Eerik’s Auction House - Privacy policy 7.2.2019

 

Eerik´s Huutokauppatalo Oy (”Eerik’s”) is committed to complying with its obligations under the EU General Data Protection Regulation in all its activities and services which include the processing of personal data.

 

In this privacy policy (“Policy”), we will tell you how we use, store and in limited circumstances transfer your personal data to third parties. We will also tell you what rights you have concerning your personal data.

Data controller

 

Eerik´s Huutokauppatalo Oy (Company ID FI29623607), Yliopistonkatu 9B, 20100 Turku is a data controller under the EU General Data Protection Regulation and is responsible for the data processing concerning its customers.

Processed personal data

Eerik’s processes the following personal data of its customers in the services it provides and its activities:

 

  • Name (first name, last name)

  • Contact information (address, phone number, email)

  • Company information (name, company ID, address)

  • Information of the discussions had within our services (e.g. discussions with our customer service or other instances within our services)

  • Credit card and payment information

  • Certain technical data concerning the use of our services ( e.g. data collected with cookies, including your IP address)

 

Eerik’s does not process any data that is considered sensitive, but only so called ordinary personal data.

 

Eerik’s collects the personal data mainly directly from its customers as they register to Eerik’s services, subscribe to a newsletter or otherwise conclude a contract with Eerik’s. In addition, Eerik’s receives personal data from its customers when they contact customer service and with cookies as the customers visits Eerik’s website.

 

The purpose and grounds for the processing of personal data

Eerik’s tends to that it always has the legal grounds for personal data processing under  personal data regulation. Eerik’s processes the above mentioned personal data in the situations and on the grounds listed below.



Contractual obligations

 

Eerik’s collects your personal data when:

  • You enter into a consignment contract or other contract with Eerik’s

  • You register into Eerik’s service

  • You subscribe to Eerik’s email newsletter

 

Personal data is collected for the purpose of performing contractual obligations or for the purpose of concluding a contract. Data may be transferred to a third party to fulfill the obligations listed below if it is necessary for this purpose.

 

In case providing certain personal data is required to conclude a contract with Eerik’s, this is stated by marking the personal data as obligatory (e.g. by using the * sign). You may choose to withhold your personal information, but in this case we may not be able to provide you the services you have requested or conclude a contract with you.

Legitimate interest

 

Eerik’s will store the email address provided by its customers in relation to registration or concluding a contract with Eerik’s. The addressed may be used for informing the customer of changes to the terms of use or e.g. sending invitations to a private event. The address may also be used to confirm the identity of the customer in customer service situations.

 

Eerik’s collects anonymized personal data for the purpose of conducting statistical and

service development analyzes. Gender and postcode data are the most identifiable data that can be included in such analysis.

 

Eerik’s strives to provide customized customer service. Data is collected to

improve the level of personal customer service.

 

IP address data is recorded when logging in and bidding to prevent fraud

against Eerik’s and its customers.

 

Eerik’s can record video and audio at its offices and auction events to ensure the safety

of staff and customers and to prevent crime. Such records and information may be

disclosed to the authorities to fulfill Eerik’s legal obligations.

Consent

 

With the customer’s pre-given consent, Eerik’s may use the collected email addresses for marketing purposes. The consent is requested with a separate action, for example by clicking a separate agree button. You always have the right to cancel your consent by using the “Unsubscribe” feature in each email. Eerik’s can use your personal information, such as address, bidding history, items of interest, and purchased items to uniquely identify the items you are interested in.

Eerik’s is constantly sending information about bids made and items purchased. You

can customize the information sent on the customer page of the service.

Protection of personal data

Eerik’s is committed to protecting your personal data technically and administratively. Eerik’s has introduced appropriate technical and organizational safety mechanisms to prevent the leaking, disappearance, and unintended deletion of personal data, data break-ins or other illegal access to the personal data. These mechanisms may include e.g. introducing security clearance requirements for our staff and service providers, the anonymization or pseudonymization of personal data, use of firewalls and virus protection software and locked storage spaces. The access to the register and the connection to our server are encrypted (HTTPS).

 

The access of our employees to personal data is limited to access only to persons who

need the data in customer service situations or in fulfilling their obligations under

this Policy. In case a security threat is targeted to your personal data, we will ensure the appropriate measures required by law are enforced to eliminate the threat and to minimize the effects of the threat.

Storage of personal data

 

Personal data is stored as long as their use is required under the purposes stated in this Policy, however in any case no longer than until the maximum legal statutory limit. When the personal data is no longer needed and the storage of personal data is not required by applicable law, the data will be deleted.

 

Eerik’s retains the personal and account data of the persons and accounts for which there is reason to suspect fraud, its attempt or any other act contrary to the Penal Code

(39/1889), based on the principle of legitimate interest.

