Privacy policy

Prepared on: 9 May 2025

This is the privacy policy of Höyrylöyly Oy in accordance with the Finnish Personal Data Act (Sections 10 and 24) and the EU General Data Protection Regulation (GDPR). This privacy policy explains how Höyrylöyly Oy processes the personal data of its customers.

This privacy policy describes what personal data we collect about our customers, for what purposes the data is used, and how the collected data is protected. Please note that by making a purchase and/or subscribing to our newsletter, you give your consent to the storage and processing of your personal data.

Providing contact and payment information is mandatory when making a purchase from the Höyrylöyly online store.

We reserve the right to amend and update this privacy policy.

1. Data Controller

Höyrylöyly Oy (Business ID: 2777373-2)
Maansfolkintie 27
68820 Ähtävä
Finland
Email: info@hoyryloyly.fi
Phone: +358 40 350 0211

2. Contact Person Responsible for the Register

Lasse Linnanmäki
Höyrylöyly Oy
Email: info@hoyryloyly.fi
Phone: +358 40 350 0211

3. Name of the Register

Customer Register of Höyrylöyly Oy

4. Purpose of Processing Personal Data

Personal data is processed for the purpose of maintaining customer relationships, processing orders, invoicing, improving the user experience of the online store, performing analytics, and preventing misuse. Data may also be used for communications related to the operations of Höyrylöyly Oy, provided that the customer has given consent. Customers have the right to prohibit the use of their personal data for direct marketing purposes.

5. Data Content of the Register

The register may contain the following information: name of the customer or company/organization, business ID, address details, phone number, email address, marketing consent information, payment and invoicing details, and other information related to orders and deliveries. A personal identity code may be required for customer identification when entering into a credit agreement.

When subscribing to our newsletter or responding to customer surveys, we collect the following data: name, email address, and language.

In addition, we collect observed and analytics-derived data related to the use of the online store service, such as browsing data and device identifiers (see section “Use of Cookies” below).

6. Regular Sources of Data

The primary source of data is the user themselves. Data is obtained from the customer during online store orders, via email or telephone, or when a purchase agreement is concluded through other means. We aim to clearly indicate which data is mandatory for entering into an agreement and which data can be provided voluntarily.

7. Regular Disclosure of Data

Personal data is used solely for managing customer relationships. We may disclose necessary information to third parties, such as payment service providers, credit providers for installment payments, logistics partners to ensure delivery, or analytics and statistics partners for analytical purposes. Data may also be disclosed to authorities as required by law.

8. Transfer of Data Outside the EU or EEA

Personal data is not transferred outside the European Union or the European Economic Area.

9. Data Retention

Höyrylöyly Oy retains customer data for the duration of the customer relationship. At the customer’s request, personal data concerning them may be deleted from the register. However, for completed orders, order, payment, and invoicing data must be retained in accordance with the Finnish Accounting Act (1997/1336, Section 10).

10. Use of Cookies

We use cookies and similar technologies. Cookies are used to collect information about visitor traffic and to improve the user experience on the user’s computer. Cookies and other identifiers have a defined validity period, after which the browser deletes them.

We collect visitor data through cookies for analytics and personalization purposes in cooperation with third parties. The data used is anonymized. We use Google Analytics for website analytics. More information about Google Analytics data processing can be found in Google’s privacy documentation.

11. Data Protection Principles and Security Measures

Due care is exercised in the processing of the customer register, and the data is appropriately protected. Customer data is stored in a secure electronic database that requires a username and password for access. User access to the customer register is granted only by the system administrator, who also defines the level of access rights.

The customer register is processed confidentially. Only Höyrylöyly Oy employees whose duties require it and who are bound by confidentiality obligations have access to the data. Customer data is stored electronically, and unnecessary paper printouts are destroyed appropriately.

12. Right of Access and Right to Rectification

Customers may request a compiled file of their personal data, including all personal data they have provided to us. Requests can be made by contacting us via email. Customers may also request the deletion or modification of their personal data. In addition, customers have the right to prohibit the processing of their data for marketing purposes. Requests to restrict data processing must be submitted by email to the contact person responsible for the register.

The right to deletion does not apply to personal data that must be retained for administrative, legal (such as accounting obligations), or data security reasons.

13. Contact Information

You may contact us by email at info@hoyryloyly.fi or, if necessary, by phone at +358 40 350 0211.