top of page

PRIVACY POLICY

1. DATA CONTROLLER 

 

Olga Sidorova / Urheiluhieroja Olga Sidorova

 

Contact Information: 

Marinkatu 24 L, 00170 HELSINKI

Y-tunnus 2783188-3

Contact Information for Matters Concerning the Registry:

Olga Sidorova / Urheiluhieroja Olga Sidorova 

+358442301543

olgapatia23@gmail.com

2. PURPOSE OF PROCESSING PERSONAL DATA

 

The personal data of the data subject will be used for the following purposes

  • Assessment, implementation and monitoring of treatment relationships

  • Customer service

  • Maintenance, management and development of customer relations

  • Management of orders and assignments

  • Invoicing

  • Communications

  • Delivery of orders

  • Notification of available treatment slots or vacancies in courses, lectures or courses

  • Service and product development

  • Marketing purposes

  • Track and analyse website visits

  • Fulfilling legal obligations and risk management

  • Monitoring for abuse

Sharing and Processing of Customer Information:

Personal data is not shared with third parties for direct marketing purposes, opinion polls, market research, or similar surveys.

However, customer data is processed in third-party applications, including the Wix online calendar  and the SumUp card payment program. In addition, some customer information is stored in third-party cloud services.

Due to the technical implementation of data processing, some data may physically reside on servers operated by subcontractors of Urheiluhieroja Olga Sidorova, where they are processed through technical connections. Data is not transferred outside the European Union or the European Economic Area unless necessary for the technical implementation of the service. Only Urheiluhieroja Olga Sidorova has access to and can modify the complete customer registry. However, Urheiluhieroja Olga Sidorova may outsource the processing of personal data to service providers or subcontractors in accordance with this privacy policy. We ensure through sufficient contractual obligations that personal data is processed appropriately and lawfully. We provide subcontractors with only the information that is essential for their work.

The following parties are involved in the processing of personal data:

 

  • Wix online booking system

  • SumUp: card payment system

Urheiluhieroja Olga Sidorova acts as the data controller for the information stored in the billing service and ensures that the privacy of registered individuals is protected and that the processing of personal data complies with the General Data Protection Regulation (EU) 2016/679 and other applicable data protection legislation and good data processing practices. Personal data may be disclosed to authorities in situations mandated and justified by legislation, emergencies, or other situations to protect human life and health, property, or if Urheiluhieroja Olga Sidorova is involved in legal proceedings or other dispute resolution proceedings.

Information Contained in the Registry:

When visiting the Urheiluhieroja Olga Sidorova website, contacting Urheiuhieroja Olga Sidorova, booking treatment services, education, lectures from the online calendar, individuals' information is stored in various ways depending on the nature of the customer relationship. We only store essential information about our customers that affect communication, billing, and actual teaching.

The following information is processed in the customer register:

  • Person's name: for the identification and billing of the person receiving treatment or instruction, for the identification of gift cards

  • Person's contact information: for billing and communication purposes

  • Person's year of birth: We request information about the customer's age for therapeutic reasons, as age affects treatment planning and approach. Minors must also have parental consent for treatment or instruction.

  • Person's treatment session tracking: Each treatment is separately documented with a situation overview, treatment event, and any home instructions.

  • Person's guardian: Requested for minor clients. Communication primarily occurs with the guardian unless otherwise agreed.

  • Person's occupation: This information is requested for treatment and instruction planning. Occupation is related to health issues, and the health challenges associated with the occupation are taken into account in treatment. This information is only known to the therapist.

  • Order and billing information, which serves as evidence for accounting purposes.

  • Records of treatment and class times serve as evidence that we have upheld our part of the agreement. Maintaining these records is essential in situations where there is uncertainty about whether the client has attended treatment or classes and how payment transactions have occurred.

  • Initial inquiries provide basic customer information used to plan treatment and instruction. The initial inquiry includes questions about general health status, basic illnesses, the primary reason for seeking treatment, as well as personal wishes and goals. Initial inquiry responses are only known to the therapist.

