Privacy Policy

1. Data Controller
Name: Finaly Oy
Business ID: 3331810-3
Address: Fredrikinkatu 61
Postal Code: 00100
City: HELSINKI
Phone Number: 040 7779 770
Email Address: juha@finaly.fi

2. Person Responsible for Register Matters
Company: Finaly Oy
Name: Juha Riippi
Address: Fredrikinkatu 61
Postal Code: 00100
City: HELSINKI
Phone Number: 040 7779 770
Email: juha@finaly.fi

3. Purpose of the Register
The collected personal data is used for:
Identification of customers and management of user rights. Delivery of orders for registered users and maintenance and development of customer relationships.

4. Basis for Collecting and Processing Data
Customer data is collected and processed with the consent of the customer or for the performance of a contract with the customer.

5. Contents of the Register
We primarily collect personal data about you when you contact us or later when you use our services.

6. Storage Period of Data
Personal data is retained for as long as necessary for the performance of a contract with the customer or for the development of customer service.

7. Regular Sources of Information
Information is collected:
Directly from the individual. From registers maintained by authorities within the limits allowed by law (e.g., ytj.fi). Information is also collected through the Google Analytics analytics tool.

8. Regular Disclosures of Data and Transfer of Data Outside the EU or European Economic Area
Data is not routinely disclosed outside the company. Some external service or software providers used by the company may store data outside the EU or the European Economic Area.

9. Use of Cookies
We use the so-called cookie function or cookies on our website. A cookie is a small text file sent to and stored on a user’s computer, allowing the website administrator to recognize frequent visitors to the site, facilitate visitors’ logins to the site, and enable the compilation of aggregate information about visitors. Cookies do not harm users’ computers or files. We use them to provide our customers with information and services tailored to their individual needs.

If a user visiting our website does not want us to obtain the above-mentioned information through cookies, most web browsers allow the cookie function to be disabled. This is usually done through the browser settings.

However, it should be noted that cookies may be necessary for the proper functioning of some of the pages we maintain and the services we offer.

10. Protection of the Register
Data is transmitted over an SSL-secured connection.

Electronic data is protected by firewalls, usernames, and passwords.

Access to data is restricted to personnel employed by the data controller who need the information in their duties.

11. Automated Decision Making
Automated individual decision-making (Article 22 of the EU General Data Protection Regulation) is not conducted.

12. Rights of the Data Subject
The data subject has the right to inspect what personal data concerning them is stored in the personal data register. A written request for inspection must be sent signed to the person responsible for register matters.

The right of inspection is free of charge and can be exercised once a year at most.

The data subject has the right to request the correction or deletion of incorrect or outdated data, or the transfer of data from one system to another. They also have the right to restrict or object to the processing of their data in accordance with Articles 18 and 21 of the EU General Data Protection Regulation.

The data subject has the right to withdraw their consent to the processing of data previously given or to lodge a complaint with the supervisory authority regarding matters related to the processing of their personal data.

The data subject also has the right to prohibit the use of their data for direct marketing purposes.