Protocol on data protection Niva Medical

GDPR General Data Protection Regulation

Niva Medical keeps a list of each customer of the shop with the following information:
Customer number, Customer type (private or commercial), VAT-number (if company), First name, Last name, Street name, Postal code, City, Email (if specified or otherwise via Opt-in), telephone number, purchase history. The data are only used in the structure of the company and are not provided to third parties.

Our mail-addresses are stored at, list by name and email address obtained by opt-in with persmission.
Only the board members of Nivamedical have access to both sites.

The data metioned before is used to fulfill the purchases by private and commercial customers. We will only use the information that is vital to finish the buying process or to promote products (again by persmission). Because the payment options vary we need the previous information. Furthermore, we need this information if the end customer wishes to start a refund process. The Newsletters are sent via Mailchimp and the email lists are also stored there under a secure website. All addresses are obtained with the consent of the recipient. Upon registration you will be asked if they want to receive the newsletter. Afterwards, every received mail has the possibility to automatically unsubscribe.

No personal data is stored on the company website, all completed fields are directly updated in the Polarfrost Shop with a connection to Mailchimp. Data will be stored on Polarfrost (shop)Mailchimp and Paytrail, all protected by https: secured servers.

In the event of a Data leak, this will be immediately passed on to the Finnish Data Protection Authority on: 029 56 16670 or at

The designated person who takes action after a data breach is the webmaster / board member of the association. When a data breach is detected, everyone must immediately contact us.

For the year 2018-2019 this is Willem Mulder. Available at

Read more about our pricacy protocols in terms & conditions