[{"command":"settings","settings":{"basePath":"\/","pathPrefix":"en\/","ajaxPageState":{"theme":"cpu_base","theme_token":"3AVG8JsPPKfodE07jo1cUqBMKPn6Vd_Nmz5OhN6tEAY"},"authcache":{"q":"privacy-policy","cp":{"path":"\/","domain":".shop.kamk.fi","secure":true},"cl":23.14814814814815},"CToolsModal":{"loadingText":"Loading...","closeText":"Close Window","closeImage":"\u003Cimg src=\u0022https:\/\/shop.kamk.fi\/profiles\/commerce_kickstart\/modules\/contrib\/ctools\/images\/icon-close-window.png\u0022 alt=\u0022Close window\u0022 title=\u0022Close window\u0022 \/\u003E","throbber":"\u003Cimg src=\u0022https:\/\/shop.kamk.fi\/profiles\/commerce_kickstart\/modules\/contrib\/ctools\/images\/throbber.gif\u0022 alt=\u0022Loading\u0022 title=\u0022Loading...\u0022 \/\u003E"}},"merge":true},{"command":"modal_display","title":"Privacy information","output":"\u003Ch1\u003ECeepos Web Shop \u2013 Privacy Policy\u003C\/h1\u003E\r\n\r\n\u003Cp\u003E1. Controller\u003C\/p\u003E\r\n\r\n\u003Cp\u003EName (Business ID): Kajaanin Ammattikorkeakoulu Oy (2553600-4)\u003Cbr \/\u003E\r\nAddress: PL 52, 871010 Kajaani\u003Cbr \/\u003E\r\nTelephone number: (08) 618991\u003Cbr \/\u003E\r\nE-mail address: \u003Ca href=\u0022mailto:kajaanin.amk@kamk.fi\u0022\u003Ekajaanin.amk@kamk.fi\u003C\/a\u003E\u003C\/p\u003E\r\n\r\n\u003Cp\u003E2. Contact person in matters relating to the data file\u003C\/p\u003E\r\n\r\n\u003Cp\u003EName: Jaana Karjalainen\u003Cbr \/\u003E\r\nAddress: PL 52 (Ketunpolku 1), 87101 Kajaani\u003Cbr \/\u003E\r\nTelephone number: +358 44\u0026nbsp;715 7014\u003Cbr \/\u003E\r\nE-mail address: \u003Ca href=\u0022mailto:jaana.karjalainen@kamk.fi\u0022\u003Ejaana.karjalainen@kamk.fi\u003C\/a\u003E\u003C\/p\u003E\r\n\r\n\u003Cp\u003EName: Satu H\u00e4rk\u00f6nen\u003Cbr \/\u003E\r\nAddress: PL 52 (Ketunpolku 1), 87101 Kajaani\u003Cbr \/\u003E\r\nTelephone number: +358 44 7101 406\u003Cbr \/\u003E\r\nE-mail address: \u003Ca href=\u0022mailto:satu.harkonen@kamk.fi\u0022\u003Esatu.harkonen@kamk.fi\u003C\/a\u003E\u003C\/p\u003E\r\n\r\n\u003Cp\u003E3. Name of the data file\u003C\/p\u003E\r\n\r\n\u003Cp\u003ECeepos Web Shop\u003C\/p\u003E\r\n\r\n\u003Cp\u003E4. Purpose of processing personal data\u003C\/p\u003E\r\n\r\n\u003Cp\u003EPersonal data is collected for purposes such as order delivery, proper allocation of payments, identification\u003Cbr \/\u003E\r\nof the customer and\/or a person specified by the customer, verification of the customer\u2019s service history\u003Cbr \/\u003E\r\nand rights, reporting and marketing.\u003C\/p\u003E\r\n\r\n\u003Cp\u003EData is collected about the users of the software in order to determine access rights and monitor the use.\u003Cbr \/\u003E\r\nThe software creates log data including personal data in order to determine software usage history and\u003Cbr \/\u003E\r\nsolve any problems.\u003C\/p\u003E\r\n\r\n\u003Cp\u003E5. Data content of the file\u003C\/p\u003E\r\n\r\n\u003Cp\u003EThe personal data that can be stored in the registers includes:\u003C\/p\u003E\r\n\r\n\u003Cp\u003EGeneral customer register: customer number, first name, last name, address, city\/town, telephone\u003Cbr \/\u003E\r\nnumber, e-mail address, order history, username and direct marketing permission.\u003Cbr \/\u003E\r\nOrder register: contact information, products ordered.\u003Cbr \/\u003E\r\nCustomer cards\/identifiers: card number and PIN.\u003Cbr \/\u003E\r\nRegistrations: registered person\u2019s name, contact information, health status (allergies and other limitations),\u003Cbr \/\u003E\r\nparent\/guardian\u2019s details.\u003Cbr \/\u003E\r\nMailing lists: e-mail address.