Last updated 5/23/2018.
Nettiteeri Oy (3331525-2)
Viereläntie 4 A, 90630 Oulu
Contact person in matters concerning the register
Name of the register
Rauhanmusiikki customer and producer register
Purpose of the register
Customer and producer personal information is used in maintaining the customer relationship, to fulfill the rights and obligations of the registrar and to analyze, plan and develop the business. Users and their actions are collected to a statistic where direct identification of the user is not possible. This data is collected and analyzed with a tool provided by a third party. Detailed personal information is not given to third parties for their own use.
- Customer's or producer's name
- Email address
- Crypted password
- IP address
- Partial credit card number (e.g. 492057******1234)
- Credit card validity time
- Credit card issuer name
- Order details and history
- Gift card details: name, amount, code and dates
- Track-specific listening statistics
- PDF note purchases
- Date the information was created
- Date the information was modified
- Homepage address
- IBAN bank account number
- Payment reference number
- Producer payment details: sum, date and status
- Album details: name, images and description
Paytrail collects the IP address, payment method and payment date in connection with the payment transaction.
User inputs the information when registering into the service. Order and usage details are collected when the user uses the service. Producer information is collected based on the contract from them or from their publications.
Disclosure of data
Data can be handed over to a competent authority or to another such party based on a lawful request. Data can also be handed over during an acquisition of the service or the company providing the service.
Personal data can be handed over to a third party in a contract with the registrar but not for their usage purposes. When making an order, payment handler has access to detailed personal data of the user. For statistical purposes, a registrar's partner collects data of the user while he or she is using the service but the user can't be directly identified with the collected information.
As a rule, personal information is not transferred outside the European Union or the European Economic Area unless it is necessary for the technical implementation or is otherwise justifiable. In this case the registrar ensures sufficient data security steps are taken as required by law and common sense.
Data retention time
Data is stored in the service until user deletes their account. Account can be deleted with a button in the profile view.
Logs are kept for a year after which they are deleted automatically. Backups are stored for a month, after which they are deleted automatically. Listening statistics are not deleted and are used to monitor service usage and for other statistical purposes. Old payments are kept in the register for accounting purposes.
The register is located in a server secured by a firewall, passwords and other commonly accepted security measures and can only be accessed by people working for the registrar. Backups are secured with a password and a key code. Contracts and their digital copies are also protected: physical copies behind locked doors and digital copies protected by a password.
Data subjects' rights
Data subjects' have a right the check the data about them and correct it when necessary. They also have a right to move the data they have inputted into another system. Data requests must be sent to the registrar in writing and they will be answered in a reasonable time as required by law. A request to check data can be sent once a year for free.
Data subjects' have a right to be forgotten and to delete their account. They can also block the service from using cookies in their browser's settings but then the login will not work.
Cookies are used, for example, to enable login and for statistical purposes: site usage, user location (approximation), user's browser and device details. Users cannot be directly identified from the collected data.