Transfer of personal data to third parties and outside the ETA

 

Eerik’s does not transfer your personal data to third parties unless it is required by applicable law or it is necessary for providing services. However, Eerik’s uses outside service providers in delivering its services, which means that Eerik’s will from time to time transfer your personal data or allow access to it for these service providers. Eerik’s uses the following service providers as a part of its services:

 

  1. To verify the identity of our customers and provide payment services, Stripe (510 Townsend Street San Francisco, CA 94103, USA) processes with credit card and name information.

 

  1. In order to provide online auction services, Auction Mobility LLC (192 South Street Suite 600 Boston, MA 02111, USA) processes customer names and credentials.

 

  1. Customer name and address information may be provided to the transport service provider when the items are to be shipped to the customer.

 

Eerik’s may also transfer personal data to authorities due to its statutory obligations. In case of a corporate arrangement, such as a share or asset deal, merger, or similar arrangement, personal data may be transferred to a buyer or buyer candidate and its advisors for purposes concerning the arrangement.

 

As stated above, some of Eerik’s service providers are located outside the EU and the ETA. This means that your personal data may be transferred outside the EU and the ETA. However, Eerik’s will always protect your personal data in relation to such data transfers by enforcing regulatory security mechanisms, such as concluding a contract which contains European Commission model contract clauses or conforming to the EU-US Privacy Shield mechanism. You may contact Eerik’s using the contact information listed below in this Policy to receive more information of the security mechanisms used by Eerik’s in relation to data transfers.

Cookies

 

Eerik’s uses certain cookies in its services and website. Cookies are used so that we may constantly develop our services and allow a better user experience for our customers. Cookies allow use to maintain and follow the preferences of our customers, ensure a more secure service, identify technical issues, and monitor the overall performance of our services.

 

The cookies we use

We use cookies in our website and our services to follow the data your browser provides in relation to your visits to our website. Cookies are small text files, that are downloaded and may be stored in your devices, which allow the use of the internet and some service features e.g. on your computer your smartphone or your tablet device. Eerik’s uses multiple kinds of cookies.

We use the following cookies on our website:

  1. necessary cookies

Necessary cookies are essential for the functionality of the service and their purpose is to help you in using of our website. These cookies help us to improve the basic functions and the security of our service. If you block these cookies we can not guarantee the functionality of our service or your security during your visit.

  1. functional cookies

We use functional cookies to offer you the best user experience. These cookies are used to customize our service to you. Functional cookies allow our services and website to remember the choices you have made to allow more customized functions and options.

  1. performance measuring cookies

Performance measuring cookies allow us to understand the functionality of our website and the behaviour of our customers. These cookies help us to constantly improve our services. We use these cookies also to understand how efficiently our website and services function. These cookies provide us data of which pages our visitors visit and whether or not they receive error messages on our website.

All of the cookies we use are administered by third parties. You may choose to read the privacy policies of these third parties to gain more information of the personal data processing they do. We especially use Google Analytics, which allows us to assess how our website and services are used. This data is essential for improving the functionality of our website. Cookies may be stored for a time period ranging from 30 minutes to two years. The data created of your website use (including your IP address) is transferred to Google Inc. and stored by it in the USA.

Manage your cookie preferences:

You may at all times block or prohibit the use of cookies in your browser settings. However, if you block all cookies, we can not guarantee that you can continue to use all the features or functions in our services. More information on managing cookies and deleting them can be found in the following address: http://www.allaboutcookies.org/manage-cookies/.

Your rights

Data protection regulation guarantees you several rights concerning your personal data, which Eerik’s commits to protect. You have the following rights:

 

  1. the right to request for a copy of the personal data Eerik’s has stored about you and certain information concerning the processing of this data;

  2. the right to ask to limit the processing of your personal data in certain situations, e.g. when you dispute the validity of the personal data, or when we no longer need the personal data for its original purposes, but the data is needed for drafting, submitting or defending from a legal claim;

  3. the right to request the deletion of your personal data e.g. when your personal data is no longer needed for the original purposes for which they were collected or processed (so called right to be forgotten)

  4. the right to object processing that is based on our legitimate interest;

  5. the right to withdraw the consent when our right to process your information is based on your consent;

  6. the right to request that we update your personal data or revise incorrect personal data. On some of our services we may also revise, update and delete your personal data or deactivate your service account completely via your account settings and;

  7. the right to leave a complaint to the local supervising authority which e.g. in Finland is the Data Protection Ombudsman (https://tietosuoja.fi/en/home)

 

You may exercise the above mentioned rights by contacting Eerik’s by using the contact information in this Policy. Please note that, in relation to personal data requests, Eerik’s has to confirm the identity of the person making the request. Due to this, we might have to request additional information from you to confirm that you are the person that you claim to be.

Contact information

 

If you have any questions regarding the processing of your personal data, please

contact us.

 

Eerik´s Huutokauppatalo Oy
Address: Yliopistonkatu 9B, 20100 Turku
Email: info@eeriks.fi
Phone number: +358 (0) 50 326 8763