Privacy Policy

Privacy Policy

According to the General Data Protection Regulation, the data controller has an obligation to inform data subjects in a clear manner. This privacy statement fulfills the obligation to inform.

1. Data Controller

Company name

Contact information:
 Address
 Postal code, location

Contact information for register-related matters

Company / Person's name
address
postal code, location
phone number
email

Contact information of the potential Data Protection Officer, if applicable:

Data Protection Officer

Company / Person's name
address
postal code, location
phone number
sähköposti

2. Data Subjects

The register contains customers, potential customers, and partners of the company who have sent their contact information through the form.

3. Purpose of Personal Data Processing

The basis for maintaining the register is the contact information stored through the contact form. Individuals give their consent when sending a contact request.  

Purpose of Personal Data Processing and Register Use

Personal data is processed only for predefined purposes, which are the following:

  • message verification

4. Personal Data Stored in the Register

The customer register contains the following information:

Contact information

  • name
  • email
  • phone number

5. Rights of the Data Subject

The data subject has the following rights, requests for exercising which should be made to contact information

Right of access

The data subject can check the personal data we have stored. 

Right to rectification

The data subject can request the rectification of inaccurate or incomplete data concerning them.

Right to object

The data subject can object to the processing of personal data if they feel that personal data has been processed unlawfully. 

Right to prohibit direct marketing

The data subject has the right to prohibit the use of data for direct marketing.

Right to erasure

The data subject has the right to request the deletion of data if data processing is not necessary. We will process the deletion request, after which we will either delete the data or state a legitimate reason why the data cannot be deleted. 

It should be noted that the data controller may have a statutory or other right not to delete the requested information. The data controller has an obligation to retain accounting material in accordance with the Accounting Act (Chapter 2, Section 10) for the specified period (10 years). Therefore, accounting-related material cannot be deleted before the expiration of the deadline.

Withdrawal of consent

If the processing of personal data concerning the data subject is based solely on consent, and not, for example, on a customer relationship or membership, the data subject can withdraw their consent.

The data subject can appeal the decision to the Data Protection Ombudsman

The data subject has the right to demand that we restrict the processing of disputed data until the matter is resolved.

Right to lodge a complaint

The data subject has the right to lodge a complaint with the Data Protection Ombudsman if they feel that we are violating applicable data protection legislation when processing personal data.

Contact information of the Data Protection Ombudsman:  www.tietosuoja.fi/fi/index/yhteystiedot.html

6. Regular Data Sources

Customer data is regularly obtained from:

  • the customer or potential customer themselves when they fill in their contact information on the contact form.

7. Regular Data Disclosures

Data is generally not disclosed outside Company Ltd for marketing purposes. 

8. Duration of Processing

Personal data is generally processed for XXX. Mark the time here. You are responsible for deleting the data after this period.

9. Personal Data Processors

The data controller and its employees process personal data. We may also partially outsource the processing of personal data to a third party, in which case we guarantee through contractual arrangements that personal data is processed in accordance with applicable data protection legislation and otherwise appropriately.

10. Transfer of Data Outside the EU

Personal data is not transferred outside the EU or the European Economic Area. 

11. Automated Decision-Making and Profiling

We do not use data for automated decision-making or profiling.