1. Data controller
Equesia Ltd
Nissinmäki 2
02780 Espoo, Finland
2. Contacts related to the register to customer service info@equestdream.com
3. Name of the register
Equesia Oy customer register; e-commerce
4. Legal basis and purpose of processing personal data
Personal data is processed by the online store customer on the basis of the customer's assignment by mail order and
to enable the delivery of goods on the basis of the consent given by the data subject.
The data will not be used for any other purpose.
5. Data content of the register
The register may process the following issues related to and accruing in connection with the assignment below:
Listed personal data
The information stored in the register includes: person's name, company/organisation, contact information
(telephone number, e-mail address, address), information about the ordered products and their changes,
billing information, other information related to the customer relationship and ordered services.
retained for as long as necessary to carry out the activities described above (mail order/billing)
to enable
IP addresses of website visitors and cookies necessary for the operation of the service
processed on the basis of legitimate interest, e.g. to ensure data security and to ensure the safety of website visitors
for the collection of statistical data where they can be considered to be personal data.
If necessary, consent will be requested separately for third-party cookies.
6. Regular sources of information
The information stored in the register is obtained from the customer, e.g. from messages sent via web forms,
by email, telephone, social media services, contracts,
customer meetings and other situations in which the customer gives up with their own consent
knowledge.
7. Regular disclosure of data and transfer of data within the EU or
outside EEA
Data is not regularly disclosed to other parties. Information may be published to the extent that:
is agreed with the customer.
Data may also be transferred by the controller outside the EU or EEA. No data will
be transferred to the United States without the express consent of the data subjects.
If you disclose personal data to different parties, please specify the possible recipients or
categories of recipients (including processors/subcontractors), related categories of personal data
the purposes of the processing and the grounds for the transfer if data is transferred outside the EU.
8. Principles of register protection
The register is handled with care and the data processed with the help of information systems
is adequately protected. When register data is stored on Internet servers, their hardware
Physical and digital security is adequately ensured. The controller takes care of:
that stored data as well as server access rights and other personal data and safety-critical
information is processed confidentially and only by the employees
of the position in whose job description it belongs to.
9. Right of inspection and right to request correction of data
Every person in the register has the right to inspect their data stored in the register and
demand the correction of any incorrect data or the completion of incomplete information. If
the person wants to check the data stored about him or her or demand correction of it, the request
must be sent in writing to the controller. If necessary, the controller may ask the applicant to testify
Identity. The controller is responsible to the customer in accordance with the provisions of the EU
General Data Protection Regulation in accordance with the EU General Data Protection Regulation, time (as a rule, within a month).
10. Other rights related to the processing of personal data
A person in the register has the right to request the erasure of personal data concerning him or her
register ("right to be forgotten"). Data subjects also have other EU general
Rights under the GDPR, such as restricting the processing of personal data in certain
Situations. Requests must be sent in writing to the controller.
The controller may request:
if necessary, the applicant to prove his identity. The controller is responsible to the customer within the time limit set by the EU General Data Protection Regulation (usually within one month).
Equesia Oy Business ID: 3325793-7