We/Us/Our/sweetown means www.sweetown.fi, owned and operated by sweetown Corporate Services.
You/Your/Yourself means the User of the Website
You might be reading this Policy either because You are a visitor to Our Website or because You have been directed to the said Policy by our employees.
Kindly be informed that we will treat your personal data in strict confidence and in accordance with the requirements of the provisions of the General Data Protection Regulation (GDPR) on the protection of natural persons with regard to the processing of personal data on the free movement of such data which regulation has become effective from the 25th of May 2018 and which repealed Directive 95/46/EC.
As already mentioned, personal data related to any information that identifies You as an individual or else that relates to an identifiable individual. sweetown collects personal data through various ways, such as the following:
When We collect personal data from third parties, We shall inform You about the source of such personal data as well as the categories of personal data We collect and process. The latter information shall not be provided to You if We are specifically prohibited from disclosing such activity from the law itself.
It is very important to understand what data is specifically collected and more importantly which categories of personal data. sweetown requires to receive Your contact details such as Your name, surname and email address when you contact Us through the Contact Form found on Our website in order to reply back to Your message.sweetown shall also collect personal data when You fill in Our Order Form on Our website. Indeed, We would collect Your contact details such as Your name, surname, email address, mailing address and phone number; Your billing information such as Your credit card data and billing address; and information about Your business such as Your company name, registered address and the business type. Kindly be aware that We may collect the personal data on third parties when You list down on Our Order Form the names of the shareholders of a company should these be natural persons and of the beneficiaries as well. This information is collected in order to process and register Your order for certain products or services.
We will collect supporting documents such as copies of identity documents, proof of domicile, or client data forms you may fill in and return to us, from which we will extract identification information such as your date of birth, your ID document number, your citizenship or your current domicile address.
We would also collect personal data automatically through the Website itself. The Order Form found on Our website would record the information pertaining to Your browsing session as well as Your IP address and the time of Your ordering. This is better explained within our Cookies Policy which is found further hereunder.
When You provide Us with personal data in relation to another person rather than Yourself, We would be of the understanding that You have the necessary authority from the said person to provide Us with his/her personal data.
As part of Our website, You have the opportunity to subscribe to Our newsletter . In order to subscribe to Our newsletter, You shall provide Us with Your name and email address so as to send You non-transactional, promotional emails from time to time. If You displayed interest in sweetown’s services and have submitted Your name and email address to sweetown, You may also be eligible to non-transactional, promotional emails. You can unsubscribe from this service whenever You want by clicking the ‘unsubscribe’ button found in these emails.
We shall do Our best efforts to keep the data on Yourself as accurate and up to data as possible.
It is very important to understand that We do not request any personal data with respect to Your person other than that which We need in order to satisfy legal requirements and assist You in Your needs or that data which You choose to provide Us Yourself when You request Our services.
Apart from the data collected to be able to provide You with the service requested, We would also collect data that is legally required from Us to collect and to keep for a certain period of time as well as any data that We think is in Our legitimate interests to ask for.
Contact Details in relation to Yourself are collected to open a record on Yourself in Our system and the data is processed on the basis of Our legitimate interest (our interest is that to have accurate data on Yourself) as well as a contractual or technical necessity. Contact Details as well as communication data are also processed in order to manage our business relationship with You. Contact Details and due diligence data (including any document You may supply permitting i) to identify You, ii) to establish Your domicile address, iii) to establish Your source of funds, of wealth, Your economical background, iv) to ascertain a fact that must be ascertained in order to know You or comply with AML provisions in general) are also processed for the specific requirements that emanate from the anti-money laundering laws. Thus, in the latter case, data is being collected and processed in order for Us to be compliant with a legal obligation.
IP addresses are collected in order to monitor the usage and traffic on Our Website, and this would be based on a legitimate interest of Ours to do so.
The purpose for which We collect Your data is varied which include the following:
Hence, as You can notice, data would be processed to fulfil an obligation that We have with You.
Kindly note that if data shall be processed for a new purpose other than the here above mentioned, We shall immediately inform You.
We will not use the information provided for any other commercial purpose other than the one You requested.
It is also important to highlight that if certain data is not provided to Us, then We are unable to provide You with the service You require.
When sweetown would need to process certain personal data and is unable to find any legal ground for the said processing, We shall request Your consent before We proceed with the processing of the data. We shall never assume that We have Your consent. In this respect, We shall obtain Your consent in a clear and affirmative manner and We shall request Your specific consent in an unambiguously manner. You shall have the right to withdraw Your consent any time You want and the withdrawal shall occur in the same manner the consent has been given.
When You decide to withdraw Your consent, We can at that point in time, still continue to process Your data if We determine another legal ground to process the data apart from Your consent. Should We identify another legal basis, You shall be informed without undue delay of the said ground as well as of the fact that Your data shall not be processed any more solely on Your consent.
