Registry and Data Privacy Statement
1. Data Controller
Elinia Ltd, Business ID: 3197436-9, Rämsööntie 1048, 33750 VESILAHTI.
2. Contact Person for the Registry
Elina Kokko, elina [at] elinakokko.com, +358 45 7710 2007
3. Registry Name
Mailerlite customer registry
4. Data Subjects
The registry processes customers who have subscribed to the email list.
5. Location of the Registry
The Mailerlite application, used for email communication, has servers located within the European Union.
6. Basis and Purpose of Personal Data Processing
The primary basis for processing personal data is the customer relationship between Elinia Ltd and the customer, along with the customer's consent. Personal data is processed to manage, execute, develop, and monitor customer relationships, customer service, and related communication and marketing.
The purpose of the registry is to inform customers who have subscribed to the email list. The registry is also used for sales, marketing, customer surveys, and business development. Only information related to the customer relationship is processed. The legal basis for retaining the data is the separate consent given by the individual.
7. Processed Personal Data
The registry processes customers' personal and contact information, as well as other necessary information related to the customer relationship, while keeping the amount of data collected to a minimum. This information includes:
8. Retention Period of Personal Data
Data from the email list will be immediately deleted upon request.
9. Regular Data Sources
The data subject and events related to transactions through Mailerlite.
10. Regular Disclosures and Transfers of Data outside the EU or EEA
Data will not be disclosed for purposes other than those specified and will not be shared with external parties. Data will not be transferred outside the European Economic Area.
11. Principles of Registry Protection
Personal data will be kept confidential.
Manual Data: No manual data is present.
Electronic Data: The data controller and employees who require access for their job duties have permission to access the registry. Employees are identified using a username and password.
12. Right to Access and Right to Rectification
Every individual in the registry has the right to access the information stored about them and request the correction of any inaccurate information or the completion of incomplete information. If an individual wants to review their stored information or request corrections, they must send a written request to the data controller. The data controller may request the requester to provide identification if necessary. The data controller will respond to the customer within the timeframe specified by the EU data protection regulation (usually within one month).
13. Right to Lodge a Complaint with a Supervisory Authority
Every data subject has the right to file a complaint with the relevant supervisory authority or the supervisory authority of the European Union member state where the data subject resides or works if the data subject believes that their personal data has not been processed in accordance with applicable data protection legislation.
14. Other Rights Related to Personal Data Processing
Data subjects in the registry have the right to request the deletion of their personal data from the registry ("right to be forgotten"). Data subjects also have other rights according to the EU General Data Protection Regulation, such as the right to restrict the processing of their personal data in certain situations. Requests should be sent in writing to the data controller. The data controller may request the requester to provide identification if necessary. The data controller will respond to the customer within the timeframe specified by the EU data protection regulation (usually within one month).
15. Contact Information
Requests to exercise data subjects' rights, questions regarding this data privacy statement, and other inquiries should be made by email to the Data Controller.
16. Changes to this Data Privacy Statement
This data privacy statement may be updated from time to time, for example, when there are changes in legislation. This data privacy statement was last updated on 1st August 2023.