Privacy Act 1998 (Commonwealth of Australia),
Description of Data File
Personal Data Act (523/99) 10 §
1. Data Controller
Phone: +358-9-758 71
Marimekko Australia Pty Limited
2A Kipling St, Richmond 3121 Victoria, AUSTRALIA
Where this policy applies to Australian consumers, capitalised words defined in the Privacy Act 1988 apply to this policy.
2. The contact person for matters relating to the register
Email at the following email address: firstname.lastname@example.org
3. Name of the register
Marimekko’s customer register.
4. Group of data subject
We collect Personal Information from Persons signed-up for the Marimekko loyal customer program and customers of Marimekko’s web shop “Customer”
5. The purpose of processing Personal Information
Under the Privacy Act 1998 (Cth), “Personal Information” is defined to mean information or an opinion (including information or an opinion forming part of a database), whether true or not, and whether recorded in a material form or not, about an individual whose identity is apparent, or can reasonably be ascertained, from the information or opinion.
Personal Information stored in the register is used for managing the relationships with customers, facilitating transactions and payments, and for managing, developing and analyzing the Data Controller’s customer service, - as well as to direct marketing at special customer groups, and other business activities related to any of these activities
- Personal Information collected may be used for marketing purposes pursuant to applicable laws, such as the Privacy Act 1998 (Cth), and the Finnish Personal Data Act.
Providing it is lawful and practical, Marimekko will give you the option of not identifying yourself, using a pseudonym, or not providing Personal Information when you enter into a transaction or deal with Marimekko.
6. Content of the register
Information included in the following data groups may be processed in the register:
Basic data, such as: Name; date of birth; gender; e-mail addresses; telephone numbers; mailing addresses; profession and household size.
Information related to the customer or co-operation relationship: Identification data related to the use of Marimekko’s services (loyal customer number); date of becoming a loyal customer; as well as direct marketing permissions and prohibitions.
Data related to offers and purchases as well as other communication, such as: Benefits, services and campaigns directed at and offered to the data subject and the use thereof; other communication and measures related to the customer or co-operation relationship as well as purchases made in Marimekko’s stores, dates of the purchases and products purchased (number and price of the products purchased and the total sum of purchases).
For the purposes of the Privacy Act 1998 (Cth), it is not common for Marimekko to collect or hold Sensitive Information (as defined in the Privacy Act 1998 (Cth)), except for when the Customer voluntarily provides such Sensitive Information to Marimekko.
7. Regular sources of information
- Most of the information is collected from the Customer themselves at the beginning of and during the customer or co-operation relationship.
- Updates to the Personal Information may be received from authorities, organizations, companies offering updating services, public directories and other public sources of information.
8. Regular destinations of disclosed data and the transfer of data to countries inside and outside of Australia and the European Union or the European Economic Area
Marimekko may disclose Personal Information within the limitations imposed by effective legislation as follows:
- On the basis of a Customer’s consent;
- On the basis of a claim based on mandatory legislation.
Disclosures and transfers inside and outside of Australian and the EU / EEA countries:
For technical reasons and practical reasons relating to usage, data may be stored on servers of third-party service providers used by Marimekko, or such third-party service providers may process data on behalf of Marimekko. The states, territories or countries to which Marimekko knows Personal Information may be sent include state, territories or countries where Marimekko websites and supporting databases are hosted.
The data transfers are carried out in compliance with applicable law including, where relevant, Privacy Act 1998 (Cth), the Finnish Personal Data Act (523/1999, as amended) and the Directive of the European Parliament and of the Council on Data Protection (95/46/EC).
9. Rights of the Customer
Data subjects may use their above rights by contacting Marimekko at the email addresses stated in the beginning of this description of file.
You may request that we correct any information we hold.
You may complain about a breach of any Australia Privacy Principle that binds us by using the contact form on our website or at the address above.
10. The principles in accordance to which the data file and/or Personal Information has been secured.
Tangible material (paper registration forms) is disposed after the data and/or Personal Information has been saved into the register. Before the disposal, the material will be saved in a locked space. Use of the register within the Data Controller’s organisation has been instructed, and access to the personal data and/or Personal Information file is restricted so that access to the information stored in the system and contained in the register and the right to use that information is only vested in those employees of the Data Controller who have such right on the basis of their work assignments. The data processing system is protected by data protection software for the operating system. Access to the system requires that each user of the register enters a user ID and password.