Privacy Policy

This is the privacy policy of Finnature Oy Ltd in accordance with the General Data Protection Regulation (GDPR) of the European Union.

Drafted on April 20, 2023. Last updated on September 28, 2023.

  1. Data Controller
    Finnature Oy Ltd,
    Business ID: 1538984-8
  2. Contact Person
    Name: Kaisa Peltomäki
    Contact details: kaisa.peltomaki@finnature.fi
  3. Register name
    Finnature Oy Customer and Marketing Register
  4. Purpose of the register
    The collected personal information is used for building, maintaining, and enhancing customer relationships, communication, as well as marketing products and services. Contents of the Register
  5. Contents of the register
    The information stored in the register includes:

    • Contact details, such as the individual’s name, phone number, email address, address
    • Information related to companies and organizations
    • Details of ordered products and services
    • Other information related to customer relationships and ordered services
  1. Cookies
    We track user data on our websites finnature.fi and shop.finnature.fi using cookies, which store information in the register based on IP addresses, such as site usage data, time spent on the site, and viewed pages. We use cookies for targeted content and advertising on the site, as well as for analytics. You can accept or choose to disable the use of non-essential cookies in your cookie settings.
  2. Sources of Information
    The data stored in the register is obtained from customers through various sources, including online store purchases, messages sent through forms, emails, phone calls, social media services, agreements, customer meetings, and other situations where customers provide their information.
  3. Regular Disclosures of Data and Transfer of Data Outside the EU or EEA
    Data is not routinely disclosed to other parties. Information may be published as agreed with the customer.
  4. Principles of Register Protection
    The processing of the register follows due diligence, and data processed through information systems is adequately protected. When register information is stored on internet servers, both the physical and digital security of the hardware is properly maintained. The data controller ensures that stored information, as well as server access rights and other critical information related to the security of personal data, are handled confidentially and only by employees whose job description involves such access.
  5. Right to Inspection and Right to Request Data Correction
    Individuals listed in the register have the right to review their stored information and request correction of any incorrect information or completion of incomplete information. If a person wishes to review their stored information or request corrections, the request should be sent in writing to the data controller. The data controller may request the requester to provide proof of identity if necessary. The data controller responds to the customer within the timeframe established by the EU GDPR (usually within a month).
  6. Other Rights Related to the Processing of Personal Data
    Individuals listed in the register have the right to request the removal of their personal data from the register (“right to be forgotten”). Likewise, registered individuals have other rights under the EU GDPR, such as restricting the processing of personal data in certain situations. Requests should be sent in writing to the data controller. The data controller may request the requester to provide proof of identity if necessary. The data controller responds to the customer within the timeframe established by the EU GDPR (usually within a month).