Virkistyspäivät ja pikkujoulut tulossa? Yhdessä kohti hyvinvointia ja hauskanpitoa!

Privacy policy

1. Registrar

Lapin Väki Oy

Suosiolantie 5
96100 Rovaniemi

y-tunnus 3150849-9


2. Person of Contact

Antti Väisänen, antti@vaki.fi


3. Name of the Register

Customer data register based on the customer relationship with Lapin Väki Oy and other relevant interactions.


4. Where we use your information?

  • Management, analysis and development of customer, member and partner relationships
  • Provision and development of products and services
  • Delivery, processing and archiving of orders
  • For analytical and statistical purposes
  • Implementation and monitoring of customer, member and marketing communication
  • Processing, analysis and statistics of customer feedback, customer inquiries and research results
  • Prevention and investigation of misuse and problems

In accordance with the EU General Data Protection Regulation, the legal basis for processing personal data must be one of the following:

  • Individual's consent
  • Contract
  • Legal obligation
  • Legitimate interes


5. What do we collect?

The register may contain the following information and changes to it:

Basic customer information

  • Name information
  • Contact information (postal address, email addresses, phone numbers)
  • Gender
  • Date of birth
  • For business customers, information about the contact person's profession or position within the company
​​​​​​​Unique customer identifiers
  • Personal identity number
  • Customer number
  • Registration information for the data controller's services (e.g., usernames and passwords for the online store and background system service)

Identifiers used in targeted marketing

Information related to customer relationships, other professional relationships, and the use of services and content, such as:

  • Purchase information, including information about purchased products and services, including product warranty information, as well as necessary information regarding payment, invoicing, and debt collection, such as credit card information
  • Information related to the use of products
  • Feedback and complaints
  • Information about attendees of events and trainings
  • Location data (if the customer has given explicit consent)
  • Browsing data and other information related to the use of the data controller's electronic services and content, including technical data sent by the data subject's browser to the data controller's server (IP address, browser) as well as cookies sent to the data subject's browser and related information, if personal data is linked to cookies
  • Information related to marketing and sales promotion, such as marketing measures targeted at the data subject, their utilization, and information provided in connection with them, as well as direct marketing consents and prohibitions
  • Recordings of customer service calls and customer service-related emails and online discussions, for example, in social media channels.


6. Regular data sources

  • Customer data is collected at various touchpoints, including: upon entering into an agreement; through the service's information section; during the use of our products and services; in customer service interactions; and when the customer participates in product or service development, research, or surveys.
  • In addition, personal data may be collected and updated from other registers held by the data controller and its affiliates, as well as from public authorities and private companies providing personal data services, such as the population register and other similar registers.


7. How we use cookies?

  • We use cookies and similar technologies, such as local storage, to provide and improve our services. We also use cookies to personalize content and target advertising. Cookies allow us, for example, to provide more up-to-date and personalized services by displaying content based on the user's interests. They also enable features such as login and authentication, saving personal settings and preferences, and analyzing the performance of our websites. When you use our online services, they collect data such as your IP address, the links you click, the ads or other content you have viewed, the page you came from and when you visited, the time of your browsing, your browser or application type, and other similar information.
  • You can control the use of cookies through your browser settings. For more information on cookies, please refer to the privacy or help documentation of your browser. Certain features of the services depend on cookies, so blocking and deleting cookies (browser and other choices) may negatively affect the functionality and user experience of that particular web or mobile app service.


8. Sharing your personal data

Personal data may only be disclosed within the limits permitted and required by applicable legislation and in the manner required by competent authorities. The data controller may share your personal data with carefully selected third parties for joint or independent direct marketing purposes. Data may only be shared for such purposes if the intended use by the third party is not contrary to the purposes defined in this data controller's privacy statement.

The data controller may, at its discretion, share the personal data of participants in the data controller's events with other participants in the event, if this is appropriate in view of the nature of the event.

The data controller may transfer data to its own direct marketing register after the termination of a relevant relationship, within the limits permitted by law.

The data controller may share your personal data with third parties who provide services to the data controller. These services may include, for example, customer service, software services, research, marketing, and event production. The data controller may share your personal data for the purpose of collecting payments for products and services, and may, for example, transfer or sell unpaid invoices to third parties providing debt collection services.

The protection of your personal data is important to us, which is why we do not allow these parties to use the data for any purpose other than providing these services, and require the parties to protect the user's personal data in accordance with this privacy statement and applicable legislation.

As a rule, personal data is not disclosed for purposes other than those mentioned above. However, the data controller is entitled to disclose personal data in accordance with the law, for example, in connection with the sale of a business. In addition, the data controller may disclose data for statistical and analytical purposes, provided that the data disclosed cannot be linked to an individual.


9. Are we transferring your personal data to a country outside the EU?

When providing its services, the Data Controller may utilize resources and servers located in various parts of the world. As a result, the Data Controller may transfer your personal data outside the country where the services are used and potentially to countries outside the EU, which may have different data protection laws.

In such cases, the Data Controller ensures that there is a legal basis for the data transfer and that the user's personal data is protected, for example, by using (if necessary) standard contractual clauses approved by the relevant authorities and requiring compliance with appropriate technical and organizational security measures.


10. How long we save your data?

We retain your data for at least the duration of our customer relationship. After the termination of the customer relationship, the retention period depends on the specific data and its purpose. For example, identification data will be retained for five years after the termination of the customer relationship, and data on potential customers is generally retained for six months from the date of collection. We comply with all legal obligations regarding data retention.

We strive to ensure that the personal data we hold is accurate and up-to-date by removing unnecessary data and updating outdated information. However, we encourage you to periodically review the accuracy of your information.


11. How your information is protected?

We protect your personal data with the utmost care by using appropriate data protection and security measures. These measures include proactive and reactive risk management, the use of firewalls, encryption techniques, secure physical facilities and access control and security systems, security design, managed access rights granting and monitoring, ensuring the competence of personnel involved in the processing of personal data through training and assessments, 1 and the careful selection of subcontractors. We continuously update our internal practices and guidelines as appropriate.


12. Your rights as our customer

We are committed to processing data in accordance with data protection regulations and offer our users the following choices and control options regarding data privacy:

Opt-out of direct marketing
Users have the right to refuse the disclosure and processing of their data for direct marketing, distance selling, and other direct marketing purposes by contacting our customer service.

Data inspection
Users have the right to inspect the personal data stored about them. Upon a user's request, we will correct, delete, or supplement personal data that is inaccurate, unnecessary, incomplete, or outdated for the purpose of processing. Users can update and/or inspect their personal data by contacting our customer service.

Blocking cookies
Users have the option to block the use of cookies by changing their browser settings. Blocking cookies may affect the functionality of our services.

Clearing cookies
Users can clear cookies from their browser settings. By clearing cookies regularly, users change the identifier on which a profile is created about them. However, clearing cookies does not completely stop data collection, but rather resets the profile based on previous behavioral data.

Consent to location data use
Users can give their consent to the use of location data from the device and application settings. Users can also revoke their consent at any time using the settings.

14. Update of the Register

We continuously develop our services and reserve the right to modify this privacy policy by notifying you within our services. Changes may also be based on changes in legislation. We recommend that you review the contents of the privacy policy regularly