Privacy Policy

Last Updated On 5.7.2023
Effective Date 5.7.2023

  1. Data Controller
    Name: Hanna Hoi Yee Tamminen
    Business ID: 3358197-2
    Postal Code:
    Phone number:
  2. Person Responsible for Register Matters
    Name: Hanna Hoi Yee Tamminen
    Phone number:
  3. Data Protection Officer
    Name: Hanna Hoi Yee Tamminen
    Phone number:
  4. Purpose of Register (state how the data is used in your company)
    The collected personal data is used for: customer identification and access rights management, delivery of orders placed by registered users, maintenance and development of customer relationships.
  5. Legal Basis for Collecting and Processing Data
    Customer information is collected and processed based on customer consent or for the performance of a contract with the customer.
  6. Content of the Register
    Company name, Business ID, Email address, Phone number, Username, and Password.
  7. Data Retention Period
    Personal data is retained as long as necessary for the performance of a contract with the customer or for the development of customer service.
  8. Regular Data Sources
    Data is collected in the register from the individuals themselves. Data may also be collected from public registers within the limits allowed by law (e.g., Additionally, data is collected through the use of Google Analytics for analytical purposes.
  9. Regular Disclosures and Transfers of Data within or outside the EU or the European Economic Area
    Data is not regularly disclosed to entities outside the company. However, some external service providers or software vendors used by the company may store data outside the EU or the European Economic Area.
  10. Use of Cookies
    We use the cookie function on our website. A cookie is a small text file sent to and stored on the user’s computer, which enables the website administrator to recognize frequent visitors to the site, facilitate user logins, and compile aggregate data about visitors. With this feedback, we can continuously improve the content of our website. Cookies do not harm users’ computers or files. We use them to provide our customers with personalized information and services tailored to their individual needs. If a user visiting our website does not want us to obtain the aforementioned information through cookies, most browsers allow the disabling of the cookie function. However, it is important to note that cookies may be necessary for the proper functioning of certain pages we maintain and the services we offer.

    Cookies in use:

    CookieYes uses cookies to remember users’ consent preferences so that they persist on subsequent visits to this site. The cookie does not collect or store any personal information about site visitors.

    Google Recaptcha uses cookies to identify potential bots and protect the website against malicious spam attacks.

    Polylang uses cookies to remember the language selected by the user when returning to the website and to retrieve language information when not available in another way.

    For tracking and analyzing visitor traffic, Google Analytics and Google Search are used, which can also be utilized for remarketing and reporting on audience demographics and interests

  11. Protection of the Register
    Data is transferred over an SSL-protected connection. Electronic data is protected by firewalls, usernames, and passwords. Access to the data is restricted to authorized personnel employed by the data controller who require the information for their duties.
  12. Automated Decision Making
    No automated individual decision-making (Article 22 of the EU General Data Protection Regulation) is performed.
  13. Rights of the Data Subject
    The data subject has the right to access the personal data stored in the personal data register.

    A written request for inspection, signed by the data subject, should be sent to the person responsible for register matters.

    The right of inspection is free of charge once a year.

    The data subject has the right to request the correction or deletion of incorrect or outdated data or the transfer of data from one system to another. The data subject also has the right to restrict or object to the processing of their data in accordance with Articles 18 and 21 of the EU General Data Protection Regulation.

    The data subject has the right to withdraw previously given consent to the processing of their data or to lodge a complaint with the supervisory authority regarding the processing of their personal data. The data subject also has the right to prohibit the use of their data for direct marketing purposes.

    There is no standardized template for a privacy policy, but you can find more information from the Finnish Data Protection Ombudsman’s GDPR website: