This is Becom Oy's data protection and privacy statement in accordance with the EU General Data Protection Regulation (GDPR). Prepared on 2.2.2024 Last modified on 2.2.2023

1. Data Controller

Becom Group Oy

Business ID: 3108253-9

Kaisaniemenkatu 13, 00100 Helsinki

2. Name of the register

Becom Group's online store user register

3. Legal basis and purpose of processing personal data

The processing of personal data in accordance with the EU General Data Protection Regulation is based on the legitimate interest of the controller, a contractual relationship and/or compliance with a legal obligation of the controller. The processing of personal data may also be based on the consent of the data subject, which in such cases constitutes the legal basis for the processing, where applicable. The controller has a legitimate interest in carrying out objective, justified and lawful sales and marketing activities, including related customer profiling.

The purpose of processing personal data is to manage customer relationships and customer communication, implement and develop our services, monitor and analyze the use of our services and products, conduct customer, opinion and market research, develop business, target marketing and advertising, and direct marketing.

4. Data content of the register

The information stored in the register includes: name, telephone number, email address, position, company/organization, information about ordered products and their changes, IP address of the network connection, IDs/profiles in social media services, billing information and other information related to the customer relationship and ordered products.

The IP addresses of website visitors and cookies necessary for the operation of the service are processed on the basis of legitimate interest, including for data security purposes and for the purpose of collecting statistical data on website visitors in cases where they can be considered personal data. If necessary, consent is requested separately for third-party cookies.

5. Regular sources of information

The information stored in the register is obtained from the customer, for example, through messages sent via web forms, email, telephone, social media services, contracts, customer meetings and other situations in which the customer provides their information.

Contact information for companies and other organizations can also be collected from public sources such as websites, directory services, and other companies.

6. Regular data transfers and data transfers outside the EU or EEA

Your data is processed by our company's personnel in the performance of their duties. We use third-party information systems to store and process data in our operations.

We share information with our partners in the IT, payment, transport and accounting sectors to enable the provision of the service. This is the case, for example, when you order payment or logistics services from an online store or other services provided by third parties, which are ordered through our website. Any such transfer of information to third parties related to the provision of the service will be mentioned separately when ordering the service.

We may also disclose information to fulfill contractual obligations if required by law or a competent authority. We may also disclose your information if we are involved in a corporate or business transaction.

We do not transfer data outside the EU or the European Economic Area (EEA).

7. Principles of register protection

The user register information of the Becom Group online store is stored in the registrar's system, which is protected by operating system security software. Access to the system requires entering a username and password. The system is also protected by firewalls and other technical means. Only certain, predefined employees of the registrar have access to and are authorized to use the information contained in the register stored in the system. The information contained in the register is located in locked and guarded premises.

8. Right to inspect and right to request correction of information

Every person in the register has the right to check their data stored in the register and to demand correction of any incorrect data or completion of incomplete data. If a person wishes to check the data stored about them or to demand correction, the request must be sent in writing to the controller. The controller may, if necessary, ask the person making the request to prove their identity. The controller will respond to the customer within the time period stipulated in the EU Data Protection Regulation (generally within one month).

9. Other rights related to the processing of personal data

A person in the register has the right to request that personal data concerning him or her be deleted from the register ("right to be forgotten"). Data subjects also have other rights under the EU General Data Protection Regulation , such as the restriction of the processing of personal data in certain situations. Requests must be sent in writing to the controller. The controller may, if necessary, ask the requester to prove his or her identity. The controller will respond to the customer within the time period set out in the EU Data Protection Regulation (generally within one month).