  • Feedback survey responses (for education and lecturing) are used to further improve our operations. Responses to feedback surveys may also be used for marketing purposes if the customer has explicitly consented to this in their feedback. Additionally, respondents to feedback surveys can participate in a free treatment raffle if they indicate their consent in the feedback.

  • Email correspondence is retained to provide written evidence of agreements.

  • Authentication and usage data: This data is automatically stored by our service providers in systems such as the online calendar, payment terminal system, and invoicing program.

Data Protection

Urheiluhieroja Olga Sidorova handles personal data in a manner aimed at ensuring the appropriate security of personal information. We employ appropriate technical and organizational measures to secure this, including firewalls, encryption techniques, the use of secure device premises, proper access control, and access management, as well as instructing personnel and subcontractors involved in processing personal data. We ensure that access to registry data is only granted to individuals and entities who have a genuine need or legal right to process personal data as part of their duties. All personnel processing personal data are bound by confidentiality obligations under employment laws or agreements regarding the processing of registered personal data.

Data Retention Period

Urheiluhieroja Olga Sidorova retains personal data for as long as necessary to fulfill the purposes defined in the privacy statement, unless legislation requires the retention of personal data for longer periods, or unless the company needs the data for preparing, presenting, or defending against legal claims or resolving similar dispute situations. Personal data is stored and processed for the duration of the customer and contractual relationship and for the time specified in the table below after the termination of the customer and contractual relationship.

  • Records related to Urheiluhieroja Olga Sidorova's accounting are kept for 6 years.

  • Name, personal identification number, address, phone number, email address are kept for 3 years.

  • Patient records are kept for 12 years from the patient's death or, if this information is not available, for 120 years from the patient's birth.

  • Order, work, contract, and payment information, as well as possible information about the work object, are kept for 3 years.

Data Destruction

Urheiluhieroja Olga Sidorova ensures that unnecessary or obsolete customer data is destroyed properly to prevent the data from falling into the wrong hands. Right to Inspection and Deletion The data subject has the right (Section 26 of the Personal Data Act) to receive confirmation of whether their personal data is being processed, to see the information concerning themselves, and to request the information in writing or electronically or transferred to another data controller upon request.

3. DATA SUBJECT'S RIGHTS  

  • The data subject has the right to request the deletion of their data, demand the correction of incorrect or inaccurate information, object to the use of data for certain processing purposes, and, in accordance with data protection legislation requirements, request the restriction of the processing of personal data. The data subject has the right to refuse the transfer and processing of their data for direct marketing purposes. If the processing of personal data is based on the data subject's explicit consent, the data subject has the right to withdraw the consent they have given for the processing of their data. Withdrawal of consent does not affect processing performed prior to the withdrawal.

  • The data subject has the right to lodge a complaint with the data protection authority (www.tietosuoja.fi) if the data subject believes that their personal data has been processed in violation of applicable legislation.

Requests for inspection, modification, or deletion can be made in the following alternative ways:


1) By email to olgapatia23 (at) gmail.com. To verify identity, inspection requests must be made from the same email address that the customer is registered with. Alternatively, identity must be verified by other means.
2) By pre-arranged visit to Urheiluhieroja Olga Sidorova's reception or office. In this case, the data subject must present their own identification during the visit.

Contact Information:

Olga Sidorova / Urheiluhieroja Olga Sidorova, Marinkatu 24 L, 00170 HELSINKI,  e-mail: olgapatia23(at)gmail.com

CHECK THE LINK >

4. WHEN YOU WANT TO DELETE YOUR INFORMATON

You have the right in certain situations to request the data controller to delete the information about you.

CHECK THE LINK >

 

For the contact information of the Data Protection Ombudsman, please visit:  www.tietosuoja.fi/fi/index/yhteystiedot.html

STORAGE AND USE OF PERSONAL DATA

Our company's website is built on the Wix.com platform. Wix.com provides us with a web-based platform through which we can sell products and services. Your information may be stored in Wix.com's data storage, databases, and Wix.com's general applications. They store your data on secure servers behind a firewall. All direct payment gateways offered by Wix.com, and used by our company, adhere to PCI-DSS standards as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express, and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.

Read more >

bottom of page