We value your privacy and your right to control your personal data. Lawful and secure processing of personal data, together with maintaining a high level of data protection, forms the foundation of our operations.
On this page, we describe the measures we use to safeguard data protection and ensure transparency for our customers and other stakeholders. The management and personnel of CHS Air & Sea Oy are committed to complying with the General Data Protection Regulation (GDPR) in all processing of personal data.
1. Register holder
Nebu Investments Oy (3020777-4)
Tietotie 9
01530 Vantaa
Contact person for matters concerning the register
Mikko Vaaljoki
mikko.vaaljoki@chs.fi
2. Name and purpose of the register: Customer register B2B
The register for CHS Air & Sea Oy’s operational activities, customer relationship management, and marketing.
The register contains personal data of customers, subcontractors, representatives and other partners.
Personal data is processed for the provision of freight forwarding and transport services and for managing customer relationships with existing and potential clients.
3. Legal basis for processing personal data: Legitimate interest
The processing of personal data is based on the customer, subcontractor, agency or other stakeholder relationship between the data subject and CHS Air & Sea Oy.
4. Data content of the register
The personal register contains the following information: The person's first and last name, The entity they represent, Business ID, Email address, Postal address, Telephone number, www address, IP number, Information about previous orders, Login information in situations where it is enabled by the features.
CHS Air & Sea Oy operates exclusively in the B2B sector, and the customer register does not include private individuals as consumer customers.
5. Data retention period
Personal data is retained only for as long as necessary to fulfill the purposes described in this privacy notice.
Log files of Customs' electronic transactions must be retained for three (3) years in addition to the current year.
Customs documents must be archived for six (6) years from the end of the calendar year in which the decision to release the goods for the import procedure was issued.
6. Regular Sources of Data
Personal data is primarily obtained directly from customers, representatives, and other parties involved in transport and forwarding services.
Data is collected in connection with electronic contact requests, requests for quotations, contract formation, authorizations, and the processing of electronic communications, or in other similar contexts.
Personal data may also be collected from public sources for sales and marketing purposes.
7. Disclosure of information
Personal data stored in the register will be disclosed, within the limits permitted and required by applicable legislation, to authorities that have the legal right to receive information, such as customs, tax authorities, and insurance companies.
Data may be shared with third parties when necessary for providing transport and forwarding services.
In addition, data may be transferred to partners selected by the controller who process the data on behalf of the controller based on an agreement between the parties.
8. Transfer of data outside the EU or EEA
Customer data may be transferred outside the European Union or the European Economic Area in accordance with applicable data protection legislation and within its limits, for example:
When the transfer is necessary for the execution of an order from the data subject or for the performance of a contract between the data subject and the controller or to take steps prior to entering into a contract at the data subject's request.
When the transfer is necessary for the conclusion or performance of a contract between the controller and a third party in the interests of the data subject.
9. Principles of Data Protection
A. Manual Records
Documents containing customer information that are processed manually are stored in locked and fire-proof storage facilities after initial processing.
Only designated employees who have signed a confidentiality agreement
has the right to process manually stored customer data.
The protection and processing of data in the register complies with the Data Protection Act
as well as regulations and principles, and official orders.
B. Digitally Processed Data
Personal data is treated as confidential. Access to the register is restricted to employees whose duties require such access. Entry into IT systems requires valid user rights, a username, and a password.
Each user has signed a confidentiality agreement.
The system is protected by a firewall that protects against outside attacks.
The protection and processing of data in the register complies with the provisions and principles of the Data Protection Act, official regulations, and good data processing practices.
The controller requires all IT service providers to ensure confidentiality, appropriate data security, and compliance with data protection legislation.
10. Right of inspection
The controller makes this private notice available to data subjects.
The data subject has the right, pursuant to Section 26 of the Personal Data Act 523/1999, to inspect the information concerning him or her in the register or to receive confirmation that there is no information concerning him or her in the register. At the same time, the data controller shall inform the register of the regular data sources and the usual purposes of use and disclosure of the data.
The information is provided upon request, and the request for inspection should be addressed to the Data Protection Officer.
11. Right to Rectification
The data subject has the right to request correction, deletion, or completion of inaccurate personal data concerning them.
The registered person's personal data will be deleted at the user's request unless legislation, open invoices or collection actions prevent the data from being deleted.
12. Changing the privacy policy
CHS Air & Sea Oy is constantly developing its operations and services and reserves the right to change this privacy policy by posting changes on this page. Changes may also be due to changes in legislation.
13. Cookies
Cookies are small text files used by websites to enhance user experience and functionality.
By law, we can only store cookies on your device without your consent if they are necessary for the website to function. All other cookies require your consent. You can change or withdraw your consent via the cookie notice on our website.
By using our website, you consent to the processing of your personal data in accordance with this privacy notice. We reserve the right to update this notice by publishing a revised version online. Continued use of the website and related services after publication of the updated version constitutes acceptance of the amended terms.
Your consent applies to the following domain: chs.fi
For more information about cookies, please visit www.aboutcookies.org.
Get emails about our news and success stories.