Privacy statement

Sign up – Receive 10% off

Become a member and receive a discount code to your email!

Privacy policy
Privacy Act 1998 (Commonwealth of Australia),
and
Description of Data File
Personal Data Act (523/99) 10 §


1. Data Controller

Marimekko Corporation
Puusepänkatu 4
00880 Helsinki
FINLAND
Phone: +358-9-758 71


For Australia:
Marimekko Australia Pty Limited
Level 1, 46-54 Foster Street 2010 Surry Hills, AUSTRALIA
Collectively “Marimekko”
Where this policy applies to Australian consumers, capitalised words defined in the Privacy Act 1988 apply to this policy.

2. The contact person for matters relating to the register

Paul Alvarez
Email at the following email address: paul.alvarez@marimekko.com

3. Name of the register

Marimekko’s customer register.

4.  Group of data subject

We collect Personal Information from Persons signed-up for the Marimekko loyal customer program and customers of Marimekko’s web shop “Customer”


5. The purpose of processing Personal Information

Marimekko respects your privacy.  So that Customers may understand how we deal with Customer’s Personal Information, we have set out how and why Marimekko collects, holds, uses, manages and discloses Personal Information in this Privacy Policy. You may print a copy of this Privacy Policy.
Customer consents to Marimekko using any Personal Information that Marimekko collects for any one of the purposes in this Privacy Policy for any of the purposes in this Privacy Policy, including for direct marketing.
Under the Privacy Act 1998 (Cth), “Personal Information” is defined to mean information or an opinion (including information or an opinion forming part of a database), whether true or not, and whether recorded in a material form or not, about an individual whose identity is apparent, or can reasonably be ascertained, from the information or opinion.
Personal Information stored in the register is used for managing the relationships with customers, facilitating transactions and payments, and for managing, developing and analyzing the Data Controller’s customer service, - as well as to direct marketing at special customer groups, and other business activities related to any of these activities
- Personal Information collected may be used for marketing purposes pursuant to applicable laws, such as the Privacy Act 1998 (Cth), and the Finnish Personal Data Act.
Providing it is lawful and practical, Marimekko will give you the option of not identifying yourself, using a pseudonym, or not providing Personal Information when you enter into a transaction or deal with Marimekko.
 

6. Content of the register

Information included in the following data groups may be processed in the register:
Basic data, such as: Name; date of birth; gender; e-mail addresses; telephone numbers; mailing addresses; profession and household size.
Information related to the customer or co-operation relationship: Identification data related to the use of Marimekko’s services (loyal customer number); date of becoming a loyal customer; as well as direct marketing permissions and prohibitions.
Data related to offers and purchases as well as other communication, such as: Benefits, services and campaigns directed at and offered to the data subject and the use thereof; other communication and measures related to the customer or co-operation relationship as well as purchases made in Marimekko’s stores, dates of the purchases and products purchased (number and price of the products purchased and the total sum of purchases).
For the purposes of the Privacy Act 1998 (Cth), it is not common for Marimekko to collect or hold Sensitive Information (as defined in the Privacy Act 1998 (Cth)), except for when the Customer voluntarily provides such Sensitive Information to Marimekko.

7. Regular sources of information

- Most of the information is collected from the Customer themselves at the beginning of and during the customer or co-operation relationship.
- Updates to the Personal Information may be received from authorities, organizations, companies offering updating services, public directories and other public sources of information.

8.  Regular destinations of disclosed data and the transfer of data to countries inside and outside of Australia and the European Union or the European Economic Area

Marimekko may disclose Personal Information within the limitations imposed by effective legislation as follows:
- On the basis of a Customer’s consent;
- To companies belonging to the Marimekko group, including trading entities, related and affiliated companies, and to authorized third parties to the extent they participate in the realization of the purposes of use stated in this description of data file and Privacy Policy. Marimekko obliges said parties to keep confidential all Personal Information disclosed to them and to secure such Personal Information in an adequate manner; and
- On the basis of a claim based on mandatory legislation.
Disclosures and transfers inside and outside of Australian and the EU / EEA countries:
- Marimekko may transfer Personal Information inside and outside of Australia and the EU / EEA countries for the realization of the purposes stated in this description of file and Privacy Policy; and
- Marimekko shall disclose or transfer Personal Information outside of Australia and the EU / EEA countries only to such companies, with respect to which Marimekko has ensured an adequate level of data protection in accordance with this Privacy Policy by means of enforceable contractual agreements or otherwise as required by applicable law.
For technical reasons and practical reasons relating to usage, data may be stored on servers of third-party service providers used by Marimekko, or such third-party service providers may process data on behalf of Marimekko. The states, territories or countries to which Marimekko knows Personal Information may be sent include state, territories or countries where Marimekko websites and supporting databases are hosted.
The data transfers are carried out in compliance with applicable law including, where relevant, Privacy Act 1998 (Cth), the Finnish Personal Data Act (523/1999, as amended) and the Directive of the European Parliament and of the Council on Data Protection (95/46/EC).

9. Rights of the Customer

Customers are, within the limitations imposed by applicable law, entitled to a) request access to Personal Information Marimekko has collected of him/her; b) require that any incorrect, inaccurate, useless, incomplete, outdated, irrelevant or misleading or unnecessary Personal Information be corrected or removed; c) prohibit or withdraw consent to Marimekko from processing his/her Personal Information for the purposes of direct marketing, market research and opinion polls, or from providing his/her Personal Information to suppliers, or business associates for the purposes of direct marketing to the Customer d) complain about a breach of any Australian Privacy Principle or registered privacy code that binds Marimekko or this Privacy Policy.
Data subjects may use their above rights by contacting Marimekko at the email addresses stated in the beginning of this description of file.
You may request that we correct any information we hold.
You may complain about a breach of any Australia Privacy Principle that binds us by using the contact form on our website or at the address above.

10. The principles in accordance to which the data file and/or Personal Information has been secured.

Tangible material (paper registration forms) is disposed after the data and/or Personal Information has been saved into the register. Before the disposal, the material will be saved in a locked space. Use of the register within the Data Controller’s organisation has been instructed, and access to the personal data and/or Personal Information file is restricted so that access to the information stored in the system and contained in the register and the right to use that information is only vested in those employees of the Data Controller who have such right on the basis of their work assignments. The data processing system is protected by data protection software for the operating system. Access to the system requires that each user of the register enters a user ID and password.