Privacy Policy

In order to serve you to the best of our ability, we need to collect and process some information about you. We value your privacy and are committed to protecting it. This privacy policy contains information about what personal data we collect, the principles by which we process it, and the rights and opportunities you have regarding your information. As the data controller, we particularly process personal data of our client companies’ contacts and other personnel. Personal data includes any information related to an identified or identifiable person, such as name, email address, phone number, or job title.

We process your personal data in accordance with this privacy policy and applicable legislation, so we ask you to read this privacy policy carefully. We may also make updates to the privacy policy as our operations evolve or as the legislation changes.

By using our services, website, or contacting us, you agree that we process your personal data in accordance with this privacy policy.

1. Register Name

Elstor Oy Customer Register

2. Register Administrator

Elstor Oy, Business ID: 2841894–3

The data controller in relation to the processing of personal data described in this privacy policy is Elstor Ltd (also referred to as “Company” or “we”).

3. Register Processors

Only those employees of the data controller who have the right to process customer data as part of their job are entitled to use systems containing customer information. Each user has their own username and password.

4. Purpose of the Register

We collect, store, and process your personal data for predefined purposes. The main purposes include:

  • Targeting our services to you
  • Fulfilling our contractual obligations
  • Meeting legal obligations and requirements
  • Customer communication
  • Responding to contact requests
  • Developing our business

5. Personal Data Stored in the Register

We primarily collect personal data about you during your contacts with us or later during the use of our services. For new customers, we may also collect information from LinkedIn or other online services of potential client companies or by using tools for new customer acquisition. Additionally, we may collect information from public sources and registers, such as the Business Information System (YTJ). We also collect visitor data to our website using Google Analytics to analyze and improve our site.

The collected data significantly comes from our website and forms located on it. The customer information we have consists of data collected for the purpose of managing customer affairs, including the customer’s name, email, and phone number. During the customer relationship, information is also collected, primarily related to client companies. We use customer marketing tools that gather information. These tools have privacy practices, and the use of customer marketing programs always requires a username and password (authorization).

6. Processing of Personal Data

We ensure that we always have a legal basis for processing your personal data. We may process your data on several legal bases, including the performance of a contract, compliance with legal obligations, legitimate interests, and consent.

7. Data Disclosure

In general, your personal data is processed by employees of our company as part of their duties. We may also outsource some processing of personal data, such as the use of data storage and processing systems. In such cases, we ensure through contracts that the confidentiality of your data is maintained and that the data is processed lawfully.

We may disclose information when required by law, court order, or competent authority. We may also disclose your information if we are involved in a corporate or business transaction.

Your personal data is not typically transferred outside the EU.

8. Register Retention

We do not retain your personal data longer than necessary for its purpose or as required by contract or law. However, the retention periods may vary depending on the purpose and situation.

9. Register Security

Your data is stored on our service provider’s servers, protected according to industry standards. The personal data we collect and process is kept confidential and is not disclosed to anyone other than those who need it for their work or on a confidential and limited basis through service contracts to our customers. Access to personal data is protected by user-specific usernames, passwords, and access rights.

10. Register Destruction

Documents containing customer information are properly destroyed after processing.

11. Rights of the Data Subject

You have the right to check the information stored about you in the register free of charge. You also have the right to request the deletion of your personal data from the register. If there are errors in the information, you can request correction by contacting the register administrator in writing. You can also restrict the use of your data. Requests for deletion, correction, limitation, and restriction must be made in writing and signed to the register administrator.

Withdrawal of Consent: If we process your data based on your consent, you can withdraw the consent at any time by notifying us in writing via email.

Access to Information: You have the right to confirmation of whether we process personal data about you and to know what personal data we process. You also have the right to obtain additional information about the processing of your personal data.

Right to Rectification: You have the right to request the correction of inaccurate, outdated, or incomplete personal data.

Direct Marketing Opt-Out: You have the right to prohibit the use of your data for direct marketing purposes.

Right to Object: You can object to the processing of your personal data if you believe that your data has been processed unlawfully.

Right to Restrict Processing: In certain situations, you have the right to request the restriction of the processing of your personal data.

Right to Data Portability: If we process your data based on your consent or to fulfill a contract, you have the right to receive your data in a commonly used electronic format for transfer to another service provider.

To exercise these rights or for matters related to opting out of direct marketing, you should contact the register administrators.

12. Additional Information on Privacy

The data controller complies with the regulations and norms regarding the retention of personal data and continuously reviews and improves practices related to the above issues.

Mandatory Information and Consequences of Not Providing Information

Providing information is voluntary, especially for potential customers. For potential customers, we usually request on our website the name, phone number, email address, and a brief description of the need. Providing and processing personal data is partially mandatory, as we may need information to the extent that we can determine whether we are eligible to accept a new assignment.

Use of Cookies on the Website

We use cookies on our website to provide the best possible user experience for site visitors. Cookies are short text files that the web server stores on the user’s device. Cookies provide us with information on how users use our website. We may use cookies to develop our services and website, analyze website usage, and target and optimize marketing. The website user can give consent or deny the use of cookies through the settings of their web browser. Most web browsers allow cookies by default. Note that blocking cookies may limit the functionality of our website.

Data Controller

Contact Information:

Elstor Oy

 Tuotantokatu 2

53850 Lappeenranta

Kari Suninen