Rules and principles for processing personal data
Privacy is a matter of trust, and your trust is important to us. To ensure that use of our website is secure, we strictly comply with legislation on the processing of personal data. Below, we explain how we collect and use such data.
Membership of Friends of Familon
Membership of Friends of Familon is offered by Wendre Finland Oy to individual customers: members are offered exclusive benefits and advance information on new products, promotional campaigns, events and competitions. The Friends of Familon program is maintained and marketed by Wendre Finland Oy, P.O. Box 1001, FI-00211 HELSINKI, telephone: +358 10 5045 500, email: [email protected]
Membership of Familon Pro
The Familon Pro membership for professional customers is offered by Wendre Finland Oy to business customers. Members are offered exclusive benefits and advance information on new products, promotional campaigns, events and competitions. The Familon Pro program is maintained and marketed by Wendre Finland Oy, P.O. Box 1001, FI-00211 HELSINKI, telephone: +358 10 5045 500, email: [email protected]
Subscription and termination of membership
Membership can be terminated at any time by sending an email to our customer service at [email protected] You can unsubscribe from a newsletter, which is a membership benefit, via the link at the end of the newsletter. Customers, who have registered as a member on Familon's website and created a password, can edit their information on the My Information page.
Wendre Finland Oy has the right to terminate a membership if the member does not act in accordance with these terms of membership. Wendre Finland Oy reserves the right to terminate the Friends of Familon and/or Familon Pro membership program within a reasonable time from giving notice of termination, and to amend these terms of membership. Notice of amendment of the terms of the agreement will be sent to members in person or by posting the updated terms and conditions on Wendre Finland Oy's website one (1) month before the changes enter into force.
Benefits and communications
Information about Friends of Familon and/or Familon Pro benefits and events is primarily sent by email about once a week, and in some cases by text message. Benefits are solely intended for members and should not be disseminated to third parties. Benefits are provided by Wendre Finland Oy: they may exceptionally be provided by a third party, in which case the third party will, on a one-off basis, be given the customer data necessary for providing benefits. Membership does not involve the accumulation of points that are convertible into discounts on Familon products. Instead, membership benefits are immediately available as special offers and events for members.
Processing of personal data
Cookies are used on the Familon.fi website. A cookie is a short text file that a web server stores, via the online service in question, on a user's device. The data obtained through cookies is anonymous and is not combined, by the cookies, with personal data obtained from the user.
Familon/Wendre Finland Oy (business ID: 2485849-0)
P.O. BOX 1001
Telephone: +358 10 5045 500
Email: [email protected]
2. Persons responsible for register matters
Wendre Finland Oy's customer register for private customers/B2C eCommerce Manager
Wendre Finland Oy's customer register for business customers/B2B eCommerce Manager
Telephone: +358 10 5045 500
Email: [email protected]
3. Name of register
Wendre Finland Oy's customer register
4. Description of registered groups
Wendre Finland Oy's customer register for private customers
Persons who have joined Wendre Finland Oy's ‘Friends of Familon’ loyal customer system and subscribers to the newsletter (processing basis: consent of the data subject); Familon.fi online store customers and persons in another relevant connection with the controller (processing basis: legitimate interest of the controller).
Wendre Finland Oy's customer register for business customers
Persons who have joined Wendre Finland Oy's ‘Familon Pro’ loyal customer system and subscribers to the newsletter (processing basis: consent of the data subject); Familon B2B online store customers and persons in another relevant connection with the controller (processing basis: legitimate interest of the controller).
5. Basis and purpose of processing personal data
The basis for processing personal data is the legitimate interest of the controller. The data subject has a relevant connection with the controller's activities due to the customer relationship.
The purpose of the personal data entered in the register is management of the customer relationship and the targeting of marketing in order to provide an optimal customer experience. Personal data is processed for the purpose of managing and maintaining the customer relationship or another relationship based on a relevant connection; for the development and management of the loyalty system and online store; for the planning and development of the business of the controller and companies belonging to the same group at any given time; as well as customer communications and marketing, including direct marketing, distance selling, and market and opinion surveys. Personal data may also be processed in order to target marketing of interest to the data subject. The aim of such targeting is to provide the data subject with additional information and benefits related to the topics and products in which the data subject has shown an interest during the customer relationship.
6. Categories of personal data, and data content of the register
Data in the following categories will be processed for the register:
Basic information necessary for the management of the customer relationship, such as: first and last names, contact details (email addresses, postal addresses, telephone numbers), date of birth and age, gender, size of household, language, and usernames and passwords for the controller's online services.
Data related to interests, profile and participation, and necessary for managing the customer relationship, such as: interests-related data provided by the data subject, other data provided for the service, and answers by the data subject to questions presented in various promotional campaigns.
