Personal data policy
This policy applies to the handling of the personal data which somessa.com (“somessa.com” or “we”) gathers about you that may, for example, come to us via our websites (including social networks belonging to third parties), electronic mail, SMS, telephone, stores, registration forms and in other contacts with us, camera surveillance, from third parties and from generally available information.
We are attentive to your personal privacy concerns. This policy governs how we gather, use and protect information about you and how you can exercise your rights. Kindly contact us if you have any questions or viewpoints with regard to this personal data policy.
With reference to the law, we refer below to the General Data Protection Regulation, GDPR) and other applicable Swedish data protection regulations.
By “personal data”, we mean information that pertains to you and which can identify you.
Normally, you can make use of our web page without providing us with any information. On some pages, you will be requested to provide information, for example, in connection with purchasing and service requests. Furthermore, we can make use of information about you that we gathered from other sources provided by third parties, e.g., marketing and sales companies.
The personal data about you that are collected can be:
Personal and contact information – such as your name, address, e-mail and telephone number, demographic information (such as date of birth, age, sex, geographical location, favourite products and leisure interests) and, when it is clearly justified with regard to the purpose of the handling or importance of a secure identification, also personal ID numbers.
Economic information – information needed to complete an order or which you use to make a purchase, e.g., debit or credit card details.
Technical details about your device or internet-connection – e.g., IP addresses, cookies, geographical locations and log-in details.
Information about your user behaviour – such as your searching patterns and activities on your web page, your response time for pages and how you use our services.
User-generated information – the content that you personally register, submit or publish, e.g., in connection with calls made to customer service (which may be recorded), competitions, subscriptions to newsletters and content that you share with us by uploading to our web site or on social networks (where you allow the network to share with us), such things as texts, video clips and photographs.
Information from other sources – Generally available information or information from our cooperative partners that e.g., we gather in order to keep our information about you updated or in order, for example, to secure payment.
Purpose and legal basis
Our primary purposes with the collection of personal data is to fulfil our obligations toward you, the customer, by processing and delivering your orders, invoicing and in providing customer services and other measures connected with your purchase of our products. For example, we may need to answer your questions via our customer service associated with your purchases, as well as send information to you for product-safety purposes, e.g., whether any of our products need to be recalled, and otherwise ensure that legal requirements are being satisfied (e.g., the Finnish Accounting Act).
Another purpose is to be able to offer you good products and services by customising services and in providing better services with more relevant content. Furthermore, we analyse the information about our customer’s demographic and geographical circumstances, interests and behaviours based on the information we obtain from our website or other services.
We may use information about you in order by means of postal mail, e-mail, SMS/MMS or by telephone to send you newsletters, inform you of new products, campaigns, offers, competitions and other information about our products and activities that we offer and which we believe can be of interest to you. Thus, we may use the information about you for direct marketing purposes, including profiling, provided that you have not instructed us not to do so. Your personal data can also be used for interest-based advertising on the internet via us or via the digital advertising networks with whom we cooperate, and which in certain cases can be customised to your personal interests.
Somessa.com’s legitimate interest in handling the aforementioned personal data is in being able to offer you a better purchasing and customer experience, and to provide you with personally customised offers and other relevant information.
Information about cookies
To be able to check out your cart, your browser must support SSL and have it enabled, SSL is a protocol used to encrypt information sent between somessa.com and your own computer.
When you visit somessa.com, digital ad networks, we work with, can also place cookies that support ads targeting and marketing messages based on visit behavior. The information does not contain personal information.
We handle your data with the greatest care, and your data are only used by us and selected third parties.
Third parties that we engage to help us in conducting our activities (e.g., customer surveys and dispatches) are only permitted to use your personal data on our behalf and for the particular tasks we give them according to our instructions, and to act as personal data advisers for us. They are obligated to keep your personal data confidential and safe. If required by law, you are entitled to obtain a list of any personal data advisers handling your personal data on our behalf.
In order to be able to offer better services, and for marketing purposes, we can also forward your personal information to third parties, most often independent personal data managers, in order for them to be able to perform a service for us or for you, e.g., for address updates, a postal or shipping service company that will deliver products, insurance companies, banks/credit review companies or digital advertising networks with which we cooperate.
In other special cases, we can also submit personal information, e.g., when we have reason to believe that it is necessary to identify, contact or take action against someone who may have made an unauthorised access to the web site or in some other way have violated or breached our rights or property or our customer’s or other visitor’s rights.
The transfer of personal data to countries outside the EU/EEA requires the country in question having an agreement with the EU/EEA, that the country is considered to have sufficient data protection legislation, or that we have entered into a contract with the third party in question that stipulates that they be compelled to apply EU-commission-approved clauses with regard to the protection of personal privacy. You will find a list of approved third countries and standard clauses on the EU-commission home page and on the Finnish Data Protection Authority about the transfer of data to third countries.
Age of consent
By using this site, you represent that you are at least the age of majority in your state or province of residence, or that you are the age of majority in your state or province of residence and you have given us your consent to allow any of your minor dependents to use this site.
Personal data saving
Data stored electronically: Electronically saved register are stored according to GDPR approved technical data storage guidelines. Personnel of the group that are working with the orders have access to the register.
Data stored manually: Manual data (papers) is stored in locked area, which external persons do not have access too and destroyed when no longer used.
We save your personal data only as long as is necessary for the purposes pursuant to this personal data policy or as long as it is required according to law or contract. Your personal data are deleted or rendered anonymous when they are no longer relevant to the purposes for which they have been collected or no longer required by law or contract.
Changes to the personal data policy
This personal data policy may be updated by us. If substantial changes to this personal data policy are made, we will notify you by placing a clear message on the web site or in some other required manner. We encourage you to read through this personal data policy in order to remain informed of how we handle your personal data.
Complaints and claims
If you feel that the handling of your personal data has been conducted in an incorrect manner, we ask you to contact us as soon as possible. You also have an opportunity to submit your complaint to the Finnish Data Protection Authority with regard to our personal data handling process.
If you feel that you have suffered damages pursuant to our handling of your personal information having been in violation of the law, you may be entitled to claim damages. You can then demand compensation from us or bring a case against us in the courts.
Somessa.com, 2595233-1, is the party responsible for the handling of your personal information according to the above, unless otherwise expressly stated in connection with the collection of your information. somessa.com abides by Finnish data protection legislation. If you have any questions regarding the policy or our personal data handling, please contact us via the details below.
Address: Hietasaarenkatu 19, 65100 VAASA