Customer Register Description

This is the register and data protection description of Sovellin Oy in accordance with the Personal Data Act (sections 10 and 24) and the EU General Data Protection Regulation (GDPR). Created on 22.05.2018. Last modified on 23.05.2018.

Customer Register Description, Sovellin Oy

1. Data Controller

Sovellin Oy
Linnoitustie 4 A
02600 ESPOO
+358 40 510 1094
Business-ID: 2508170-8

2. Registry Matters

Our customer service will respond to questions and feedback related to the registry within two business days. Contact us via email at

3. Name of the Register

The customer register of Sovellin Oy, which contains customer data. The basis for the registration is the contractual relationship with Sovellin or the use of services provided by Sovellin.

4. Purpose of Processing Personal Data

The data is processed for the provision of agreed services, delivery of services and products to the customer, development of products and services, billing, management and development of customer relationships, and for statistical purposes.

The data is also used for advertising, marketing, direct marketing, and targeting marketing to customers, but communication transmission data is used only with the customer’s consent. The customer has the right to prohibit direct marketing directed at them.

Communication transmission data stored during the use of communication services is used only for purposes permitted by the Information Society Code.

Calls between the customer and Sovellin may be recorded, for example, to ensure the quality of customer service.

5. Content of the Register

The register may contain the following information about customers:

  • First and last names
  • Address details
  • Contact phone number (landline and mobile)
  • Contact email address
  • Language
  • Direct marketing prohibitions and consents
  • Additional information provided by the customer
  • Customer history (e.g., contacts to/from the customer, service changes)
  • For corporate customers, information about company contact persons and their role in the company, and user information
  • Contract-related information, such as the start date of the contract and the end date in the case of a fixed-term contract
  • Billing and collection information
  • Information related to the use of services

The above-mentioned information is stored if it is related to the customer relationship.

6. Regular Data Sources

  • Information provided by the customer.
  • Personal data obtained in connection with the provision or maintenance of the service.
  • Public sources such as the address service of the Finnish Post Office and the Digital and Population Data Services Agency are also used.

7. Data Disclosure

Sovellin may disclose information within the limits allowed and mandated by current legislation, for example, to authorities.

If data is transferred outside the European Union or the European Economic Area, the transfer requires that the country in question guarantees an adequate level of data protection or the data controller provides sufficient safeguards through contractual clauses or other means to protect individuals’ privacy and rights, or the data subject has given explicit consent to the transfer.

8. Data Deletion

Upon the termination of the customer relationship, the customer’s data is deleted from the registers when its processing is no longer necessary.

9. Principles of Register Protection

Personal data is kept confidential. The data networks and equipment of the data controller and its potential IT partners where the register is located are protected by firewalls and other necessary technical measures. The protection of communication networks complies with the Information Society Code and the regulations of the Finnish Communications Regulatory Authority.

All individuals processing the register have a personal user right granted by the data controller. All logins can be authenticated with personal usernames and passwords. Each user has a personal access level defined, which is verified during login with a personal username and password.

The entire staff and external persons acting on behalf of Sovellin have a confidentiality obligation regarding all customer data. Sovellin’s office premises are located in a locked office building with restricted access to outsiders.

9. Inspection, Prohibition, and Correction Rights

The data subject has the right to inspect the data concerning them and to request the correction of incorrect information in the register. The data subject also has the right to prohibit Sovellin Oy from processing data concerning them for direct marketing, distance selling, and other direct marketing as well as market and opinion research.

Inspection and correction requests, as well as notifications regarding the exercise of the prohibition right, must be sent in writing and signed to Sovellin Oy, Customer Service, Linnoitustie 4 A, 02600 Espoo.

10. Other Rights Related to Personal Data Processing

The data subject has the right to request the deletion of their personal data from the register (”right to be forgotten”). Similarly, data subjects have other rights under the EU General Data Protection Regulation, such as the right to restrict the processing of personal data in certain situations. Requests must be sent in writing to the data controller at Sovellin Oy, Customer Service, Linnoitustie 4 A, 02600 Espoo.

The data controller may request the requester to prove their identity if necessary. The data controller will respond to the customer within the time frame set by the EU General Data Protection Regulation (generally within one month).