Privacy Policy

Created: 01.02.2026

1. Data Controller

Company: Skanveir Oy
Business ID: 2046977-0
Address: Televisiotie 8
Postal code: 15860
City: Hollola
Email address: mika.seppanen@skanveir.com

2. Person Responsible for Register Matters and Data Protection Officer

Company: Skanveir Oy
Name: Mika Seppänen
Address: Televisiotie 8
Postal code: 15860
City: Hollola
Email address: mika.seppanen@skanveir.com

3. Name of the Register

Customer and Marketing Register

4. Legal Basis and Purpose of Processing Personal Data

The processing of personal data is based on a customer or contractual relationship, another legitimate basis, or the explicit consent of the data subject.

Personal data may be processed for fulfilling contractual or statutory obligations, maintaining communication with the data subject and other parties necessary for managing the contractual relationship, sending newsletters, providing information, marketing products and services, conducting market analyses, and developing business operations.

5. Data Content of the Register

The register may store the name and necessary contact details of the data subject, such as address, phone number and email address, business ID, position in the organization, date of birth or personal identity number, information about products and services ordered by the customer and their delivery and invoicing, messages, comments and materials exchanged between the data controller and the data subject or other parties necessary for managing the contractual relationship, consents, prohibitions and customer feedback.

Technical data related to the use of online services may be collected, such as IP address, country or city of location, services used, device and operating system information, browser type, and external websites from which the user has arrived at or to which the user leaves the data controller’s online service.

Information about the use of services may be collected on the data controller’s website using cookies.

6. Regular Sources of Data

The data stored in the register is obtained from the data subject, technically from the use of the data subject’s online and electronic services, from third-party analytics services such as Google Analytics, from public sources, or from providers of public contact information services.

7. Regular Disclosures of Data

Personal data is not regularly disclosed to external parties. However, disclosure may be possible for justified purposes.

8. Transfer of Data Outside the EU or EEA

Personal data is not regularly transferred outside the EU or EEA. If data is transferred, the data controller ensures an adequate level of protection for personal data, including by agreeing on the confidentiality and processing of personal data in accordance with legal requirements.

9. Principles of Register Protection

MANUAL MATERIAL
Manual material is stored in a locked space and destroyed once it has been converted into electronic form.

ELECTRONIC MATERIAL
Electronic material is stored appropriately protected on the data controller’s computer or storage device, or appropriately protected on an external server or service.

Personal data may only be processed by members of the data controller’s staff who need the data to perform their work duties.

Register data is protected from external access by technical solutions and applications.

SSL-secured connections are used when collecting and transmitting confidential data such as bank and credit card information.

Register data is regularly backed up, and the restoration of backup data is tested.

The data controller will report any data breaches directly to the authorities or the user in accordance with applicable legislation.

10. Right of Access

Everyone generally has the right to inspect their personal data stored in the register.

Requests for inspection must be submitted in writing to the data controller’s contact person using the contact details above and must include the data subject’s signature.

11. Right to Request Correction and Deletion of Data

Everyone has the right to request the correction or deletion of incorrect information in the personal data register.

Requests must be submitted in writing to the data controller’s contact person using the contact details above and must include the data subject’s signature.

12. Other Rights Related to the Processing of Personal Data

The data subject has the right to request that their data be transferred in electronic form to another service provider.

The data subject has the right to withdraw their consent to the processing of personal data.

The data subject has the right to prohibit the use of their data for distance selling and other direct marketing, as well as for market and opinion research.

Requests, withdrawal of consent, and prohibitions must be submitted in writing to the data controller’s contact person using the contact details above and must include the data subject’s signature.

Data in the marketing register is stored until further notice.

The data controller retains other personal data in accordance with applicable legislation and only as long as necessary for the purposes described in this privacy policy.

Data may also be retained in accordance with accounting or other mandatory legislation even after the end of the customer relationship or other basis for processing personal data.

Visitors to the data controller’s website may clear or block cookies through their browser or device settings; however, this may weaken the user experience or cause malfunctions on the website.

The data subject has the right to object to the processing of their personal data, request restriction of processing, and lodge a complaint with the data protection supervisory authority at www.tietosuoja.fi.