Register and privacy policy of Mukamas Learning Design Oy in accordance with the EU General Data Protection Regulation (GDPR)

1. Name of the register

Customer register of Mukamas Learning Design Oy

2. The controller

Name: Mukamas Learning Design Oy
Address: Yliopistonkatu 36, 40100 Jyväskylä, Finland
Phone: +358 405050216

3. Person in charge of the register

Name: Vilma Mutka
Address: Autiosuontie 28, 41160 Tikkakoski, Finland
Phone: +358 405050216

4. Purpose of processing personal data/Purpose of the register

The purpose of the register is to maintain the customer register of Mukamas Learning Design Oy and to manage customer relations. Customer data is collected and processed with the customer’s consent (see data sources) or for implementing a service contract drawn up with the customer. The data in the register may be used for information purposes (a monthly newsletter), billing, producing targeted content for our online channels, sales, marketing, and business development as well as for statistical purposes without disclosing the customer’s information. Personal data is processed within limits permitted and required by the Personal Data Act (Henkilötietolaki). The data is stored for as long as it is needed to provide service to the customer or to develop customer service and further marketing or until a person requests the deletion of their data from the register.

5. Data content of the register

The register may contain the following information about the customer/partner:

  • Contact information (name, organisation, occupation/title, address, phone number, e-mail address and, if necessary, billing information
  • Participation/interest in events, services, and downloadable materials
  • Information needed for managing customer relationship

6. Data sources for the register

The data stored in the customer register is obtained by downloading and messages sent via online forms (Gravity Forms, Hubspot) on the Mukamas Learning Design Oy website. Data is also received through personal contact, such as customer meetings, communication during the provision of services, and other means of communication (e-mails, phone calls, social media messages) where the person provides their data to Mukamas.

The website also tracks cookies, which the online visitor can choose to accept or reject. Cookies enable the identification of frequent visitors who go to the site and the compilation of aggregated information about visitors. For more details on the cookie statement, please see the pop-up window on additional information asking you to accept cookies. The site uses Google Analytics to provide general demographic information about its visitors. This information cannot be linked to individual users.

7. Data transmission and transfer

The data stored in the register is not disclosed to any party outside the company, nor outside the EU or the EEA. Individual data may be disclosed to a person outside the company only with the customer’s permission and solely for customer relationship management purposes. The use of the register requires access to an internal system, which is only available to Mukamas Learning Design Oy and those persons providing the company’s services. The controller may disclose data of those who have registered for training to the co-organiser of this training, however only to the extent required for the organisation of said training.

8. Principles of register protection

The digital register is stored in a system protected by a password and username. Mukamas Learning Design Oy and the system provider take every measure to ensure the security of the data in the register. Access to the data is limited to persons employed by the controller who require it in order to perform their duties and provide services.

9. Right of review

Every person entered in the register has the right to review their stored data and request the correction or deletion of any incorrect or outdated data or the transfer of data from one system to another. Contact concerning the right of review must be submitted in writing to the register controller. The controller shall, without delay, inform the registered party of the actions taken within one month of receiving the request.

Last updated: 26 January 2022