Data related to a customer account or another relevant connection, such as: identification data related to the use of Familon's services and content, the start time and date of the customer relationship, and direct marketing authorisations and prohibitions, as well as data on the use of electronic services and content, technical data (IP address, browser and browser version) sent by the data subject's browser to the controller’s server, and data related to cookies that have been downloaded onto the data subject's browser.
Data related to special offers, purchases and other contacts such as: benefits, services and promotional campaigns directed at and offered to the data subject; other contacts related to the customer account or another relevant connection (including feedback and complaints); communications and actions taken; as well as purchases made from the online store, dates of purchase and products purchased (quantities and prices of products purchased and total purchase amount).
Information on changes to the data specified above.
7. Regular data sources
Data is collected from the data subject at the beginning of and during the customer account or another relevant connection. The data subject provides personal data via the online store, or on forms completed for various events or promotional campaigns arranged by the controller, or by telephone during customer service calls. Updates to the data subject's contact information can also be obtained from public authorities and companies providing ‘data update’ services.
Regarding B2B customers, Wendre Finland Oy's customer register can also be supplemented by obtaining contact information from companies that provide such information, based on the legitimate interest of the controller.
8. Recipients of data
Data is received and processed by representatives of Wendre Finland Oy, and of companies belonging to the same group at any given time, whose duties include the processing of such data. On a case-by-case basis, data may also be processed by other parties processing personal data under an agreement with the controller, where necessary to fulfilling the purpose of personal data processing.
9. Regular disclosure of data
Personal data is not regularly disclosed to third parties. Personal data is processed by the controller, and companies belonging at any given time to the same group as the controller, in accordance with the data protection regulations in force at any given time. The controller has the right to disclose personal data within the limits permitted and required by the applicable legislation, e.g. when replying to requests for information by public authorities.
10. Transfer of data outside the EU or EEA
Data shall not be regularly transferred outside the territory of the Member States of the European Union or the European Economic Area, unless this is necessary to fulfilling the purposes of personal data processing or for the technical implementation of processing, in which case data transfer will comply with the data protection regulations in force at any given time.
11. Principles governing data protection of the register
The databases related to the register are protected against external data breaches by technical means considered generally acceptable in the data security sector, such as firewalls, passwords and other technical means. Databases, their backups and material in manual form which contain personal data are kept on locked premises. Only designated employees of the controller and companies acting on behalf of, or commissioned by, the controller have access to the data contained in the register through the personal right of use granted by the controller.
12. Right of inspection
The data subject has the right to inspect what data, concerning the data subject, has been stored in the register. A written and signed request for inspection must be sent to the person responsible for register matters. An inspection request can also be presented in person to the controller. If the controller refuses to provide access to the data in question, the controller must issue a written certificate on the matter. The certificate must state the reasons for refusing the right of inspection. The data subject may refer the matter for consideration by the Data Protection Ombudsman.
In normal cases, the processing time for an inspection request is around one month. Inspection requests are free of charge if they are not unfounded or unreasonable. The controller may charge a reasonable fee for providing access to data if the data subject exercises their right of inspection more than once a year.
Requests for inspection must be addressed to the person responsible for register matters, see the contact details above.
13. Right to request the rectification of data
The data subject has the right to request the rectification or erasure of inaccurate, unnecessary, incomplete or outdated personal data, by contacting the controller. A written and signed request for rectification must be sent to the person responsible for register matters. A rectification request can also be presented in person to the controller. If the controller does not accept the data subject's request for rectification, the controller must provide a written certificate on the matter. The certificate must state the reasons for refusing the request. The data subject may refer the matter for consideration by the Data Protection Ombudsman.
Requests for rectification shall be addressed to the person responsible for register matters, see the contact details above.
Personal data will be erased in accordance with applicable law when there is no longer a basis for the processing of such data. A check for unnecessary personal data is performed every two years. Customer data can be deleted when the customer account and related mutual obligations have ended.
14. Other rights related to the processing of personal data
The data subject has the right, by contacting the controller, to prohibit the processing and disclosure of data, concerning the data subject, collected for the purposes of direct advertising, distance selling, other direct marketing, and market and opinion surveys.
In addition, the data subject has the right, under data protection regulations, to the erasure, and to restrict the processing of, their personal data, to transfer personal data from one system to another, and to object to the processing of their personal data. The data subject also has the right to lodge a complaint with the supervisory authority, i.e. the Data Protection Ombudsman.
If the processing of personal data is based on the data subject's consent, the data subject may withdraw their consent at any time by contacting the person responsible for register matters (see above for the contact details). After consent is withdrawn, processing of personal data based on consent will be ended.
Page details updated on 2 January 2023.