Kindly be aware that sweetown may intercept some mail and e-mails addressed to individuals within the company. This is so, in order for sweetown to protect its employees. Indeed, We might intercept mail in order to detect and prevent any crime, to identify the correct recipients or to make sure mail is dealt with whilst staff is away from the office, or after a resignation of a staff member. In the case of e-mails, We may reject, delay or remove content from e-mails which have a nature, content or attachments which may disrupt Our systems or because they may pose security issues such as viruses. We may also filter out e-mails which contain certain content on the basis that content is offensive or the e-mail is unwanted or considered spam. In certain circumstances this may unfortunately result in “innocent” e-mails being affected but we do try and reduce such occurrences.
Most e-mail messages sent from sweetown have been automatically scanned for viruses and as such should be free from any virus, malicious code, script or other executable attachment. However, the accuracy of scanning products is not guaranteed. The recipient(s) should therefore carry out any checks that they deem to be appropriate in this respect. We cannot be held responsible for loss of or damage to data or other damages, resulting from such actions out of Our control, howsoever incurred. All e-mail messages from Us are sent in good faith. We cannot be held responsible for any modification that happens by any virus, or other third party after they have been sent. All messages are intended for the recipient only. If You are not the intended recipient specifically identified as the addressee on the email then You should delete the message and all its attachments and You are prohibited from using, reading, disclosing to any person or otherwise acting on the information contained in it and/or its contents in any way and should also notify Us as soon as possible of this fact.
Also, it is important to understand that data that is sent through electronic means such as the Internet, could be transmitted across international borders even where the sender and the receiver are located in the same country. sweetown shall not accept any responsibility or liability for the security of Your data whilst in transit through the internet. The transfer of data from You to Us can take place through other mediums, such as Dropbox or Skype, which run on the internet.
We do not pass on Your details collected from You as a visitor to any third party unless you give us your consent to do so, or in the instances indicated below.
Also, as a default rule, We shall only process data within the EU/EEA or any other non-EEA country which is considered by the European Commission to provide adequate level of protection. If for any reason whatsoever, data is transferred to countries which are not listed by the European Commission to have adequate level of protection, We would put in place additional adequate measures apart from all the appropriate safeguards that We would implement in accordance with the GDPR.
Personal data shall be shared with adequate and authorised personnel of sweetown and with any of Our service providers who would facilitate the usage of the Website whereby they would assist Us with Our business activities such as the processing of Your order or payment, the registration of Your business or any customer service. Personal data would only be shared in order for Us to provide You with the requested service or else because We have a lawful reason to share the data which does not necessarily require Your consent.
All the said disclosures shall occur in accordance with the GDPR and as provided by the Regulation, Our relationship with Our processors shall be a contractual one whereby both parties agree to abide by the obligations found in the GDPR such as the obligation of confidentiality on all the personnel of the processor.
Currently, We share Your data with Our IT service providers which maintain and support Our IT system and Website. Nevertheless, it is important to understand that such sharing of data shall be restricted and under Our control. We would also share data with public authorities if there is a legal obligation to do so.
We use reasonable efforts to safeguard the confidentiality of all personal data that we process relating to You and regularly review and enhance our technical, physical and managerial procedures so as to ensure that Your personal data is protected from unauthorised access, improper use or disclosure, unauthorised modification, and unlawful destruction or accidental loss.
In this respect, kindly be informed that We have implemented security policies, rules as well as technical measures to protect the personal data that We have under Our control. All Our employees and data processors, who have access to and are associated with the processing of personal data, are further obliged to respect the confidentiality of Our visitors’ personal data. Nevertheless, kindly be aware that by its very nature, the Internet is not a secure medium and data sent via this medium can potentially be subject to unauthorised acts by third parties. Indeed, We cannot guarantee the privacy or confidentiality of any information passing over Our Website. As explained earlier on, We shall accept no responsibility or liability whatsoever for the security of Your data while in transit through the Internet.
Authorised third parties or else Our service providers, are required by the GDPR itself to apply appropriate technical and organisational security measures in order to protect the data they shall have access to from Us.
When You enter sensitive information (such as credit card, bank account or proprietary business information) on Our order forms, We encrypt the transmission of that information using secure socket layer technology (SSL) as a security measure.
We shall take into consideration the purpose for which the data shall be obtained in order to understand for how long we can retain Your personal data. Data shall only be retained for as long as it is necessary. In order to come to define the latter, We shall look at the data We have collected on Yourself as well as the relationship We have with You.
In order to determine the actual retention period, we shall look to see whether there is any law that puts an obligation on Us to retain certain data for a certain period of time. In this case, We would keep the data for as long as that specific law says as there is a legal obligation on Us to do so.
Consequently we shall ascertain whether there is any law that could be invoked by You against Us after Our professional relationship with You ends. In this case, We would look at the prescriptive period during which You could bring an action against Us and We shall keep that data for all the time We deem it is necessary so that We could defend Ourselves against any claims or actions by You or any other third party.
When Your data is no longer needed, We shall proceed to delete it or else We shall anonymise it in order to not be able to link the data with an identifiable person.
Our Website also uses a technology called “cookies.” A “cookie” is a temporary storage file, which may be created by Your computer and which can be stored on Your system. Cookies enable us to collect information about how our Website and services are being used and to manage them more efficiently. These cookies are created for each session when You visit our website.
