Privacy Policy

Last updated: February 9, 2025 (version 3)

Privacy Policy Drafted on February 9, 2025

1. Data Controller

• IPR-Loikka
• Business ID: 3503247-5
• Fyysikontie 5
• 90570 OULU
• +358 405486799
• jarkko@iprloikka.fi

2. Contact Person / Responsible for Registry Matters

• Jarkko Konola
• Fyysikontie 5
• 90570 OULU
• +358 405486799
• jarkko@iprloikka.fi

3. Name of the Registry

Customer and Marketing Registry.

4. Purpose of Processing Personal Data

The processing of personal data is based on the data controller’s legitimate interest, contractual relationship, and/or compliance with legal obligations.

Personal data processing may also be based on the data subject’s consent, which then serves as the legal basis where applicable. The data controller’s legitimate interest is the right to conduct appropriate, justified, and lawful sales and marketing activities, including related profiling. Personal data is processed within the limits permitted by applicable legislation for the following purposes:

• Establishing, managing, and developing customer relationships
• Data analysis
• Providing, developing, monitoring, and personalizing services
• Handling assignments
• Business development
• Marketing implementation
• Remote sales
• Customer communication
• Billing, payment monitoring, and collection
• Credit checks

We collect personal data only to the extent necessary for seamless cooperation. Automated decision-making is not used in personal data processing.

5. Contents of the Registry

The registry contains the following personal data:

• First and last name, address, phone number, email address
• Employer and the person's role within the company
• Language
• Service usage data (e.g., trademark customer)
• Information provided by the customer (e.g., special dietary requirements)
• Any additional information collected with explicit consent

6. Data Sources

Personal data related to a customer or potential customer is collected from the individual themselves, various online services used or presented by the registered individual, partner registries, and authorities and companies providing personal data services.

7. Cookies

Our website uses cookies to enhance the user experience. Cookies are small text files stored on the user's device.

fonts.gstatic.com Cookies

Our website uses fonts from fonts.gstatic.com. This service may set cookies to ensure that fonts load correctly and display consistently across devices.

How do we use cookies? We use cookies, for example, to:

• Improve website functionality
• Remember user preferences

Managing Cookies: Users can manage and delete cookies in their browser settings. Please note that deleting cookies may affect the functionality and user experience of the website.

8. Transfer of Personal Data

Personal data may be disclosed to partners/subcontractors to the extent necessary to fulfill the customer’s request. When using subcontractors, we ensure that personal data processing complies with data protection regulations. Personal data is transferred outside the EEA only to fulfill a customer’s request with their consent. If personal data must be transferred outside the EU or EEA, we ensure that recipients comply with data protection legislation.

9. Data Security and Retention Period

Electronically processed data in the registry is protected by firewalls, passwords, and other generally accepted technical security measures.

Manually maintained materials are stored in facilities with restricted access. Only designated employees of the data controller and its authorized partners have access to the personal data with granted permission.

We retain personal data only for as long as necessary to fulfill the processing purposes defined in this privacy policy. Marketing data is retained until the data subject withdraws their consent or the data is no longer needed. Due to accounting laws or other applicable regulations, personal data may need to be stored for a longer period. Unnecessary and outdated personal data is deleted appropriately. Accounting records are retained for at least six years in accordance with accounting laws.

10. Data Subject Rights

The data subject has the following rights under applicable legislation:

• The right to inspect stored personal data. A written request must be submitted, and a reasonable fee of €100 applies for requests made more than once per calendar year. The first request each year is free.
• The right to give and withdraw consent for data processing.
• The right to request correction of incorrect data. A correction request must be made in writing to the data controller’s contact person.
• The right to object to data processing.
• The right to transfer data from one system to another. A written request is required, and a reasonable fee applies.
• The right to request deletion of personal data. A deletion request must be submitted in writing to the data controller’s contact person via email at jarkko@iprloikka.fi.
• The right to restrict the processing of personal data. You can withdraw your consent by emailing jarkko@iprloikka.fi and stating your withdrawal request.

11. Direct Marketing Consent and Restrictions

Customers may give or deny IPR-Loikka permission to use their personal data for direct marketing in accordance with applicable laws. IPR-Loikka will use personal data in direct marketing only for services it considers relevant to the data subject or their company.

12. Changes to the Privacy Policy

IPR-Loikka reserves the right to modify this privacy policy.