Privacy Policy
1. Data Controller
Kiuassuola Lumo Oy
-
Business ID: 3497508-4
-
Bastubackantie 213, 10210 Inkoo, Finland
-
Tel: +358 45 102 3288
-
Email: info@kiuassuola.com
2. Contact person for matters concerning the register
Mira Kettunen
-
Email : info@kiuassuola.com
-
Tel: +358 45 102 3288
3. Register name
Kiuassuolan Lumo Oy - Online store and customer register
4. Purpose and legal basis for processing personal data
Personal data is processed for the following purposes:
Online shopping activities (fulfillment of the contract):
-
Receiving and processing orders
-
Product delivery
-
Payment transaction processing
-
Customer service and complaints handling
-
Invoicing and collection
Managing customer relationships (legitimate interest):
-
Customer data maintenance
-
Contact for customer service matters
-
Warranty and maintenance services
Marketing and communications (consent or legitimate interest):
-
Direct marketing (email, telephone, mail)
-
Newsletters and offers
-
Customer satisfaction surveys
-
Product and service development
Legal obligations:
-
Accounting and taxation
-
Consumerism
-
Product safety
The management of the register and the processing of data may be outsourced to a partner of the controller who has committed to complying with this register description.
5. Data content of the register
The online store register may contain the following information:
Basic:
-
Name (first and last name)
-
Date of birth (when purchasing age-restricted products)
-
Telephone number
-
E-mail address
Address information:
-
Billing address
-
Shipping address
-
Possible other delivery addresses
Corporate customers:
-
Company name and business ID
-
Contact information
-
Billing information
-
VAT number
Order and purchase information:
-
Order history
-
Purchased products and services
-
Price information and discounts
-
Payment method and payment information (but not the full credit card number)
-
Delivery information and methods
-
Returns and complaints
Online store usage information:
-
Login information
-
Cart contents
-
Product wishes and favorites
-
Online store usage history
Marketing and communications information:
-
Marketing authorizations and prohibitions
-
Customer satisfaction data
-
Connection log and customer service contacts
Dealer information:
-
Contact information
-
Billing information
-
Information according to the terms of the contract
6. Regular information sources
The information is collected from the following sources:
-
Information provided by the customer in the online store, by phone or by email
-
Order forms and registration information
-
Customer service contacts
-
Website visitor tracking tools and analytics
-
Information about payment processors and logistics partners
-
Publicly available internet sources
-
Public and paid business information sources
7. Regular disclosure of information
Personal data is disclosed as follows:
Service providers and partners:
-
Payment intermediaries (banks, payment systems)
-
Logistics companies and transport companies
-
IT service providers and hosting services
-
Accounting and legal services
-
Marketing and analytics services
Authorities:
-
Finnish authorities in situations required by law
-
Taxpayer to fulfill accounting obligations
-
Customs and other supervisory authorities
Other situations:
-
Mergers and acquisitions
-
Collection agencies for unpaid invoices
8. Transfer of data outside the EU or EEA
As a general rule, personal data is not transferred outside the European Union or the European Economic Area. If a transfer occurs (e.g. cloud services, analytics tools), we ensure that:
-
The transfer is based on an adequacy decision approved by the EU, or
-
Appropriate safeguards are in place (e.g. standard clauses)
-
The data subject has given their explicit consent
9. Principles of register protection
Personal data is kept confidential and protected by appropriate technical and organizational measures:
Technical safeguards:
-
Network and hardware protected by a firewall
-
SSL encryption to protect data transmission
-
Regular security audits and updates
-
Access control and restriction of access rights
-
Regular backups
Organizational safeguards:
-
Staff training on data protection
-
Confidentiality agreements
-
Regular review of user rights
-
Information security incident handling processes
10. Data retention period
Personal data is only retained for as long as is necessary for the purposes of the processing:
-
Customer information: For the duration of the customer relationship and 3 years after its termination
-
Order and payment information: 6 years in accordance with the Accounting Act
-
Marketing information: Until consent is withdrawn
-
Online store usage data: 2 years
-
Complaints and warranty information: Until the end of the warranty period + 1 year
11. Cookies and tracking technologies
Our online store uses cookies and other tracking technologies:
Essential cookies:
-
Shopping cart functionality
-
Retention of login information
-
Secure payment
Functional cookies:
-
Personalization of user experiences
-
Language options and settings
-
Website performance optimization
Analytics and marketing cookies:
-
Analyzing website usage
-
Targeted advertising
-
Social media integrations
The user can manage cookie settings through their browser or through the cookie banner on our site.
12. Rights of the data subject
You have the following rights regarding the processing of your personal data:
Right of inspection:
You can request information about what personal data about you is being processed.
Right to rectification:
You can request correction of incorrect information
Right to erasure:
You can request the deletion of your data in certain situations
Right to restriction of processing:
You can request suspension of processing in certain situations
Right to portability:
You can request your information in a machine-readable format
Right to object:
You can object to processing, especially for direct marketing purposes.
Right to withdraw consent:
You can withdraw your consent at any time.
Right to file a complaint:
You can file a complaint with the Office of the Data Protection Ombudsman.
Please contact us by email at info@kiuassuola.com or by phone at +358 45 102 3288 to exercise your rights.
13. Contact information and further information
If you have any questions about data protection or the processing of personal data, please contact:
Kiuassuola Lumo Oy
-
Bastubackantie 213, 10210 Inkoo, Finland
-
Tel: 045 102 3288
-
Email: info@kiuassuola.com
We reserve the right to update this privacy policy. Changes will be announced on our website.
Privacy policy updated: 30.06.2025