The information so gathered through cookies may include:
Kindly note that You may reject all or certain cookies that are used by our Website and You may also modify Your Web browser preferences to do so. Nevertheless, kindly note that if You reject all cookies, then You might be unable to use some of the services available on our Website. Moreover, kindly note that You may set Your browser in a certain way in order to be notified when You receive a cookie so that You have the option to choose whether to accept the cookie or not. In this regard, You should note that if You do so, this may materially distort the quality of service and data You receive. Thus, You would be doing this at Your own risk.
If the product You are using has digital certificates/certificate signatures then Your name and related details may be displayed as part of any certificate issued to You. It will be seen by those to whom Your certificate or signature is presented or who rely on it. Your details may also need to be entered into a related status directory of certificates issued.
Apart from cookies, other technologies that are used are beacons, tags and scripts which are used by sweetown as well as Our partners such as marketing partners, sweetown affiliates, analytics or service providers like Our website-based chat service provider. These technologies are used in analysing trends, administering the site, tracking user’s movements around the site and also to gather demographic information about Our user base as a whole. We may receive reports based on the use of these technologies by these companies on an individual as well as aggregated basis. You may obtain additional general information about cookies by visiting websites such as www.allaboutcookies.org.
Some features on the website are also using third party cookies that are not under sweetown’s control but are related to, among other, Google, IBM Silverpop, Chatcomm100, Bing, Visual Web Optimizer, Cloudflare. You need to specifically reject third party cookies through your browser cookies settings if You do not want to receive third party cookies. If you reject third party cookies, Your ability to use the related features may also be limited.
Log Files - As is true of most web sites, We (sweetown and technical partners) gather certain information automatically and store it in log files. This information may include internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and/or clickstream data.
We may combine this automatically collected log information with other information We collect about you. We do this to improve services We offer you, to improve marketing, analytics, or site functionality.
We partner with a third party to either display advertising on Our website or to manage Our advertising on other sites. Our third-party partner may use technologies such as cookies to gather information about Your activities on this site and other sites in order to provide You advertising based upon your browsing activities and interests. If You wish to not have this information used for the purpose of serving You interest-based ads, You may opt-out by clicking here.
Please note this does not opt You out of being served ads. You will continue to receive generic ads.
We may display personal testimonials of satisfied customers on our site in addition to other endorsements. These testimonials are pulled from a third-party service provider, which may ask for Your personal information, including Your name and email address, though we do not post the personally identifiable information to our site.
As a data subject, the individual on which We collect and process data, has certain rights that he/she can ask for. These rights are the following:
You have every right to request at any time whether We are processing any data in relation to Yourself and You can request Us to provide You with what data We have on You, why We process it, with whom We disclose that information, the retention period of that data, where We got the data, what are Your rights, how can You file a complaint, if We transfer Your data abroad and if We carry out automated decision-making. We shall accede to Your request within a months’ time which can be extended to two months if it is impossible for Us to accede to Your request in one month.
You can ask Us to restrict the processing of Your data when the processing is unlawful, when We no longer need Your data for the purposes for which it is collected and when the accuracy of the data is questioned. Once We are in receipt of Your request to restrict Our processing of Your data, We can only process the data if We have Your consent, for the exercise or defence of legal claims, for the protection of the rights of another individual or for any reason in relation to public interest.
You have the right to request Us to rectify/amend any data that We may have on Yourself.
You have also the right to request Us to delete Your data. We shall only accede to this request, if the data is no longer necessary for the purposes for which it has been collected, consent has been withdrawn as well as processing of data was unlawfully. We shall not accede to Your request if We have a legal obligation to retain the data or else for the exercise of any legal claims.
You can ask Us to provide You on a commonly used machine readable format a copy of Your data in order to have that data transferred to another data controller. This shall only occur when the processing of data is based on consent or on the performance of a contract or else it is carried out by automated means.
You shall have the right to object to processing of Your personal data when We are performing a task in the public interest or pursuing our legitimate interests or those of a third party. When We receive an objection from You, the processing of data shall cease unless We can provide You with legal grounds that can let Us continue to process Your data even if You filed an objection to it. When We process data either on the performance of a contract, on the basis of a legal obligation or on the basis to protect Your interests, than this right cannot be used by Yourself.
You can file a complaint with the Supervisory Authority. We suggest to first try and contact Us before the complaint is filed.
You have the right to request to Us any of the above rights to which We shall reply within one month. However, before We proceed to look at Your request, We would need to verify Your identity. We can refuse any of Your requests if We have a legal obligation that allows us to do so, such as when You request to delete Your data and We are obliged by a legal obligation to keep that data as explained in more detail here above in the retention period section. Kindly note that when requests are considered to be manifestly unfounded or excessive, in particular because of their repetitive character, We may either charge a reasonable fee taking into account the administrative costs of providing the information or communication or taking the action requested or else refuse to act on the request. Your requests should be directed to Our Customer Support which can be contacted at firstname.lastname@example.org.