Account

Country

Language

Cart

Your cart is empty

Privacy policy

1. Company Information
The company oversees the information you provide and is responsible for personal data in accordance with data protection laws.

Company Information:

Toive Company

RIVA Clothing Oy
Yliopistonkatu 32
40100 Jyväskylä
Business ID: 2755033-6

2. Person Responsible for Registry Matters and/or Contact Person
Riku Keihäsniemi
CEO
riku@toiveshop.com

3. Name of the Registry:
Toive Customer Registry

4. Legal Basis and Purpose of Processing Personal Data
The legal basis for processing personal data in accordance with the EU General Data Protection Regulation (GDPR) is the placing of an order through the company’s online store (rivaclothing.com), which constitutes the formation of a contract between the customer and the company.

The purpose of processing personal data is to fulfill orders and manage the customer relationship. Contact information is used to reach the customer if necessary (e.g., if the customer selects the option to pick up the order from the company’s office) and for delivery through Posti.

Personal data is not used for automated decision-making or profiling.

5. What Data Do We Collect?
We collect the following personal data:

  • Name
  • Email address
  • Address
  • Phone number

6. Regular Data Sources & Data Retention Period
The data stored in the registry is obtained from the customer when placing an order, and we retain it for 3 years. If the order is canceled or interrupted by the customer, it will be deleted from the system within 3 months. This does not apply to refund or complaint orders, which we retain for 3 years to ensure the customer’s benefit.

7. Regular Data Disclosures and Data Transfer Outside the EU or EEA
Data is not regularly disclosed to other parties or transferred outside the EU or EEA unless it is necessary to ensure the technical implementation by company itself or its partner. Data may be disclosed to authorities as required by applicable law.

8. Principles of Registry Security
The processing of the registry is conducted with care, and the data processed via information systems is properly secured. Registry data is stored on internet servers, and the physical and digital security of the hardware is appropriately managed.

The data controller ensures that stored data, server access rights, and other information critical to the security of personal data are handled confidentially. In addition to employees, the administrators of the web service also have access to the personal registry. A data processing agreement has been made with the web service administrators, specifying how they may handle the data.

9. Customer Rights
You have the right to obtain a copy of your personal data, request the correction of incorrect personal data, and request the completion of incomplete personal data. You also have the right to ask us to delete your personal data unless its retention is necessary, for example, under accounting laws. You also have the right to opt out of direct marketing by sending us an email at info@toivehop.com.

You also have the right to request that we restrict the processing of personal data during the following situations:

  • During the verification of legitimate interest
  • During the correction and verification of incorrect personal data

You also have the right to file a complaint about the processing of personal data if you believe it is being handled incorrectly. You may also request copies of the personal data we have collected. You can send us a signed request by mail to Yliopistonkatu 32, 40100 Jyväskylä. We will provide copies of your personal data within 3 months.

10. Information Security
Our website is built with security in mind. We use a secure SSL connection, firewalls, and access to the site is protected by passwords and usernames. The site is regularly updated to strengthen its security.