Privacy statement

According to the General Data Protection Regulation, the personal data controller of a register is obligated to inform the register’s data subjects in a clear manner. This statement fulfils this informing obligation.

1. Personal data controller

Väinö Korpinen Oy (FI21779658)
Kalkkipellontie 6

02650 Espoo

Contact information in matters related to personal data files

Eero Erä-Esko
+358408451774
[email protected]

2. Data subjects

Customers and potential customers

3. Purpose of use of personal data

Use of personal data is based on customer relationship, contract relationship, consent of data subject or other legitimate reason.

Personal data can be used for fulfilling contract liabilities or services and for other communication with data subject, in customer service, marketing communication, business planning, product development, sending newsletters and other announcements, developing website and webshop user experience, targeting marketing and for conducting market research and other research and analysis.

4. Personal data recorded in the register

The customer register can contain for example the following information:

  • name
  • address
  • e-mail
  • phone number
  • employer
  • job title
  • purchase history
  • information gathered from browser cookies
  • other information received from data subject / customer

5. The data subject’s rights

The data subject has the following rights, and requests for their use should be sent to [email protected]  

Right to access data

The data subject may check the data we have recorded.

Right to rectification

The data subject may request the rectification of inaccurate or incomplete personal data.

Right to object

The data subject may object to the processing of personal data if the data subject feels that personal data has been processed unlawfully.

Right to forbid direct marketing

The data subject has the right to forbid the use of personal data for direct marketing.

Right to deletion

The data subject has the right to request the deletion of data if personal data processing is not necessary. We will handle the request for deletion and proceed to either delete the data or state a justified reason for not being able to delete the data.

It should be noted that the controller may have legal or other rights to not delete the requested data. The controller is obligated to preserve accounting materials for the duration (10 years) set out in the Accounting Act (Chapter 2, Section 10). For this reason, materials related to accounting cannot be deleted before that term has expired.

Withdrawing consent

If the processing of personal data is only based on the data subject’s consent and not for instance on a customer relationship or membership, the data subject may withdraw consent.

The data subject may complain of the decision to the Data Protection Supervisor

The data subject has the right to demand us to restrict the processing of controversial data until the matter is solved.

Right to complain

The data subject has the right to complain to the Data Protection Supervisor if the data subject feels that we are violating the effective data protection regulation when processing personal data.

Contact information of the data protection supervisor:  www.tietosuoja.fi/en/index/yhteystiedot.html

6. Regular information sources

Customer information is regularly obtained for example from:

From data subject during customer interaction in data controller’s business activity, for example over the phone, website and webshop and in customer meetings and events.
From companies providing personal and company data, such as credit rating registers of Suomen Asiakastieto Oy and Tryg Forsikring A/S and project register of RPT Byggfakta Oy.
Cookies and forms of data controller’s website, Google Analytics and Leadfeeder.

7. Regular disclosure of data

We use third party services to process and store information that may contain personal information. However, third parties are purely processors of personal data who have the right to process such data only to the extent required by the agreed services.

8. Duration of processing

We retain personal data no longer than necessary for the described purposes in this notice and/or as required or permitted under applicable laws, to the extent technically possible.

9. Personal data processors

The controller and its employees process personal data. We may also outsource the processing of personal data partly to a third party, in which case we will guarantee with contractual arrangements that personal data is processed in compliance with valid data protection legislation and otherwise appropriately.

10. Transferring data outside the EU

Principally personal data is not transferred outside the EU or the EEA.

If personal data is transferred outside the EU and the EEA, we will safeguard the sufficient level of personal data protection by e.g. agreeing on matters related to the confidentiality and processing of personal data in compliance with legislation.