Terms

A co-op member is an individual member of the S Group’s co-op membership system.

A cookie is a small text file that the browser stores on the user’s terminal device. A cookie includes a unique, anonymous identifier that enables us to identify and count how many different browsers visit our website.

Data controller is the party that is responsible for the processing of personal data, i.e. who determines, among other things, which personal data is collected, for which purposes the data is used and how the data is protected. The data controller is also obligated to ensure the data subject’s rights and other legal requirements on the data controller.

Personal data processor is a party acting on behalf of the data controller, usually assisting the data controller on a contractual basis. The processor may have access to personal data to perform support or maintenance tasks, for example.

The data protection officer is tasked with supervising, monitoring and providing guidance to the organisation and the data subjects on any questions involving the processing of personal data. The data protection officer acts as the contact point for the data subjects and the authorities. Read more about the data protection officer’s duties here.

A data subject is a person whose personal data the data controller uses for predetermined purposes. Data subjects can be our customers who use our services or S Group employees, for example.

Direct marketing may refer to traditional or digital marketing.  Traditional forms of direct marketing include telemarketing and advertisements sent by post, while digital direct marketing consists of advertisements in apps or sent by email or text message. Direct marketing may be general (the same advertisements is sent to everybody) or targeted (an advertisement that is meant just for you).

Personal data includes your first and last name, phone number and information on how you use a service, for example. Any information that can be linked to an identified or identifiable person is considered personal data.

Data protection policy is the term we use for information on the processing of personal data. In the S Group, such information is layered. This data protection website provides you with general information and tells you where to find more detailed information. We may provide information in the form of text, images or videos.

The processing of personal data refers to any actions starting from the collection of the data and ending with the deletion of the data, such as collecting, saving, editing, disclosing, correcting and deleting data.

An S Code is a customer’s personal credential used in the S Group’s digital services.

Disclosure of personal data occurs when the data controller hands over personal data to another data controller for processing. The second data controller must have the right to receive the personal data and a reason for using the data.