Privacy Policy

This is a privacy policy and data protection statement in accordance with the EU General Data Protection Regulation (GDPR).

Name of the registry

Onniravintolat (Kuningaskonsultit Oy) Customer Data Registry

Data controller

Kuningaskonsultit Oy
Business ID: 2659640-4

Data Protection Officer

Gianjot Dollar Singh, CEO

Legal basis for processing

The legal basis for the processing of personal data is:

Agreement regarding the processing of personal data for the purpose of managing customer relationships and providing services
The data controller’s legitimate interest when data is used to maintain customer relationships, develop services, and for communication purposes
Consent, if the data is processed for purposes such as marketing or other voluntary purposes

Purpose of the Registry

The purpose of this registry is to serve as the customer data registry for Onniravintolat.

The information may be used for the following purposes:

Customer Relationship Management
Processing of job applications

Standard sources of information

The primary source of information is the customer. Information may also be obtained from government and business registries, as well as from partners.

Data content of the registry

The database primarily contains information provided by customers to Onniravintolat.

The registry may contain, among other things, the following information:

Name
Email address
Address
Phone number
Other information provided by the user

Regular disclosures of information

With the customer’s consent, information may be disclosed to Onniravintolat’s partners for the purpose of delivering the products and services ordered by the customer.

Information related to billing may be disclosed to parties responsible for payment processing.

The data will not be disclosed to any other third parties, either within or outside the EU.

Information may be disclosed to public authorities if they submit a request in accordance with Finnish law.

Principles of Data Protection

Paper Records

No data is stored in physical form, with the exception of accounting records. Access to accounting records is restricted to designated employees and the accountant, who are bound by a duty of confidentiality.

Electronically Stored Data

Data is transmitted via an SSL-secured connection.

Electronic data is protected by firewalls, and access is restricted to designated employees only. Users are identified by a username and password. All data is treated as confidential.

Rights of the data subject

The data subject has the following rights:

Right of access to data (right to access personal data)
Right to rectification (correction of inaccurate data)
Right to erasure (right to be forgotten, provided the conditions are met)
The right to limit proceedings
The right to object to the processing of personal data
The right to transfer data from one system to another if the processing is based on consent or a contract
The right to withdraw consent at any time if the processing is based on consent
The right to file a complaint with the supervisory authority (in Finland, the Data Protection Ombudsman)

Right of inspection and prohibition

The data subject has the right to inspect the personal data stored about them in the personal data register.

A written request for an audit must be sent, signed, to the person responsible for registry matters.

The right to inspect is free of charge up to once a year.

Data retention period

Personal data is retained only for as long as necessary to fulfill the purpose for which it was collected.

Cookies

This website uses cookies. Cookies are small text files generated by a website that are stored in the user’s browser with their consent.

Cookies are used to analyze the use of the online service, remember user preferences, and improve and personalize the service.

Users can block cookies or delete them in their browser settings. This may affect the functionality of the service and the user experience.