON guarantees that data held by Lumon isn’t used incorrectly, deleted without reason, counterfeited or manipulated and that data doesn’t end up to outsiders and the data won’t be published without given permission. Data system is protected and is accessible only by LUMON employees with personal login credentials.

Accessing the system requires username and password. The system is also protected by firewalls and other technical solutions.
Data in registries is accessible only by authorized and specifically designated employees
Use of the register in protected with personal login credentials and authorization
Register is located in a computer which is stored in a datacentre where access is limited
Data contained in the register is located in secure and protected premises
Regular backups are taken of the register

10. Right to inspect, correct and prohibit
    Registered has right to inspect data of oneself contained in the register, right to correction of incorrect data, right to prohibit handling personal data in direct marketing and otherwise right to resort to the rights according to Personal Data Act or other personal data law. You may inspect the data stored of you in Lumon’s registries via written and signed request, which is to be delivered to Lumon via email ([email protected]) or as a physical copy. When requesting for inspection one must have pictured ID. If any incorrect data exists, you may ask Lumon to correct the data. Web store’s customers may edit their own data via user interface. In the web shop’s user interface one may inspect their personal data and purchase- and event history.

Prohibition to direct marketing
You have a right to prohibit us using your data in direct marketing. We never sell or otherwise extradite your personal data to outsiders whom could provide direct marketing for you. We get web marketing for e.g. Facebook and Google. These companies however won’t get your personal data in any condition neither this kind of marketing is direct marketing, but it’s based on cookies. See “13. Cookies” for more information.

11. Data retention time
    Lumon is very careful about data protection. Therefore customer data, which are collected, are processed precisely according to Finnish laws and regulations. Data is stored for the duration of customership, mainly for 3 years. Your data is removed from the register right when processing your data has no reason according to the purpose of the register or when the customership has ended. One may quit our email marketing lists / direct marketing lists via the link to “Unsubscribe”.
12. Other rights related to personal data processing
    As our customer you have right to prohibit profiling your data and using it for direct marketing or market- and opinion-surveys, by informing Lumon about it. If you want to ask anything specific or comment about Lumon’s data protection and security, please contact our data protection officer via email [email protected].
13. Cookies
    This website uses cookies. The site send the browser a cookie – small textfile, which is stored to the computer’s hard drive. There are temporary session-cookies, which close after you close your browser and also permanent cookies, which are saved to computer’s hard drive. With cookies we can identify your browser and use this information for analytic purposes, such as counting visitors on our website. This information gives us possibility to observe and follow our customers’ interests and therefore improve our websites. All information collected is anonymous and no actions on the web can be traced to one single person.

Most internet-browser accept cookies automatically, but optionally you can change your browser’s settings and delete and deny any cookies.

Advertising-cookies help us choosing the best and most interesting ads for you. These also deny showing the same ads for you. Some third party suppliers may also use cookies or other tracers (1 pixel image files), so you could see more ads you like, whenever you visit different websites. The data collected via cookies and such are anonymous, so neither we nor any third party may recognize you. Third party advertisers may also use some tech to analyse and measure the effect of ads. For this they may use a tracer (1 pixel sized GIF-file), which is located in our website to collect anonymous information. After receiving anonymous information about visits on our and other websites, advertisers may design ads about products and services, which possibly interest the user.

This website has Google Adwords-cookies, which is used to specify marketing with a user list on Google’s ad-networks. User is not identifiable according to the information stored in cookies. User may deny user list – based Google Adwords-marketing at www.google.com/settings/ads

More information about browser-based marketing from Your Online Choices –site.