Data Controller
Tamun Musiikki Oy (2706599-8)
Contact Person
Miikka Melantie
+35840 776 2542
miikka@harmoniaudio.fi
Purpose of Processing Personal Data
Personal data is processed for managing and maintaining the customer relationship (providing, selling, delivering, and invoicing products and services, as well as handling possible support requests and complaints).
Data will not be disclosed to third parties.
Categories of Personal Data Processed
Basic and contact information (first name, last name, email address, phone number, employer, and job title).
Regular Sources of Data
Personal data is collected directly from the data subject.
Retention of Personal Data
Data is stored for as long as necessary in relation to the purpose for which it was collected (e.g., customer relationship, provided solutions/services, newsletter subscription).
At a minimum, data is retained for the period required by law.
Data will not be disclosed to third parties. However, data may be disclosed in response to statutory requests from authorities.
Transfer of Data Outside the EU or EEA
As a rule, personal data will not be transferred outside the EU or EEA.
The provision of certain products and services requires transfers outside the EU, including:
- Website analytics: Google Analytics (USA)
- Newsletter: Mailchimp (USA)
The basis for these transfers is the European Commission’s Standard Contractual Clauses. We have assessed that these transfers do not compromise the protection of personal data.
Principles of Register Protection
Databases containing personal data are stored on a server kept in a locked facility accessible only to designated, authorized persons. The server is protected by an appropriate firewall and technical safeguards.
Access to databases and systems is granted only with individual user IDs and passwords. The controller has limited access rights and authorizations to systems and storage platforms so that data can only be viewed and processed by persons for whom it is necessary for lawful processing.
Employees of the controller and other persons have signed separate confidentiality agreements and are bound to secrecy regarding any personal data they encounter in their work.
Rights of the Data Subject
The data subject has the following rights under the EU General Data Protection Regulation (GDPR):
- Right of access: The data subject has the right to inspect their data and request corrections or additions to inaccurate information.
- Right to object: The data subject has the right to object to processing if their data has been processed unlawfully or without authorization.
- Right to erasure: The data subject may request the deletion of their personal data insofar as it is not necessary for the controller’s duties.
- Right to data portability: The data subject has the right to receive their personal data in a machine-readable format and transfer it to another controller, if applicable under data protection law.
- Right to lodge a complaint: The data subject has the right to lodge a complaint with the Data Protection Ombudsman if they believe that the controller has violated data protection legislation in processing their personal data.
Cookies
The website uses the following cookies:
| Cookie | Purpose of Use |
| _ga | Google: User statistics and tracking |
| _ga_* | Google: User statistics and tracking |
| moove_gdpr_popup | Website: Functional, stores the user’s cookie preference |
| pll_language | Website: Functional, stores the user’s language preference |
| __stripe_mid | Website: Functional, payment function usage |
| __stripe_sid | Website: Functional, payment function usage |
| woocommerce_cart_hash | Website: Functional, online store usage |
| woocommerce_items_in_cart | Website: Functional, online store usage |
| wp_woocommerce_session_* | Website: Functional, online store usage |