\u003C\/p\u003E\r\n\r\n\u003Cp\u003EPersonal data will be kept in the registers until manually removed. Order information will be kept until\u003Cbr \/\u003E\r\nmanually or automatically removed. The electronic receipt history will be kept until manually removed, but\u003Cbr \/\u003E\r\nfor a minimum of six years.\u003C\/p\u003E\r\n\r\n\u003Cp\u003E6. Regular sources of data\u003C\/p\u003E\r\n\r\n\u003Cp\u003EExternal systems, integrated into the web shop, which transmit payment transactions through interfaces.\u003Cbr \/\u003E\r\nThe primary sources of data are the web shop\u2019s customers, placing orders and registrations and making\u003Cbr \/\u003E\r\nonline payments.\u003C\/p\u003E\r\n\r\n\u003Cp\u003E7. Regular disclosure of data\u003C\/p\u003E\r\n\r\n\u003Cp\u003EPersonal data will not be disclosed to third parties. Personal data may be transferred to the controller\u2019s\u003Cbr \/\u003E\r\nother systems, such as the point-of-sale system, accounting, invoicing and access control. Depending on the\u003Cbr \/\u003E\r\npayment service provider, some of the customer\u2019s contact information is conveyed to the payment system\u003Cbr \/\u003E\r\nupon payment of the order to facilitate solving problems and returning payments.\u003C\/p\u003E\r\n\r\n\u003Cp\u003E8. Transfer of data outside the EU or EEA\u003C\/p\u003E\r\n\r\n\u003Cp\u003EPersonal data will not be transferred outside the EU or EEA.\u003C\/p\u003E\r\n\r\n\u003Cp\u003E9. Protection of the data file\u003C\/p\u003E\r\n\r\n\u003Cp\u003EMaintenance of the software is protected by usernames and passwords as well as user-group-specific\u003Cbr \/\u003E\r\naccess rights. The data in the database is protected by usernames and passwords, and processing the data\u003Cbr \/\u003E\r\nhas been limited to the web shop system only. The data stored on the drives has been protected by\u003Cbr \/\u003E\r\noperating-system-level access rights. All data communications between the system provider\u2019s systems and\u003Cbr \/\u003E\r\nthe web shop and payment service provider are SSL-protected.\u003C\/p\u003E\r\n\r\n\u003Cp\u003EMaintenance access to the server is only allowed for server and system providers. The software supplier\u003Cbr \/\u003E\r\nhas full access to viewing and removing all the data collected.\u003C\/p\u003E\r\n\r\n\u003Cp\u003E10. Approval for processing personal data\u003C\/p\u003E\r\n\r\n\u003Cp\u003EMaking purchases and payments in the web shop is regarded as an approval for processing personal data,\u003Cbr \/\u003E\r\nand no separate approval is required from the consumer in order to use the system. When the personal\u003Cbr \/\u003E\r\ndata comes from an external system, approval for its processing is provided outside the web shop system.\u003C\/p\u003E\r\n\r\n\u003Cp\u003E11. Right of access by the data subject\u003C\/p\u003E\r\n\r\n\u003Cp\u003EThe data subject has the right to access their personal data stored in the data file and receive copies of it.\u003Cbr \/\u003E\r\nThe access request must be made electronically or in writing and addressed to the contact person for the\u003Cbr \/\u003E\r\ndata file.\u003C\/p\u003E\r\n\r\n\u003Cp\u003E12. Right to demand the correction of data\u003C\/p\u003E\r\n\r\n\u003Cp\u003EThe data subject has the right to demand the correction of inaccurate data concerning them in the personal\u003Cbr \/\u003E\r\ndata file. Requests must be made electronically or in writing to the contact person for the data file.\u003C\/p\u003E\r\n\r\n\u003Cp\u003E13. Other rights relating to the processing of personal data\u003C\/p\u003E\r\n\r\n\u003Cp\u003EThe data subject has the right to forbid the controller to process data concerning them for direct\u003Cbr \/\u003E\r\nadvertising, remote sales and other direct marketing as well as market and opinion research.\u003C\/p\u003E\r\n"}]