Purpose of the processing of personal data
The primary basis for the processing of personal data is the customer relationship between the theater customer and the theater (factual context). The processing of personal data can also be based on the customer’s consent or on the activities that the customer carries out on behalf of the theater.
Personal data is processed for the following purposes:
- Production, development and monitoring of theater services and realization of customer service.
- Management and development of the customer relationship as well as individual adaptation of services.
- Communication in connection with customer relationships and marketing as well as the managing of contact history.
- Processing and response to customer feedback.
- Processing, answers and payments for compensation and refund matters.
- Analysis and classification of the customer base with the goal of targeting communication.
- Follow-up and statistics on electronic service channels (such as net- and mobile services) for service development, marketing purposes and facilitation of case management.
Grus Grus Teatteri ry is data controller, ie the party responsible for the processing of personal data.
Contents of the register
- name
- address
- telephone number(s)
- email address
- service and event information
- customer feedback and related information for response communication
Statutory sources of information
Information related to the customer is primarily collected from the customer her/himself in connection to placing an order and registration, in connection to the purchase and use of services, in the internet service’s personal information section, in connection with customer service events and in other cases directly from the customer. Customer-related information is also generated in the theatre’s information system in connection with the use of services.
Statutory disclosures of information
We do not disclose the information to any other party.
Principles for how the register is protected
The register does not contain manual material.
Personal information is correctly protected. The personal data controller collects data in databases that are protected by firewalls, passwords and other technical means. The databases and their backups are located in locked and protected rooms and the information can only be accessed by certain pre-appointed persons.
User rights to access the register, for the theater and other retailers, require a user-id issued by the personal data controller for the customer database. The person responsible for personal data has, on contractual grounds, ensured that the collaboration partners who process personal data are obliged to protect the personal data also in relation to their own employees.
The register information in the theater can be found in the systems managed by the theater. Users of the register have a personal username and password that allows each login to be authenticated and identified.
Right to inspection
Everyone in the register has the right to check the information stored in the register. Requests for inspections are formulated in free form and addressed to the registry administrator via e-mail ville.kurki@grusgrus.fi or by telephone 044 242 9324.
Right to demand correction of information
Everyone in the register has the right to demand that incorrect information regarding them will be corrected. Requests for correction are formulated in free form and addressed to the registry administrator via e-mail info@grusgrus.fi.
Other issues related to the processing of personal data
We use Mailchimp e-mail service for our news releases. In this case, Grus Grus Teatteri is the personal data controller and Mailchimp personal data processor. Mailchimp is an American company to which personal information is transferred to outside the EU. However, personal data is protected in accordance with current requirements via the Personal Data Act. Read more in Mailchimp’s privacy statement.
In some of the performances, the processing of information collected via the ticket sales online store has been outsourced to the administrator of the ticket sales Tiketti Oy. Read more about Tiketti’s privacy policy statement. In some of the performances, ticket sales are organized by a theater or other organization in whose premises the performance takes place. In this case, the ticket seller is the data controller.
In connection with the performance “Huviretki tienpientarelle”, we send a letter to customers who have purchased a ticket, after which we remove their contact information from our information system. In connection with ticket purchases, we only receive name and address from our partners. However, this information is deleted as soon as the letter has been sent.