Privacy Policy
Privacy Policy
This is Muru Baby Food Oy's privacy policy and data protection statement in accordance with the Personal Data Act (Sections 10 and 24) and the EU General Data Protection Regulation (GDPR). Prepared on February 2, 2020. Last modified on January 29, 2025.
1. Data controller
Muru Baby Food Oy
c/o Muru-Dining Oy
Lämmittäjänkatu 6
00880 HELSINKI
2. Contact person responsible for the register
Jonne Brusi
jonne.brusi[at]murubaby.fi
3. Name of the register
Muru Baby Food Oy's customer register
4. Legal basis and purpose of processing personal data
The legal basis for processing personal data under the EU General Data Protection Regulation is the consent of the individual (documented, voluntary, specific, informed, and unambiguous) agreement.
The purpose of processing personal data is to develop the marketing of the website.
The data will not be used for automated decision-making or profiling.
5. Data content of the register
The information stored in the register includes: IP address of the network connection, first and last name, email address, postal address, telephone number, social media accounts/profiles, and other information related to the customer relationship and services ordered.
These pages usecookies. Functional cookies are used to ensure the technical functionality of the website. You can anonymize cookies by clearing your cache. The data will be stored indefinitely.
Third parties commissioned by us may show users advertisements based on their previous visits to the website. For these remarketing campaigns, third parties such as Google may use cookies on the website to record users' visits. User demographic data may be combined for advertising targeting purposes. Cookies on the website may also be used for statistical analysis of visits. Other third parties also use cookies on our website to provide additional functionality and analytics.
You can manage your settings for cookies related to Google advertisinghere.
6. Regular sources of information
The information stored in the register is obtained from the customer, for example, by filling in customer information, messages sent via online forms, email, telephone, social media services, agreements, customer meetings, and other situations in which the customer provides their information, as well as various competitions and customer benefits in which the customer participates.
7. Regular disclosure of data and transfer of data outside the EU or EEA
The data will not be disclosed to other parties as a rule. The data may be published to the extent agreed with the customer. The data may also be transferred by the controller outside the EU or EEA.
Currently, all data is stored within the EU.
8. Principles of register protection
The register is handled with care, and data processed using information systems is protected appropriately. Register data is stored on Internet servers, and the physical and digital security of the hardware is ensured in an appropriate manner. The controller ensures that stored data, server access rights, and other information critical to the security of personal data are treated confidentially and only by employees whose job description includes such tasks.
9. Right of inspection and right to request correction of information
Every person listed in the register has the right to check their information stored in the register and request that any incorrect information be corrected or incomplete information be supplemented. If a person wishes to check the information stored about them or request a correction, the request must be sent in writing to the controller. If necessary, the controller may ask the person making the request to prove their identity. The controller will respond to the customer within the time limit specified in the EU General Data Protection Regulation.
10. Other rights related to the processing of personal data
A person included in the register has the right to request that their personal data be removed from the register ("right to be forgotten"). Similarly, data subjects have other rights underthe EU General Data Protection Regulation, such as the right to restrict the processing of personal data in certain situations. Requests must be sent in writing to the controller. If necessary, the controller may ask the person making the request to prove their identity. The controller will respond to the customer within the time limit specified in the EU General Data Protection Regulation.