Latest update 7.9.2023
This is the privacy notice for Penan panimo Oy (naïlo brewing co.) (later “we”, “us” or “our”) in accordance with Personal Data Law (10 and 24 §) and EU General Data Protection Regulation (GDPR). It will help you understand how and why we might collect, store, use, and/or share (“process”) your information when you use our services (“Services”), such as when you:
- Visit our website at https://www.nailobrewing.fi, or any other website of ours that links to this privacy notice
- Engage with us in other related way (sales, marketing etc.)
If you have any questions or concerns regarding our policies, please contact us at info@nailobrewing.fi.
1. registry holder
Penan panimo Oy
Asemakatu 41 as. 5
90100 Oulu
Y-tunnus: 3181050-8
2. What information do we collect?
personal information provided by you
We collect personal information that you voluntarily provide to us when you participate in activities on the Services, or when you contact us. The personal information we collect may include the following:
- names
- phone numbers
- email addresses
- billing addresses
- payment data necessary to process your payment if you make purchases
- contact data
We do not process sensitive information. All payment data is stored by Visma pay (link to their privacy statement: https://www.visma.com/privacy-statement/international)
information automatically collected
We automatically collect information when you visit, use, or navigate the Services. Automatically collected information does not reveal your specific identity (like your name or contact information) but may include device and usage information (IP address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country, location, information about how and when you use our Services, and other technical information). This information primarily serves the purpose of maintaining the operation and security of our Services.
3. How do we process your information?
We process your personal information depending on how you interact with our Services. This includes the following reasons:
- fulfilling and managing your orders
- managing customer communication
- developing and maintaining our Services
- improving customer experience
- protecting our Services and ensuring security of Services
- analytics and statistics
4. when and with whom do we share your personal information?
Our register is accessible to our employees only. The registers user can only see as much information that is necessary to conduct the specific work assignments.
Information is transferred to third parties only when necessary, including e.g. processing online store orders, analytics and marketing. We solely use trusted services. Third party receive strictly only the necessary information needed to provide their service. Service providers do not have the right to use data other than providing their service. Data is transferred to following third parties:
- payment service provider, when paying with payment card
- analytics and statistics partners
- marketing automation software partner, when a customer has subscribed to our sales newsletter
links to marketing and payment services data processing privacy policies
5. How Long do we retain your information?
We only keep your personal information for as long as it is necessary to fulfil the purposes outlined in this privacy notice unless otherwise required by law (such as tax, accounting, or other legal requirements). When we have no ongoing legitimate business need to process your personal information, we will make sure to either delete, anonymize or securely store such information and isolate it from any further processing until deletion is possible.
We store your personal data within the European Economic Area (EEA). We do not transfer any data outside the EEA.
6. How do we keep your information safe?
We have implemented appropriate and reasonable technical and organizational security measures designed to protect the security of any personal information we process (such as firewalls, two-phased logins, secure facilities and systems protected with restricted access rights). However, despite our safeguards and efforts to secure your information, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure, so we cannot promise or guarantee that hackers, cybercriminals, or other unauthorized third parties will not be able to defeat our security and improperly collect, access, steal, or modify your information. Although we will do our best to protect your personal information, transmission of personal information to and from our Services is at your own rick. You should only access the Services within a secure environment.
7. what are your privacy rights?
In EEA, you have certain rights under applicable data protection laws. These may include the right (i) to request access and obtain a copy of your personal information, (ii) to request rectification or erasure; (iii) to restrict the processing of your personal information; (vi) is applicable, to data portability; and (vii) not to be subject to automated decision-making. In certain circumstances, you may also have the right to object to the processing of your personal information. You can make such request by contacting us at info@nailobrewing.fi.
We will consider and act upon any request in accordance with applicable data protection laws.
8. do we use Cookies and other tracking technologies?
We may use cookies and similar tracking technologies (like web beacons and pixels) to access or store information. Specific information about how we use such technologies and how you can refuse certain cookies is set out in our Cookie Notice.
9. The right to change our privacy policy
Due to possible legislative changes or updates in our services, we have the right to change our Privacy Policy when needed. Any changes we may make to this Privacy Policy in the future will be posted on this page and, where appropriate, notified to you by e-mail.